This rule will detect a file upload to the c:\ftproot\test\uploads folder by a user named user, and will execute the 'Transfer File' target to send the file to another server.
Add the Event Target
To use the new functionality, start by creating a new Event Target and select Transfer File Target. See the ‘Add A New Event Target’ screenshot below
Add the Transfer File Target
Add information describing the server and user in the Transfer File Target panel. Refer to the 'Transfer File Target’ screenshot below
The Transfer File Event Target
- Label Give the target a descriptive label so you know what it's for
- Protocol Select the Protocol you want to use. Currently, we support FTP, FTPS, SFTP, and HTTP/S PUT/GET. Depending on the selected Protocol, certain options are available. For example, when FTP is selected, you can force upgrading to encrypted SSL channels by clicking Require SSL.
- When checked, Verify Remote Certificate will ensure that the host’s certificate and peer chain are valid; this option is available whenever a SSL channel is used, but not for unencrypted FTP or for SFTP.
- Server which server to contact
- optional Path where to send the file (if you don't want to place the files in root directory). Simply leave blank if the files will drop into the root directory the user has access to.
- Username (always required)
- Password (Only required if you are doing 'password' or 'password and public/private key authentication')
-
Public Path/Private Key Path (Only required if you are doing 'public/private key authentication' OR 'password and public/private key' authentication. Unlike other SFTP clients, you will need both a private key AND a public key. This is different from using a standard client implementation, like WinSCP or Filezilla, where only the private key is required.
- Public Key should be in SSH Public Key Format
- Private Key should be in PEM format. If the private key is encrypted, check the Needs Key Password setting and enter the password.
Note: It is possible to use both username/password and certificates/public key to provide two-factor authentication.
How to Generate a public/private key pair for SSH SFTP Authentication:
You can use PuTTYgen to create the key pair:
PuTTYgen download and install
PuTTYgen is normally installed as part of the normal PuTTY .msi
package installation. There is no need for a separate PuTTYgen download. Download the PuTTY installation package. For detailed installation instructions, see PuTTY installation instructions.
Running PuTTYgen
Go to Windows Start menu → All Programs → PuTTY → PuTTYgen.
Creating a new key pair for authentication
To create a new key pair, select the type of key to generate from the bottom of the screen (using SSH-2 RSA
with 2048 bit key size is typical).
Click Generate, and start moving the mouse within the Window. Putty uses mouse movements to collect randomness. The exact way you are going to move your mouse cannot be predicted by an external attacker. You may need to move the mouse for some time, depending on the size of your key. As you move it, the green progress bar should advance.
Once the progress bar becomes full, the actual key generation computation takes place. This may take from several seconds to several minutes. When complete, the public key should appear in the Window. You can now specify a passphrase for the key.
You should save the private key by clicking Save private key to <filename>.ppk (You will NOT use this. This is just to have a copy in case you need to recreate your supported public key).
Save the Private Key:
Go To 'Conversions' > 'Export OpenSSH key'. Save the private key as <filename>.pem
Save the Public Key:
In order to save the public key in the right format, you must copy the public key code from the 'Public key for pasting into OpenSSH authorized_keys file' section and paste the data manually into a text editor like Notepad. Save the file as <filename>.pub. Do not use the 'Save public key' button! It will create the public key in the wrong format and your connection will fail.
Point the Public Key Path field to the .pub key file you created
Point the Private Key Path field to the .pem key file you created
Click the Test button to verify that Cerberus is able to connect to the server and login; it doesn’t actually transfer a file, but it’s a good starting point for verifying that your Target is configured properly.
If you have problems connecting, go to the Log screen in the user interface, enable Debug Mode by clicking on the ‘bug’ icon, and test again. The log will now have detailed information about the connection and may provide some clues (ie. warnings/error messages) as to what changes you need to make to successfully complete the connection.
Create the 'Send A File' Rule
Add the New Rule
Once you can connect to your server, click Update and move on to the 'Event Rules' tab. This example describes a rule that transfers a file in response to an incoming 'File Transfer Event.'
- Go to the Event Rules page of the Event Manager
- Click the New button. The Add A New Event Rule dialog will appear.
- Select the File Transfer Event Rule Type for your new rule. This event type will cause the rule to be triggered whenever a file transfer takes place.
- Enter a name for your rule in the Rule Name edit box. For example, 'Forward Uploaded File'.
- Press the Add a New Rule button on the Add A New Rule dialog to save and add the new Event Rule. The event rule will be selected and ready for editing on the Edit Rules page.
Add the Rule Conditions
Select the Match If All Filters Match mode. Selecting this option means that this rule will only be triggered whenever the rule’s event occurs and if all of the conditions listed are fulfilled.
To prevent the system from sending every incoming file, click New button to add a condition and set the Variable to '{{LPNT}} Local File Parent Directory', Comparison to 'Contains' and Value to a directory path like 'ftproot\test\uploads' that you create in your path. Click the Add button.
Click New button to add a condition and set the Variable to '{{D}} Download', Comparison to 'Equals' and Value to 'False', meaning trigger on an upload. Click the Add button.
Click New button to add a condition and set the Variable to '{{S}} Success', Comparison to 'Equals' and Value to 'True', meaning only trigger on a successful upload. Click the Add button.
Add the Rule Actions
Add a new action and select Send a File in the 'Action' drop down. In the Using drop-down, select the Event Target created in the Event Targets step. See the ‘Send a File Event Action’ screenshot below.
Since the action is sending a file that just came in, we can set File Path From to {{LFP}} which is a variable representing the 'Local File Path.' And for File Path To, we can select {{LFN}} which is just the filename part of the incoming file.
Clicking Add will complete the Rule and show a summary like:
Send file to 'ftp://user@example.com/newfolder/{{LFN}}' from '{{LFP}}'
Send a File Event Action
Test the transfer by uploading a file to the directory 'test\uploads' and verify that it is transferred to the remote server and placed in the 'newfolder' directory with the same filename as your original file.
If you have any issues, make sure DEBUG is enabled in the Log as discussed above, trigger the transfer, and look at the debugging and error messages.
Comments
0 comments
Article is closed for comments.