Skip to content

Commit

Permalink
Merge pull request #13 from trendmicro/update_to_latest_version_v1.1.1
Browse files Browse the repository at this point in the history 
update to latest version: v1.1.1
  • Loading branch information
@chucklin-tm
chucklin-tm authored Apr 10, 2024
2 parents 087ef34 + a50007b commit 546bb67
Show file tree
Hide file tree
Showing 7 changed files with 134 additions and 86 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
# CHANGELOG

## 1.1.1 - 2024-04-10

- Update README.md
- Extend the scan default timeout to 300s

## 1.1.0 - 2024-04-03

- Update protos
Expand Down
205 changes: 124 additions & 81 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,66 +1,159 @@
# Trend Vision One File Security Node.js SDK User Guide
# Trend Vision One File Security Node.js SDK User Guide

The Trend Vision One File Security Node.js SDK empowers developers to craft applications seamlessly integrating with the cloud-based Trend Vision One anti-malware file scanning service. This ensures a thorough scan of data and artifacts within the applications, identifying potential malicious elements.
Trend Vision One™ - File Security is a scanner app for files and cloud storage. This scanner can detect all types of malicious software (malware) including trojans, ransomware, spyware, and more. Based on fragments of previously seen malware, File Security detects obfuscated or polymorphic variants of malware.
File Security can assess any file type or size for malware and display real-time results. With the latest file reputation and variant protection technologies backed by leading threat research, File Security automates malware scanning.
File Security can also scan objects across your environment in any application, whether on-premises or in the cloud.

This guide outlines the steps to establish your development environment and configure your project, laying the foundation for utilizing the File Security Node.js SDK effectively.
The Node.js software development kit (SDK) for Trend Vision One™ File Security empowers you to craft applications which seamlessly integrate with File Security. With this SDK you can perform a thorough scan of data and artifacts within your applications to identify potential malicious elements.
Follow the steps below to set up your development environment and configure your project, laying the foundation to effectively use File Security.

## Prerequisites
## Checking prerequisites

Before installing the SDK, ensure that the following prerequisites are met:
Before installing the SDK, ensure you have the following:

- NodeJS version 16.20.1+, 18.x or above
- Trend Vision One account with a chosen region - for more information, see the [Trend Vision One account document](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/Home).
- A Trend Vision One API key - for more information, see the [Trend Vision One API key documentation](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one/administrative-setti/accountspartfoundati/api-keys.aspx).
- Node.js 16.20.1+, 18.x or later
- Trend Vision One account associated with your region - for more information, see the [Trend Vision One account document](https://docs.trendmicro.com/en-us/documentation/article/trend-vision-one-accountspartfoundati).
- Custom role with File Security permissions

## Installation
When you have all the prerequisites, continue with creating an API key.

To install the SDK's NodeJS package, run the following commands in your NodeJS application folder.
## Creating an API Key

The File Security SDK requires a valid application programming interface (API) key provided as a parameter to the SDK client object. Trend Vision One API keys are associated with different regions. Refer to the region flag below to obtain a better understanding of the valid regions associated with the API key. For more information, see the [Trend Vision One API key documentation](https://docs.trendmicro.com/en-us/documentation/article/trend-vision-one-api-keys).

### Procedure

- Go to Administrations > API Keys.
- Click Add API Key.
- Configure the API key to use the role with the 'Run file scan via SDK' permission.
- Verify that the API key is associated with the region you plan to use.
- Set an expiry time for the API key and make a record of it for future reference.

## Installing the SDK

To install the SDK's Node.js package, run the following commands in your Node.js application folder.

```sh
npm install file-security-sdk
```

## Authentication
## Using File Security Node.js SDK

To authenticate with the API, you need an Trend Vision One API key. Sign up for a [Trend Vision One account](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one.aspx) and follow the instructions on [Manage Trend Vision One API Keys](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one/administrative-setti/accountspartfoundati/api-keys.aspx) to obtain an API key.
Using File Security Node.js SDK to scan for malware involves the following basic steps:

When creating a Trend Vision One account, choose a region for the account. All of the account data, as well as the security data for the Trend Vision One security services in the account, is stored in that region. For more information, see the [Trend Vision One regions documentation](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one.aspx).
1. Create an AMaaS client instance by specifying preferred Vision One region where scanning should be done and a valid API key.
2. Replace `__YOUR_OWN_VISION_ONE_API_KEY__` and `__REGION__` with your actual API key and the desired region.
3. Invoke file scan method to scan the target data.
4. Parse the JSON response returned by the scan APIs to determine whether the scanned data contains malware or not.

### Usage
### Steps

To initiate a new instance of the AmaasGrpcClient, we need to supply the AMaaSHostName and Vision One API Key.
- Supply the AMaaSHostName and API Key to initiate a new instance of the AmaasGrpcClient.

```typescript
import { AmaasGrpcClient } from "file-security-sdk";
```

// Use region. Replace __REGION__ with the region of your Vision One account
- Use a fully qualified domain name (FQDN) with or without a port -- Replace `__REGION__` with the region of your Trend Vision One account.

```typescript
const amaasHostName = "antimalware.__REGION__.cloudone.trendmicro.com:443";
```

- Use the region -- Replace `__REGION__` with the region of your Trend Vision One account.

```typescript
const amaasHostName = __REGION__;
```

// Replace __YOUR_OWN_VISION_ONE_API_KEY__ with your own Visioin One API key
- Replace `__YOUR_OWN_VISION_ONE_API_KEY__` with your own Trend Vision One API key.

```typescript
const key = __YOUR_OWN_VISION_ONE_API_KEY__;
```

- Create a new instance of the AmaasGrpcClient class using the preferred region and key.

// Create a new instance of the AmaasGrpcClient class using the key
```typescript
const scanClient = new AmaasGrpcClient(amaasHostName, key);
```

## Code Example

The following is an example of how to use the SDK to scan a file or buffer for malware and retrieve the scan results from our API.

```typescript
import { AmaasGrpcClient, LogLevel } from "file-security-sdk";
import { readFileSync } from "fs/promises";

// Use region. Replace __REGION__ with the region of your Vision One account
const amaasHostName = __REGION__;

const credent = __YOUR_OWN_VISION_ONE_API_KEY__;

let scanClient = undefined;

try {
scanClient = new AmaasGrpcClient(amaasHostName, credent);

const logCallback = (level: LogLevel, message: string): void => {
console.log(`logCallback is called, level: ${level}, message: ${message}`);
};
scanClient.setLoggingLevel(LogLevel.DEBUG);
scanClient.configLoggingCallback(logCallback);

// Example of scanFile
const fileToScan = "path/to/file.ext";
const fileScanResult = await scanClient.scanFile(
fileToScan,
["tag1", "tag2", "tag3"],
pml,
feedback
);
console.log(`Number of malware found: ${result.scanResult}`); // Scan result handling

// Example of scanBuffer
const buff = await readFileSync(fileToScan);
const pml = true
const feedback = true
const bufferScanResult = await scanClient.scanBuffer(
"THE_FILE_NAME_OR_IDENTIFIER",
buff,
["tag1", "tag2", "tag3"],
pml,
feedback
);
console.log(
`Number of malware found in buffer: ${bufferScanResult.scanResult}`
);
} catch (error) {
// Error handling
console.error("Error occurred:", error.message);
} finally {
if (typeof scanClient !== "undefined") {
scanClient.close();
}
}
```

## API Reference

### `AmaasGrpcClient`

The AmaasGrpcClient class is the main class of the SDK and provides methods to interact with the API.

#### `constructor( amaasHostName: string, credent: string, timeout: number | undefined = 180, enableTLS: boolean | undefined = true)`
#### `constructor( amaasHostName: string, credent: string, timeout: number | undefined = 300, enableTLS: boolean | undefined = true)`

Create a new instance of the `AmaasGrpcClient` class.

**_Parameters_**

| Parameter | Description | Default value |
| ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------- |
| amaasHostName | The region of your Vision One account. The region is the location where you acquire your api key. Value provided must be one of the Vision One regions, e.g. `us-east-1`, `eu-central-1`, `ap-northeast-1`, `ap-southeast-2`, `ap-southeast-1`, etc. | |
| amaasHostName | The region of your Vision One account. The region is the location where you acquire your api key. Value provided must be one of the Vision One regions, e.g. `ap-northeast-1`, `ap-south-1`, `ap-southeast-1`, `ap-southeast-2`, `eu-central-1`, `us-east-1`, etc. | |
| credent | Your own Vision One API Key. | |
| timeout | Timeout to cancel the connection to server in seconds. | 180 |
| enableTLS | Enable or disable TLS. TLS should always be enabled when connecting to the AMaaS server. | true |
| timeout | Timeout to cancel the connection to server in seconds. | 300 |
| enableTLS | Enable or disable TLS. TLS should always be enabled when connecting to the File Security service. For more information, see the 'Ensuring Secure Communication with TLS' section. | true |

**_Return_**
An AmaasGrpcClient instance
Expand All @@ -74,7 +167,7 @@ Scan a file for malware and retrieves response data from the API.
| Parameter | Description | Default value |
| --------- | ------------------------------------------------------------------------------------------------------------------------ | ------------- |
| name | The name of the file with path of directory containing the file to scan. | |
| tags | `(Optional)` The list of tags which can be used to tag the scan. Max size of tags list is 8. Max size of each tag is 63. | |
| tags | The list of tags which can be used to tag the scan. Max size of tags list is 8. Max size of each tag is 63. | |
| pml | This flag is to enable Trend's predictive machine learning detection. | false |
| feedback | This flag is to enable Trend Micro Smart Protection Network's Smart Feedback. | false |

Expand All @@ -91,7 +184,7 @@ Scan a buffer for malware and retrieves response data from the API.
| --------- | ------------------------------------------------------------------------------------------------------------------------ | ------------- |
| fileName | The name of the file or object the buffer is created from. The name is used to identify the buffer. | |
| buff | The buffer to scan. | |
| tags | `(Optional)` The list of tags which can be used to tag the scan. Max size of tags list is 8. Max size of each tag is 63. | |
| tags | The list of tags which can be used to tag the scan. Max size of tags list is 8. Max size of each tag is 63. | |
| pml | This flag is to enable Trend's predictive machine learning detection. | false |
| feedback | This flag is to enable Trend Micro Smart Protection Network's Smart Feedback. | false |

Expand Down Expand Up @@ -171,63 +264,6 @@ enum LogLevel {
}
```

## Code Example

The following is an example of how to use the SDK to scan a file or buffer for malware and retrieve the scan results from our API.

```typescript
import { AmaasGrpcClient, LogLevel } from "file-security-sdk";
import { readFileSync } from "fs/promises";

// Use region. Replace __REGION__ with the region of your Vision One account
const amaasHostName = __REGION__;

const credent = __YOUR_OWN_VISION_ONE_API_KEY__;

let scanClient = undefined;

try {
scanClient = new AmaasGrpcClient(amaasHostName, credent);

const logCallback = (level: LogLevel, message: string): void => {
console.log(`logCallback is called, level: ${level}, message: ${message}`);
};
scanClient.setLoggingLevel(LogLevel.DEBUG);
scanClient.configLoggingCallback(logCallback);

// Example of scanFile
const fileToScan = "path/to/file.ext";
const fileScanResult = await scanClient.scanFile(fileToScan, [
"tag1",
"tag2",
"tag3",
]);
console.log(`Number of malware found: ${result.scanResult}`); // Scan result handling

// Example of scanBuffer
const buff = await readFileSync(fileToScan);
const pml = true
const feedback = true
const bufferScanResult = await scanClient.scanBuffer(
"THE_FILE_NAME_OR_IDENTIFIER",
buff,
["tag1", "tag2", "tag3"],
pml,
feedback
);
console.log(
`Number of malware found in buffer: ${bufferScanResult.scanResult}`
);
} catch (error) {
// Error handling
console.error("Error occurred:", error.message);
} finally {
if (typeof scanClient !== "undefined") {
scanClient.close();
}
}
```

## Errors

The built-in JavaScript `Error` object with name "`Error`" will be thrown when error occurs.
Expand All @@ -244,3 +280,10 @@ The actual message in the following table may be vary in different environment.
| Error: Failed to open file. ENOENT: no such file or directory, stat {file_path} | The {file_path} specified in `scanFile` cannot be found. Please make sure the file exists and {file_path} specified is correct. |
| Error: Failed to open file. EACCES: permission denied, open {file_path} | There is a file access permission issue. Please make sure the SDK has read permission of the {file_path} specified in `scanFile`. |
| Error: Invalid region: {region} | The region is invalid. Please make sure a correct region is used. |

## Ensuring Secure Communication with TLS

The communication channel between the client program or SDK and the Trend Vision One™ File Security service is fortified with robust server-side TLS encryption. This ensures that all data transmitted between the client and Trend service remains thoroughly encrypted and safeguarded.
The certificate employed by server-side TLS is a publicly-signed certificate from Trend Micro Inc, issued by a trusted Certificate Authority (CA), further bolstering security measures.

The File Security SDK consistently adopts TLS as the default communication channel, prioritizing security at all times. It is strongly advised not to disable TLS in a production environment while utilizing the File Security SDK, as doing so could compromise the integrity and confidentiality of transmitted data.
2 changes: 1 addition & 1 deletion VERSION
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1.1.0
1.1.1
2 changes: 1 addition & 1 deletion __tests__/amaasSDK.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ const scanImpls = {

// Mock server does not use TLS protocol. Set enableTLS to false.
const enableTLS = false
const grpcConnectionTimeout = 3 * 60 // seconds
const grpcConnectionTimeout = 5 * 60 // seconds
const amaasHostName = 'localhost:50051'
const authKey = ''
const credent: AmaasCredentials = {
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "file-security-sdk",
"version": "1.1.0",
"version": "1.1.1",
"description": "Vision One File Security API library in TypeScript",
"main": "index.js",
"engines": {
Expand Down
2 changes: 1 addition & 1 deletion src/lib/amaasGrpcClient.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ export class AmaasGrpcClient {
constructor (
amaasHostName: string,
credent: AmaasCredentials | string,
timeout = 180,
timeout = 300,
enableTLS = true,
appName = 'V1FS'
) {
Expand Down
2 changes: 1 addition & 1 deletion src/lib/scanRun.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ export class ScanRun {
this.logger = logger
this.finalResult = Object.create(null) as AmaasScanResultObject
this.tags = tags ?? []
this.bulk = true
this.bulk = false
}

private async streamRun (fileName: string, fileSize: number, hashes: string[], pml: boolean, feedback: boolean, buff?: Buffer): Promise<AmaasScanResultObject> {
Expand Down

0 comments on commit 546bb67

Please sign in to comment.