This rule will detect a file upload to the c:\ftproot\test\uploads folder by a user named user, and will execute the 'Transfer File' target to send the file to another server.
While it has been possible to send files using the 'Launch an Executable' Event Rule Action for some time, it requires installing or building your own executable (typically cURL.exe) in order to do so. Furthermore, logging and error messages are often difficult to capture.
With this feature, there is integrated functionality making it easy to send a file and capture any messages directly within Cerberus.
Add the Event Target
To use the new functionality, start by creating a new Event Target and select Transfer File Target. See the ‘Add a New Transfer File Event Target’ screenshot below
Add the Transfer File Target
Add information describing the server and user in the Transfer File Target panel. Refer to ‘The Transfer File Event Target’ screenshot below
- Select the Protocol you want to use. Currently, we support FTP, FTPS, SFTP, and HTTP/S PUT. Depending on the selected Protocol, certain options are available. For example, when FTP is selected, you can force upgrading to encrypted SSL channels by clicking Require SSL.
- When checked, Verify Remote Certificate will ensure that the host’s certificate and peer chain are valid; this option is available whenever a SSL channel is used, but not for unencrypted FTP or SFTP.
- The Server and optional Path settings tell the system which server to contact and where to send the file.
- Username is always required while Password is optional (in the case that you are using Certificates/Public Key authentication).
- Unlike other SFTP clients, you will need to enter both a public (Client Certificate) AND a private key. If you are doing public/private key pair authentication, the private key is used for authentication. The public key (Client Certificate) verifies the server and is also required. This is a bit different that using a standard client implementation, like WinSCP or Filezilla.
- Public Key files (Client Certificate) should be in SSH Public Key Format, Private Keys should be in PEM format. If the private key is encrypted, check the Needs Key Password setting and enter the password. It is possible to use both username/password and certificates/public key to provide two-factor authentication. Please note, each server may handle client certificates differently, but often the username must match the certificate CN.
You can use PuTTYgen to create the key pair:
Generate key pair:
Copy and paste the key information to a new text file and save as XYZ.pub
Save Private Key to <filename>.ppk (just to have a copy)
Go To 'Conversions' > 'Export OpenSSH key'. Save as <filename>.pem
Don't save the public key out of PuttyGen, it saves it in the wrong format; you have to copy and paste the data manually.
Click the Test button to verify that Cerberus is able to connect to the server and login; it doesn’t actually transfer a file, but it’s a good starting point for verifying that your Target is configured properly.
If you have problems connecting, go to the Log screen in the user interface, enable Debug Mode by clicking on the ‘bug’ icon, and test again. The log will now have detailed information about the connection and may provide some clues (ie. warnings/error messages) as to what changes you need to make to successfully complete the connection.
The Transfer File Event Target
Adding the New Rule
Once you can connect to your server, click Update and move on to the 'Event Rules' tab. This example describes a rule that transfers a file in response to an incoming 'File Transfer Event.'
- Go to the Event Rules page of the Event Manager
- Click the New button. The Add A New Event Rule dialog will appear.
- Select the File Transfer Event Rule Type for your new rule. This event type will cause the rule to be triggered whenever a file transfer takes place.
- Enter a name for your rule in the Rule Name edit box. For example, 'Forward Uploaded File'.
- Press the Add a New Rule button on the Add A New Rule dialog to save and add the new Event Rule. The event rule will be selected and ready for editing on the Edit Rules page.
Adding the Rule Conditions
Select the Match If All Filters Match mode. Selecting this option means that this rule will only be triggered whenever the rule’s event occurs and if all of the conditions listed are fulfilled.
To prevent the system from sending every incoming file, click New button to add a condition and set the Variable to '{{LPNT}} Local File Parent Directory', Comparison to 'Equals' and Value to a new directory like 'c:\ftproot\test\uploads' that you create in your path. Click the Add button.
Adding the Rule Actions
Add a new action and select Send a File and in the Using drop-down select the Event Target created in the Event Targets step. See the ‘Send a File Event Action’ screenshot below.
Since the action is sending a file that just came in, we can set File Path From to {{LFP}} which is a variable representing the 'Local File Path.' And for File Path To, we can select {{LFN}} which is just the filename part of the incoming file.
Clicking Add will complete the Rule and show a summary like:
Send file to 'ftp://user@example.com/newfolder/{{LFN}}' from '{{LFP}}'
Send a File Event Action
Test the transfer by uploading a file to the directory 'test\uploads' and verify that it is transferred to the remote server and placed in the 'newfolder' directory with the same filename as your original file.
If you have any issues, make sure DEBUG is enabled in the Log as discussed above, trigger the transfer, and look at the debugging and error messages.
Comments
0 comments
Article is closed for comments.