ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How do I add a custom plugin to the CAS?

book

Article ID: 173117

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

How to add a custom python script to the plugins on the CAS device.

A virtual CAS does not have malware analysis hardware and will not be able to support plugins.

Resolution

Using SSH or a console connection, log into the CLI of the CAS.

Create an auth token from the CAS with the command:

  • ma-actions api-key create user admin role administrator

*** NOTE: You will want to store this key as there is no way to recover it, you can only create new ones. ***

Once you have the auth token, you can generate the POST using curl with the command:

  • curl -k -X POST --form [email protected]_filename.py --form owner=_SYSTEM_ --form resource_magic=system:plugin:ivm -H 'X-API-TOKEN: your_auth_token' https://your-cas-ip:8082/rapi/samples/resources

Replace:

  1.   "plugin_filename" with the name of your plugin file.
  2.   "your_auth_token" with the token generated earlier in the process
  3.   "your-cas-ip" with the IP address of your CAS

Once you run this command you should see a succesfull JSON response.

After recieving the successful JSON response you will find your custom plugin in the plugin management section of the CAS (Malware Analysis -> Task Settings -> Plugins)