rapid7 · ablakley-r7 · Apr 30, 2025
@@ -1,7 +1,7 @@
 {
-	"spec": "fab0451abcf169e560d2419f768f00ca",
-	"manifest": "9245536bddb92758bd965fcf2bc67826",
-	"setup": "d1e97f45caecef4e58b4aef45f183afa",
+	"spec": "297c1d248d6988e357555d479b8c7963",
+	"manifest": "9bc44e926d2fff2a2c6b8b8b372da9fd",
+	"setup": "4ef33b23915625bedbf9a246a342fcc3",
 	"schemas": [
 		{
 			"identifier": "add_group_member/schema.py",
@@ -57,11 +57,7 @@
 		},
 		{
 			"identifier": "connection/schema.py",
-			"hash": "0a7291558248a06866657f7e21b8ef98"
-		},
-		{
-			"identifier": "monitor_siem_logs/schema.py",
-			"hash": "88ad3235753c61b1afc346aea3e7caef"
+			"hash": "647d8a9b32308365d3c24ac26e824484"
 		}
 	]
 }
@@ -6,7 +6,7 @@ from sys import argv
 
 Name = "Mimecast"
 Vendor = "rapid7"
-Version = "5.3.21"
+Version = "6.0.0"
 Description = "[Mimecast](https://www.mimecast.com) is a set of cloud services designed to provide next generation protection against advanced email-borne threats such as malicious URLs, malware, impersonation attacks, as well as internally generated threats, with a focus on email security. This plugin utilizes the [Mimecast API](https://www.mimecast.com/developer/documentation)"
 
 
@@ -60,8 +60,6 @@ def main():
 
             self.add_action(actions.GetAuditEvents())
 
-            self.add_task(tasks.MonitorSiemLogs())
-
 
     """Run plugin"""
     cli = insightconnect_plugin_runtime.CLI(ICONMimecast())

@@ -9,14 +9,12 @@
 
 # Requirements
 
-* Access API Key
-* Secret Key
-* Mimecast server
-* API Username and Password
+* Mimecast API 2.0 Client ID
+* Mimecast API 2.0 Client Secret
 
 # Supported Product Versions
 
-* Mimecast API 2024-06-18
+* Mimecast API 2.0 2025-06-18
 
 # Documentation
 
@@ -26,21 +24,15 @@ The connection configuration accepts the following parameters:
 
 |Name|Type|Default|Required|Description|Enum|Example|Placeholder|Tooltip|
 | :--- | :--- | :--- | :--- | :--- | :--- | :--- | :--- | :--- |
-|access_key|credential_secret_key|None|True|The application access key|None|eWtOL3XZCOwG96BOiFTZRiC5rdvDmP4FFdwU2Y1DC1Us-gh7KyL5trUrZ9aEuzQMV7pPWWxTnPVtsJ6x3fajAh3cRskP0w8hNjaFFVkZB6G9dOytLM2ssQ7HY-p7gJoi|None|None|
-|app_id|string|None|True|Application ID|None|78d2e4b1-8cc2-4806-nt79-6ef332a47374|None|None|
-|app_key|credential_secret_key|None|True|The application key|None|475x54c6-4f61-4fab-8be7-a0710f3859e3|None|None|
-|region|string|EU|True|The region for the Mimecast server|["EU", "DE", "US", "CA", "ZA", "AU", "Offshore", "Sandbox", "USB", "USBCOM"]|EU|None|None|
-|secret_key|credential_secret_key|None|True|The application secret key|None|FgHrtydiP4TynI+rTZF42Qu0FtGuhJtuNM5bDh82goJQHed9kJZ5t/ORwGnI5r2hkl/bzCosZ+KVapJFeaf3Yw==|None|None|
+|client_id|string|None|True|The Mimecast 2.0 Application Client ID|None|ZA7vkbu7NqcfBcGrXyWW8Rzk2sv2un2DCY7GGCX4BFWgJBZM|None|None|
+|client_secret|credential_secret_key|None|True|The Mimecast 2.0 Application Client Secret|None|ohknqKJpCd99XTkHjeVuc2TgYaKWrWn4tEEHCLkXFZhFgDRdcpNGVx3EipX2CvmE|None|None|
 
 Example input:
 
 ```
 {
-  "access_key": "eWtOL3XZCOwG96BOiFTZRiC5rdvDmP4FFdwU2Y1DC1Us-gh7KyL5trUrZ9aEuzQMV7pPWWxTnPVtsJ6x3fajAh3cRskP0w8hNjaFFVkZB6G9dOytLM2ssQ7HY-p7gJoi",
-  "app_id": "78d2e4b1-8cc2-4806-nt79-6ef332a47374",
-  "app_key": "475x54c6-4f61-4fab-8be7-a0710f3859e3",
-  "region": "EU",
-  "secret_key": "FgHrtydiP4TynI+rTZF42Qu0FtGuhJtuNM5bDh82goJQHed9kJZ5t/ORwGnI5r2hkl/bzCosZ+KVapJFeaf3Yw=="
+  "client_id": "ZA7vkbu7NqcfBcGrXyWW8Rzk2sv2un2DCY7GGCX4BFWgJBZM",
+  "client_secret": "ohknqKJpCd99XTkHjeVuc2TgYaKWrWn4tEEHCLkXFZhFgDRdcpNGVx3EipX2CvmE"
 }
 ```
 
@@ -718,39 +710,8 @@ Example output:
 
 *This plugin does not contain any triggers.*
 ### Tasks
-
-
-#### Monitor SIEM Logs
-
-This task is used to monitor and retrieve the latest logs
-
-##### Input
-
-*This task does not contain any inputs.*
-
-##### Output
-
-|Name|Type|Required|Description|Example|
-| :--- | :--- | :--- | :--- | :--- |
-|data|[]object|True|List of logs|[{"Dir": "Example", "Rcpt": "[email protected]", "RcptHdrType": "To", "Sender": "[email protected]", "aCode": "1234code", "acc": "ABCD12345", "datetime": "2023-05-09T12:00:00"}]|
 
-Example output:
-
-```
-{
-  "data": [
-    {
-      "Dir": "Example",
-      "Rcpt": "[email protected]",
-      "RcptHdrType": "To",
-      "Sender": "[email protected]",
-      "aCode": "1234code",
-      "acc": "ABCD12345",
-      "datetime": "2023-05-09T12:00:00"
-    }
-  ]
-}
-```
+*This plugin does not contain any tasks.*
 
 ### Custom Types
 
@@ -1013,6 +974,7 @@ Example output:
 
 # Version History
 
+* 6.0.0 - Update to actions and triggers to utilize Mimecast API 2.0 | Update connection requirements to Mimecast API 2.0 requirements | Remove task `monitor_siem_logs` | Update third party documentation links for Mimecast API 2.0
 * 5.3.21 - Update Task `monitor_siem_logs` to use new logging and status management | Update SDK to version 6.3.3
 * 5.3.20 - Update Task `monitor_siem_logs` bump default rate limit period to 10 minutes and catch unexpected errors
 * 5.3.19 - Update Task `monitor_siem_logs` to delay retry if a rate limit error is returned from Mimecast | Update SDK to version 6.2.0
@@ -1065,4 +1027,4 @@ Example output:
 
 ## References
 
-* [Mimecast API](https://www.mimecast.com/developer/documentation)
+* [Mimecast API](https://developer.services.mimecast.com/api-overview)
@@ -1,10 +1,8 @@
 import insightconnect_plugin_runtime
 from insightconnect_plugin_runtime.exceptions import ConnectionTestException
-from komand_mimecast.util.exceptions import ApiClientException
-from komand_mimecast.util import util
 from komand_mimecast.util.api import MimecastAPI
 from .schema import ConnectionSchema, Input
-from komand_mimecast.util.constants import DEFAULT_REGION, API, META_FIELD, FAIL_FIELD, STATUS_FIELD
+from komand_mimecast.util.constants import API, META_FIELD, FAIL_FIELD, STATUS_FIELD
 
 
 class Connection(insightconnect_plugin_runtime.Connection):
@@ -19,13 +17,11 @@ def __init__(self):
 
     def connect(self, params={}):
         self.client = MimecastAPI(
-            params.get(Input.REGION, DEFAULT_REGION),
-            params.get(Input.ACCESS_KEY, {}).get("secretKey", "").strip(),
-            params.get(Input.SECRET_KEY, {}).get("secretKey", "").strip(),
-            params.get(Input.APP_ID, "").strip(),
-            params.get(Input.APP_KEY, {}).get("secretKey", "").strip(),
+            params.get(Input.CLIENT_ID, "").strip(),
+            params.get(Input.CLIENT_SECRET, {}).get("secretKey", "").strip(),
             self.logger,
         )
+        self.client.authenticate()
 
     def test(self):
         # pylint: disable=protected-access
@@ -38,28 +34,3 @@ def test(self):
                 data=response.get(FAIL_FIELD),
             )
         return {"success": True}
-
-    def test_task(self):
-        self.logger.info("Running a connection test to Mimecast")
-        try:
-            _, _, _, _ = self.client.get_siem_logs("")
-            message = "The connection test to Mimecast was successful"
-            self.logger.info(message)
-            return {"success": True}, message
-        except ApiClientException as error:
-
-            return_message = ""
-
-            failed_message = "The connection test to Mimecast has failed"
-            self.logger.info(failed_message)
-            return_message += f"{failed_message}\n"
-
-            cause_message = f"This failure was caused by: '{error.cause}'"
-            self.logger.info(cause_message)
-            return_message += f"{cause_message}\n"
-
-            self.logger.info(error.assistance)
-            return_message += f"{error.assistance}\n"
-
-            self.logger.error(error)
-            raise ConnectionTestException(cause=error.cause, assistance=error.assistance, data=return_message)
@@ -4,11 +4,8 @@
 
 
 class Input:
-    ACCESS_KEY = "access_key"
-    APP_ID = "app_id"
-    APP_KEY = "app_key"
-    REGION = "region"
-    SECRET_KEY = "secret_key"
+    CLIENT_ID = "client_id"
+    CLIENT_SECRET = "client_secret"
 
 
 class ConnectionSchema(insightconnect_plugin_runtime.Input):
@@ -18,56 +15,22 @@ class ConnectionSchema(insightconnect_plugin_runtime.Input):
   "type": "object",
   "title": "Variables",
   "properties": {
-    "access_key": {
-      "$ref": "#/definitions/credential_secret_key",
-      "title": "Application Access Key",
-      "description": "The application access key",
-      "order": 5
-    },
-    "app_id": {
+    "client_id": {
       "type": "string",
-      "title": "App ID",
-      "description": "Application ID",
-      "order": 2
-    },
-    "app_key": {
-      "$ref": "#/definitions/credential_secret_key",
-      "title": "Application Key",
-      "description": "The application key",
-      "order": 3
-    },
-    "region": {
-      "type": "string",
-      "title": "Region",
-      "description": "The region for the Mimecast server",
-      "default": "EU",
-      "enum": [
-        "EU",
-        "DE",
-        "US",
-        "CA",
-        "ZA",
-        "AU",
-        "Offshore",
-        "Sandbox",
-        "USB",
-        "USBCOM"
-      ],
+      "title": "Client ID",
+      "description": "The Mimecast 2.0 Application Client ID",
       "order": 1
     },
-    "secret_key": {
+    "client_secret": {
       "$ref": "#/definitions/credential_secret_key",
-      "title": "Application Secret Key",
-      "description": "The application secret key",
-      "order": 4
+      "title": "Client Secret",
+      "description": "The Mimecast 2.0 Application Client Secret",
+      "order": 2
     }
   },
   "required": [
-    "access_key",
-    "app_id",
-    "app_key",
-    "region",
-    "secret_key"
+    "client_id",
+    "client_secret"
   ],
   "definitions": {
     "credential_secret_key": {

@@ -1,3 +1 @@
 # GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
-
-from .monitor_siem_logs.task import MonitorSiemLogs
Original file line number	Diff line number	Diff line change
		@@ -1,3 +1 @@
		# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT

		from .monitor_siem_logs.task import MonitorSiemLogs