Page Comparison

...

Expand

title	Troubleshooting

Error type	Error ID	Error message	Cause	Solution
`InitVariablesError`	`1`	`Devo tag is the required field for sending events to Devo. Specify it in collector definitions`	This error is raised when `devo_tag` property is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`2`	`Required setting. devo_tag is not of expected type: str`	This error is raised when `devo_tag` is defined in `collector_definitions.yaml` but the format is not `str`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`3`	`Optional setting, override_devo_tag not of expected type: str`	This error is raised when optional value `override_devo_tag` added in `config.json` is not of type `str`.	Edit the value of `override_devo_tag` in `config.json` so it is of type `str`. Or leave it empty so it takes the default value.
`InitVariablesError`	`4`	`GraphQL query is the required field for querying issues from Wiz. Specify it in collector definitions`	This error is raised when `graphql_query` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`5`	`Required setting. graphql_query is not of expected type: str`	This error is raised when `graphql_query` defined in `collector_definitions.yaml` is not of type `str`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`6`	`user_agent is the required field for passing in headers of Wiz API calls. Specify it in collector definitions`	This error is raised when `user_agent` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`7`	`Required setting. user_agent is not of expected type: str`	This error is raised when `user_agent` defined in `collector_definitions.yaml` is not of type `str`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`8`	`Optional setting, flatten_data not of expected type: bool`	This error is raised when the optional value `flatten_data` defined in `config.json` is not of type `bool`.	Edit the value of `flatten_data` in `config.json` so it is of type `bool`. You can also remove `override_flatten_data` parameter from `config.json` so it takes the default value.
`InitVariablesError`	`9`	`Optional setting, requests_per_second not of expected type: int`	This error is raised when the optional value `requests_per_second` defined in `config.json` is not of type `int`.	Edit the value of `requests_per_second` in `config.json` so it is of type `int`. Or leave it empty so it takes the default value.
`InitVariablesError`	`10`	`Required setting. requested_page_size_in_items is not of expected type: int`	This error is raised when `requested_page_size_in_items` defined in `collector_definitions.yaml` is not of type `int`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`11`	`access_token_timeout is the required field for checking if the token is expired. Specify it in collector definitions`	This error is raised when `access_token_timeout` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`12`	`Required setting. access_token_timeout is not of expected type: int`	This error is raised when `access_token_timeout` defined in `collector_definitions.yaml` is not of type `int`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`13`	`default_historic_days is the required field in case historic_date_utc is not specified. Specify it in collector definitions`	This error is raised when `default_historic_days` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`14`	`Required setting. default_historic_days is not of expected type: int`	This error is raised when `default_historic_days` defined in `collector_definitions.yaml` is not of type `int`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`15`	`api_url_regex is the required field for validating the base url. Specify it in collector definitions`	This error is raised when `api_url_regex` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`16`	`Required setting. api_url_regex is not of expected type: str`	This error is raised when `api_url_regex` defined in `collector_definitions.yaml` is not of type `str`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`17`	`historic_date_time_format is the required field for validating datetime format. Specify it in collector definitions`	This error is raised when `api_url_regex` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`18`	`Required setting. historic_date_time_format is not of expected type: str`	This error is raised when `api_url_regex` defined in `collector_definitions.yaml` is not of type `str`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`19`	`api_base_url not of expected type: str`	This error could be raised for two reasons: `api_base_url` defined in `collector_definitions.yaml` is not of type `str`. `override_api_base_url` defined in `config.json` is not of type `str`.	Solutions for both cases, respectively: This is an internal issue. Contact with Devo Support team. Edit the value of `override_api_base_url` in `config.json` so it is of type `str`. Or remove the parameter definition, so it takes the default value.
`InitVariablesError`	`20`	`api_base_url must match regex: <regex>`	This error could be raised for two reasons: `api_base_url` defined in `collector_definitions.yaml` does not match the required regex. `override_api_base_url` defined in `config.json` does not match the required regex.	Solutions for both cases, respectively: This is an internal issue. Contact with Devo Support team. Edit the value of `override_api_base_url` in `config.json` so it matches the indicated regex. Or remove the parameter definition so it takes the default value. If default value was used it is an internal issue, so contact with Devo Support team.
`InitVariablesError`	`21`	`Required setting, credentials not found in user configuration`	This error is raised when the required property `credentials` is not found in `config.json`.	Add `credentials` dictionary in `config.json`, including `client_id` and `client_secret` fields.
`InitVariablesError`	`22`	`Required setting, credentials not of expected type: dict`	This error is raised when `credentials` is defined in `config.json` but the format is not `dict`.	Edit the value of `credentials` in `config.json` so it is of type `dict`.
`InitVariablesError`	`23`	`Required setting, client_id not found in user configuration`	This error is raised when the required property `client_id` is not found in `config.json`, into `credentials` dictionary.	Add `client_id` property in `config.json`, into `credentials` dictionary.
`InitVariablesError`	`24`	`Required setting, client_id not of expected type: str`	This error is raised when `client_id` is defined in `config.json` but the format is not `str`.	Edit the value of `client_id` in `config.json`, into `credentials` dictionary, so it is of type `str`.
`InitVariablesError`	`25`	`Required setting, client_secret not found in user configuration`	This error is raised when the required property `client_secret` is not found in `config.json`, into `credentials` dictionary.	Add `client_secret` property in `config.json`, into `credentials` dictionary.
`InitVariablesError`	`26`	`Required setting, client_secret not of expected type: str`	This error is raised when `client_secret` is defined in `config.json` but the format is not `str`.	Edit the value of `client_secret` in `config.json`, into `credentials` dictionary, so it is of type `str`.
`InitVariablesError`	`27`	`Required setting, historic_date_utc not of expected type: str`	This error is raised when the optional value `historic_date_utc` defined in `config.json` is not of type `str`.	Edit the value of `historic_date_utc` in `config.json` so it is of type `str`. Or leave it empty so the collector starts pulling data N days ago at the current time.
`InitVariablesError`	`28`	`Time format for historic date must be <time_format>. e.g. 2022-02-15T14:32:33.043Z`	This error is raised when the optional value `historic_date_utc` defined in `config.json` does not match the indicated format.	Make the value of `historic_date_utc` in `config.json` match the indicated format. Or leave it empty so the collector starts pulling data N days ago at the current time.
`InitVariablesError`	`29`	`historic datetime cannot be greater than the present UTC time`	This error is raised when the optional value `historic_date_utc` defined in `config.json` is higher than the current time. Time is indicated in UTC time.	Make the value of `historic_date_utc` in `config.json` be a past value in UTC time. Or leave it empty so the collector starts pulling data N days ago at the current time.
`SetupError`	`100`	`Error occurred while requesting access token from the Wiz server. Error message: <error_message>`	This error is raised when a generic error occurs during the request to get the token to authenticate the collector in the API.	This is an internal issue. Contact with Devo Support team.
`SetupError`	`101`	`The credentials provided in the config file are incorrect. Please provide the correct credentials.` `Status code: 401` `Error type: <error_type>` `Error message: <error_message>`	This error is raised when the credentials provided in `config.json` are not valid. (401 Unauthorized error)	Add the correct `client_id` and `client_secret` fields in `config.json`, at `credentials` property.
`SetupError`	`102`	`The credentials provided in the config file does not have necessary permissions to create access token.` `Status code: 403` `Error type: <error_type>` `Error message: <error_message>`	This error is raised when the credentials provided in `config.json` are valid, but the credentials used to access the API have no permissions to create a token. (403 Forbidden error)	Add some credentials in `config.json` with enough privileges to create a token from the API.
`SetupError`	`103`	`The requested URL <URL> is not found. The URL may have been deprecated.` `Status code: 404` `Error message: <error_message>`	This error is raised when the credentials provided in `config.json` are valid, but the authentication endpoint that is being requested to get a token is not found.	This is an internal issue. Contact with Devo Support team.
`SetupError`	`104`	`Unexpected error occurred while getting access token from the Wiz server` `Status code: <status_code>` `Error message: <error_message>`	This error is raised when the credentials provided in `config.json` are valid, but an unexpected response has been returned from the API.	This is an internal issue. Contact with Devo Support team.
`SetupError`	`105`	`The credentials does not have valid permissions to fetch issues from the Wiz server`	This error is raised when the credentials provided in `config.json` are valid, but the credentials used have no permissions to access the API endpoint to get issues.	Check that the provided credentials have enough permission to retrieve issues from the API.
`SetupError`	`106`	`Failed to check if the provided credentials have valid permissions.` `Error message: <error_message>`	This error is raised when the credentials provided in `config.json` are valid, but there was an error in the process of checking if the provided credentials have permission to get issues.	This is an internal issue. Contact with Devo Support team.
`PullError`	`300`	`Error occurred while requesting issues from the Wiz server. Error message: <error_message>`	This error is raised when a generic error occurs during the request to get issues from the API.	This is an internal issue. Contact with Devo Support team.
`PullError`	`301`	`The token used to make this request is not valid anymore.` `Status code: 401` `Error message: <error_message>`	This error is raised when the token being used to make requests to the API is not valid anymore.	Check if the credentials need to be renewed. Add some valid credentials in `config.json`. If credentials are still valid, contact with Devo Support team.
`PullError`	`302`	`The access token does not have necessary permissions to fetch issues from Wiz.` `Status code: 403` `Error message: <error_message>`	This error is raised when the token being used to make requests to the API is valid, but it lost permissions to get issues from API.	Check what happened with credential permissions. Add some credentials in `config.json` with permissions to get issues. If credentials are valide and still have permissions, contact with Devo Support team.
`PullError`	`303`	`The requested URL <URL> is not found. The URL may have been depreciated` `Status code: 404` `Error message: <error_message>`	This error is raised when the token being used to make requests to the API is valid, but cannot find the endpoints to get issues.	This is an internal issue. Contact with Devo Support team.
`PullError`	`304`	`The server has returned <status_code> status code. The server may not be available for fetching issues. Try after sometime. Error message from server: <error_message>`	This error is raised when the token being used to make requests to the API is valid, but there has been an error on Wiz's API.	The error is on Wiz’s side. Wiz can be contacted for more info. It should work again when the incident at Wiz is solved.
`PullError`	`305`	`Unexpected error occurred while getting issues from the Wiz server` `Status code: <status_code>` `Error message: <error_message>`	This error is raised when the token being used to make requests to the API is valid, but there has been an unexpected return from the API.	This is an internal issue. Contact with Devo Support team.
`PullError`	`306`	`After <retry_count> retries still getting the too many requests error.`	This error is raised when the token being used to make requests to the API is valid, but we are constantly receiving a `429` error response (too many requests)	Check throttle limitations on Wiz API and change the value of `request_period_in_seconds` and xxxxxxxx from `config.json` to adapt to it.

Custom Service

Expand

title	Devo categorization and destination

All events of this service are ingested into the table my.app.wiz.custom_query by default. You need to provide override_tag if you need to change it.

Expand

title	GraphQL queries whose parsers are deployed

CloudEventsQuery
- Override Devo tag : cspm.wiz.cloud_event.default
- filter_by_time_key: timestamp
- response_time_key: timestamp
- filter_by: { "origin": { "equals": "WIZ_SENSOR" } }

Note
`filter_by` is just an example and can change as per requirement. All above fields need to be in user config.

Code Block

query CloudEventsQuery(
  $first: Int
  $after: String
  $filterBy: CloudEventFilters
) {
  cloudEvents(first: $first, after: $after, filterBy: $filterBy) {
    __typename
    totalCount
    nodes {
      ... on CloudEvent {
        id
        name
        kind
        origin
        severity
        externalId
        externalName
        cloudPlatform
        timestamp
        cloudNativeService
        category
        actor {
          id
          externalId
          providerUniqueId
          type
          cloudAccount {
            id
          }
          isExternalCloudAccount
          friendlyName
          name
          email
          userAgent
        }
        actorIP
        actorIPMeta {
          country
          countryCode
          city
          reputation
          reputationSource
          reputationDescription
        }
        isForeignActorIP
        subjectResource {
          id
          externalId
          providerUniqueId
          type
          nativeType
          name
          hostname
          cloudAccount {
            id
            externalId
            name
            cloudProvider
            linkedProjects {
              name
            }
          }
          region
          tags
          openToAllInternet
          hasSensitiveData
          kubernetesCluster {
            id
            name
            type
          }
          kubernetesNamespace {
            id
            name
            type
          }
          kubernetesFlavor
          containerService {
            id
            name
          }
        }
        cloudProviderUrl
        path
        hash
      }
    }
    pageInfo {
      hasNextPage
      endCursor
    }
  }
}

systemActivitiesQuery
- Override Devo tag : cspm.wiz.system_activity.default
- filter_by_time_key: createdAt
- response_time_key: createdAt
- filter_by: {}

Note
`filter_by` is just an example and can change as per requirement. All above fields need to be in user config.

Code Block

query systemActivitiesQuery(
  $first: Int
  $after: String
  $filterBy: SystemActivityFilters
) {
  systemActivities(first: $first, after: $after, filterBy: $filterBy) {
    __typename
    totalCount
    nodes {
      ... on SystemActivity {
        id
        name
        triggerType
        triggeredBy {
          ... on SystemActivityUserSnapshot {
            id
            name
          }
        }
        triggeredBy {
          ... on SystemActivitySystemTrigger {
            id
          }
        }
        triggeredBy {
          ... on SystemActivityServiceAccountSnapshot {
            id
            name
          }
        }
        createdAt
        startedAt
        endedAt
        status
        statusInfo
        summary
        groupId
      }
    }
    pageInfo {
      hasNextPage
      endCursor
    }
  }
}

Expand

title	Verify data collection

Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console.

This service has the following components:

Component	Description
Setup	The setup module is in charge of authenticating the service and managing the token expiration when needed.
Puller	The setup module is in charge of pulling the data in a organized way and delivering the events via SDK.

Setup output

A successful run has the following output messages for the setup module:

Code Block

2024-07-12T14:44:51.388    INFO InputProcess::WizCustomDataPullerSetup(unknown,wiz_data_puller#3454335,custom_query#custom) -> Puller Setup Started
2024-07-12T14:44:51.388    INFO InputProcess::WizCustomDataPullerSetup(unknown,wiz_data_puller#3454335,custom_query#custom) -> This is the first run of the collector. Generating the access token.
2024-07-12T14:44:51.388    INFO InputProcess::WizCustomDataPullerSetup(unknown,wiz_data_puller#3454335,custom_query#custom) -> Getting the auth token url based on provided api_base_url
2024-07-12T14:44:52.690    INFO InputProcess::WizCustomDataPullerSetup(unknown,wiz_data_puller#3454335,custom_query#custom) -> successfully generated new access token
2024-07-12T14:44:53.548    INFO InputProcess::WizCustomDataPullerSetup(unknown,wiz_data_puller#3454335,custom_query#custom) -> The credentials provided in the configuration have required permissions to request issues from Wiz server
2024-07-12T14:44:53.549    INFO InputProcess::WizCustomDataPullerSetup(unknown,wiz_data_puller#3454335,custom_query#custom) -> Puller Setup Terminated
2024-07-12T14:44:53.549    INFO InputProcess::WizCustomDataPullerSetup(unknown,wiz_data_puller#3454335,custom_query#custom) -> Setup for module <WizCustomDataPuller> has been successfully executed

Puller output

A successful initial run has the following output messages for the puller module:

Info
Note that the `PrePull` action is executed only one time before the first run of the `Pull` action.

Code Block

2024-07-12T14:44:54.393    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> PrePull Started.
2024-07-12T14:44:54.396    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> User has specified 2024-07-05 06:03:52 as the datetime. Historical polling will consider this datetime for creating the default values.
2024-07-12T14:44:54.396    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> No saved state found, initializing with state: {'historic_date_utc': datetime.datetime(2024, 7, 5, 6, 3, 52), 'last_polled_timestamp': datetime.datetime(2024, 7, 5, 6, 3, 52), 'ids_with_same_timestamp': [], 'buffer_timestamp_with_duplication_risk': datetime.datetime(1970, 1, 1, 0, 0), 'buffer_ids_with_duplication_risk': []}
2024-07-12T14:44:54.398 WARNING InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> Saved state loaded: {'historic_date_utc': datetime.datetime(2024, 7, 5, 6, 3, 52), 'last_polled_timestamp': datetime.datetime(2024, 7, 5, 6, 3, 52), 'ids_with_same_timestamp': [], 'buffer_timestamp_with_duplication_risk': datetime.datetime(1970, 1, 1, 0, 0), 'buffer_ids_with_duplication_risk': []}
2024-07-12T14:44:54.398    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> PrePull Terminated
2024-07-12T14:44:54.399    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> Starting data collection every 300 seconds
2024-07-12T14:44:54.399    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> Pull Started
2024-07-12T14:44:54.401    INFO OutputProcess::ConsoleSender(internal_senders,console_sender_0) -> {"message_timestamp": "2024-07-12 09:14:54.399", "message_tag": "devo.collectors.out.local.info", "message_content": "{\"msg\": \"Starting data collection every 300 seconds\", \"time\": \"2024-07-12T09:14:54.399167Z\", \"level\": \"info\", \"collector_name\": \"unknown\", \"collector_version\": \"unknown\", \"collector_image\": null, \"job_id\": \"unknown\", \"input_name\": \"wiz_data_puller\", \"service_name\": \"custom_query\", \"module_name\": \"WizCustomDataPuller\"}"}
2024-07-12T14:44:54.401    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> Fetching custom_query from 2024-07-05T00:33:52Z
2024-07-12T14:44:54.401    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> Requesting Wiz API for custom_query
2024-07-12T14:44:58.123    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> successfully retried custom_query from Wiz
2024-07-12T14:44:58.136    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> Total number of events in this poll: 500
2024-07-12T14:44:58.202    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> Flatten data is set to False. Adding 'devo_pulling_id' to events
2024-07-12T14:44:58.202    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> Delivering issues to the SDK
2024-07-12T14:44:58.236    INFO InputProcess::WizCustomDataPuller(wiz_data_puller,3454335,custom_query,custom) -> 500 issues delivered

After a successful collector’s execution (that is, no error logs found), you will see the following log message:

Code Block

2024-02-15T06:48:32.344    INFO InputProcess::WizDataPuller(wiz_data_puller,00001,auditLogs,predefined) -> Statistics for this pull cycle (@devo_pulling_id=1707979680.295365):Number of requests made: 21; Number of events received: 500; Number of duplicated events filtered out: 0; Number of events generated and sent: 10343; Average of events per second: 322.735.

Info
The value `@devo_pulling_id` is injected in each event to group all events ingested by the same pull action. You can use it to get the exact events downloaded in that `Pull` action in Devo’s search window.

Note that a Partial Statistics Report will be displayed when pagination is required in order to pull all available events. Look for the report without the Partial reference.

(Partial) Statistics for this pull cycle (@devo_pulling_id=1656602793.044179) so far: Number of requests made: 2; Number of events received: 45; Number of duplicated events filtered out: 0; Number of events generated and sent: 40.

Expand

title	Restart the persistence

This collector uses persistent storage to download events in an orderly fashion and avoid duplicates. In case you want to re-ingest historical data or recreate the persistence, you can restart the persistence of this collector by following these steps:

Edit the configuration file.
Change the value of the historical_date_utc parameter to a different one.
Save the changes.
Restart the collector.

The collector will detect this change and will restart the persistence using the parameters of the configuration file or the default configuration in case it has not been provided.

Note
Note that this action clears the persistence and cannot be recovered in any way. Resetting persistence could result in duplicate or lost events.

Expand

title	Troubleshooting

Error type	Error ID	Error message	Cause	Solution
`InitVariablesError`	`1`	`Devo tag is the required field for sending events to Devo. Specify it in collector definitions`	This error is raised when `devo_tag` property is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`2`	`Required setting. devo_tag is not of expected type: str`	This error is raised when `devo_tag` is defined in `collector_definitions.yaml` but the format is not `str`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`3`	`Optional setting, override_devo_tag not of expected type: str`	This error is raised when optional value `override_devo_tag` added in `config.json` is not of type `str`.	Edit the value of `override_devo_tag` in `config.json` so it is of type `str`. Or leave it empty so it takes the default value.
`InitVariablesError`	`4`	`GraphQL query is the required field for querying issues from Wiz. Specify it in collector definitions`	This error is raised when `graphql_query` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`5`	`Required setting. graphql_query is not of expected type: str`	This error is raised when `graphql_query` defined in `collector_definitions.yaml` is not of type `str`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`6`	`user_agent is the required field for passing in headers of Wiz API calls. Specify it in collector definitions`	This error is raised when `user_agent` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`7`	`Required setting. user_agent is not of expected type: str`	This error is raised when `user_agent` defined in `collector_definitions.yaml` is not of type `str`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`8`	`Optional setting, flatten_data not of expected type: bool`	This error is raised when the optional value `flatten_data` defined in `config.json` is not of type `bool`.	Edit the value of `flatten_data` in `config.json` so it is of type `bool`. You can also remove `override_flatten_data` parameter from `config.json` so it takes the default value.
`InitVariablesError`	`9`	`Optional setting, requests_per_second not of expected type: int`	This error is raised when the optional value `requests_per_second` defined in `config.json` is not of type `int`.	Edit the value of `requests_per_second` in `config.json` so it is of type `int`. Or leave it empty so it takes the default value.
`InitVariablesError`	`10`	`Required setting. requested_page_size_in_items is not of expected type: int`	This error is raised when `requested_page_size_in_items` defined in `collector_definitions.yaml` is not of type `int`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`11`	`access_token_timeout is the required field for checking if the token is expired. Specify it in collector definitions`	This error is raised when `access_token_timeout` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`12`	`Required setting. access_token_timeout is not of expected type: int`	This error is raised when `access_token_timeout` defined in `collector_definitions.yaml` is not of type `int`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`13`	`default_historic_days is the required field in case historic_date_utc is not specified. Specify it in collector definitions`	This error is raised when `default_historic_days` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`14`	`Required setting. default_historic_days is not of expected type: int`	This error is raised when `default_historic_days` defined in `collector_definitions.yaml` is not of type `int`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`15`	`api_url_regex is the required field for validating the base url. Specify it in collector definitions`	This error is raised when `api_url_regex` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`16`	`Required setting. api_url_regex is not of expected type: str`	This error is raised when `api_url_regex` defined in `collector_definitions.yaml` is not of type `str`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`17`	`historic_date_time_format is the required field for validating datetime format. Specify it in collector definitions`	This error is raised when `api_url_regex` is not found in `collector_definitions.yaml`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`18`	`Required setting. historic_date_time_format is not of expected type: str`	This error is raised when `api_url_regex` defined in `collector_definitions.yaml` is not of type `str`.	This is an internal issue. Contact with Devo Support team.
`InitVariablesError`	`19`	`api_base_url not of expected type: str`	This error could be raised for two reasons: `api_base_url` defined in `collector_definitions.yaml` is not of type `str`. `override_api_base_url` defined in `config.json` is not of type `str`.	Solutions for both cases, respectively: This is an internal issue. Contact with Devo Support team. Edit the value of `override_api_base_url` in `config.json` so it is of type `str`. Or remove the parameter definition, so it takes the default value.
`InitVariablesError`	`20`	`api_base_url must match regex: <regex>`	This error could be raised for two reasons: `api_base_url` defined in `collector_definitions.yaml` does not match the required regex. `override_api_base_url` defined in `config.json` does not match the required regex.	Solutions for both cases, respectively: This is an internal issue. Contact with Devo Support team. Edit the value of `override_api_base_url` in `config.json` so it matches the indicated regex. Or remove the parameter definition so it takes the default value. If default value was used it is an internal issue, so contact with Devo Support team.
`InitVariablesError`	`21`	`Required setting, credentials not found in user configuration`	This error is raised when the required property `credentials` is not found in `config.json`.	Add `credentials` dictionary in `config.json`, including `client_id` and `client_secret` fields.
`InitVariablesError`	`22`	`Required setting, credentials not of expected type: dict`	This error is raised when `credentials` is defined in `config.json` but the format is not `dict`.	Edit the value of `credentials` in `config.json` so it is of type `dict`.
`InitVariablesError`	`23`	`Required setting, client_id not found in user configuration`	This error is raised when the required property `client_id` is not found in `config.json`, into `credentials` dictionary.	Add `client_id` property in `config.json`, into `credentials` dictionary.
`InitVariablesError`	`24`	`Required setting, client_id not of expected type: str`	This error is raised when `client_id` is defined in `config.json` but the format is not `str`.	Edit the value of `client_id` in `config.json`, into `credentials` dictionary, so it is of type `str`.
`InitVariablesError`	`25`	`Required setting, client_secret not found in user configuration`	This error is raised when the required property `client_secret` is not found in `config.json`, into `credentials` dictionary.	Add `client_secret` property in `config.json`, into `credentials` dictionary.
`InitVariablesError`	`26`	`Required setting, client_secret not of expected type: str`	This error is raised when `client_secret` is defined in `config.json` but the format is not `str`.	Edit the value of `client_secret` in `config.json`, into `credentials` dictionary, so it is of type `str`.
`InitVariablesError`	`27`	`Required setting, historic_date_utc not of expected type: str`	This error is raised when the optional value `historic_date_utc` defined in `config.json` is not of type `str`.	Edit the value of `historic_date_utc` in `config.json` so it is of type `str`. Or leave it empty so the collector starts pulling data N days ago at the current time.
`InitVariablesError`	`28`	`Time format for historic date must be <time_format>. e.g. 2022-02-15T14:32:33.043Z`	This error is raised when the optional value `historic_date_utc` defined in `config.json` does not match the indicated format.	Make the value of `historic_date_utc` in `config.json` match the indicated format. Or leave it empty so the collector starts pulling data N days ago at the current time.
`InitVariablesError`	`29`	`historic datetime cannot be greater than the present UTC time`	This error is raised when the optional value `historic_date_utc` defined in `config.json` is higher than the current time. Time is indicated in UTC time.	Make the value of `historic_date_utc` in `config.json` be a past value in UTC time. Or leave it empty so the collector starts pulling data N days ago at the current time.
`SetupError`	`100`	`Error occurred while requesting access token from the Wiz server. Error message: <error_message>`	This error is raised when a generic error occurs during the request to get the token to authenticate the collector in the API.	This is an internal issue. Contact with Devo Support team.
`SetupError`	`101`	`The credentials provided in the config file are incorrect. Please provide the correct credentials.` `Status code: 401` `Error type: <error_type>` `Error message: <error_message>`	This error is raised when the credentials provided in `config.json` are not valid. (401 Unauthorized error)	Add the correct `client_id` and `client_secret` fields in `config.json`, at `credentials` property.
`SetupError`	`102`	`The credentials provided in the config file does not have necessary permissions to create access token.` `Status code: 403` `Error type: <error_type>` `Error message: <error_message>`	This error is raised when the credentials provided in `config.json` are valid, but the credentials used to access the API have no permissions to create a token. (403 Forbidden error)	Add some credentials in `config.json` with enough privileges to create a token from the API.
`SetupError`	`103`	`The requested URL <URL> is not found. The URL may have been deprecated.` `Status code: 404` `Error message: <error_message>`	This error is raised when the credentials provided in `config.json` are valid, but the authentication endpoint that is being requested to get a token is not found.	This is an internal issue. Contact with Devo Support team.
`SetupError`	`104`	`Unexpected error occurred while getting access token from the Wiz server` `Status code: <status_code>` `Error message: <error_message>`	This error is raised when the credentials provided in `config.json` are valid, but an unexpected response has been returned from the API.	This is an internal issue. Contact with Devo Support team.
`SetupError`	`105`	`The credentials does not have valid permissions to fetch issues from the Wiz server`	This error is raised when the credentials provided in `config.json` are valid, but the credentials used have no permissions to access the API endpoint to get issues.	Check that the provided credentials have enough permission to retrieve issues from the API.
`SetupError`	`106`	`Failed to check if the provided credentials have valid permissions.` `Error message: <error_message>`	This error is raised when the credentials provided in `config.json` are valid, but there was an error in the process of checking if the provided credentials have permission to get issues.	This is an internal issue. Contact with Devo Support team.
`PullError`	`300`	`Error occurred while requesting issues from the Wiz server. Error message: <error_message>`	This error is raised when a generic error occurs during the request to get issues from the API.	This is an internal issue. Contact with Devo Support team.
`PullError`	`301`	`The token used to make this request is not valid anymore.` `Status code: 401` `Error message: <error_message>`	This error is raised when the token being used to make requests to the API is not valid anymore.	Check if the credentials need to be renewed. Add some valid credentials in `config.json`. If credentials are still valid, contact with Devo Support team.
`PullError`	`302`	`The access token does not have necessary permissions to fetch issues from Wiz.` `Status code: 403` `Error message: <error_message>`	This error is raised when the token being used to make requests to the API is valid, but it lost permissions to get issues from API.	Check what happened with credential permissions. Add some credentials in `config.json` with permissions to get issues. If credentials are valide and still have permissions, contact with Devo Support team.
`PullError`	`303`	`The requested URL <URL> is not found. The URL may have been depreciated` `Status code: 404` `Error message: <error_message>`	This error is raised when the token being used to make requests to the API is valid, but cannot find the endpoints to get issues.	This is an internal issue. Contact with Devo Support team.
`PullError`	`304`	`The server has returned <status_code> status code. The server may not be available for fetching issues. Try after sometime. Error message from server: <error_message>`	This error is raised when the token being used to make requests to the API is valid, but there has been an error on Wiz's API.	The error is on Wiz’s side. Wiz can be contacted for more info. It should work again when the incident at Wiz is solved.
`PullError`	`305`	`Unexpected error occurred while getting issues from the Wiz server` `Status code: <status_code>` `Error message: <error_message>`	This error is raised when the token being used to make requests to the API is valid, but there has been an unexpected return from the API.	This is an internal issue. Contact with Devo Support team.
`PullError`	`306`	`After <retry_count> retries still getting the too many requests error.`	This error is raised when the token being used to make requests to the API is valid, but we are constantly receiving a `429` error response (too many requests)	Check throttle limitations on Wiz API and change the value of `request_period_in_seconds` and xxxxxxxx from `config.json` to adapt to it.

Collector operations

This section is intended to explain how to proceed with specific operations of this collector.

...

Versions Compared

Old Version 21

New Version 22

Key

Custom Service

Setup output

Puller output

Collector operations