Setup Your First Sync Task
We discussed in the High Level Overview section of the wiki on the typical workflow for Scumblr. To recap:
- Scumblr creates Results either manually or using a search, sync, or security task.
- Scumblr perform security tasks against these results, which may result in the creation of vulnerabilities or enrichment of result metadata
- Saved Result filters are created to help you narrow down your result searches to the things you care about the most.
- When the security tasks find interesting things, Scumblr users triage, ticket, and define workflows/statuses to track these results and findings.
To populate some Results in your Scumblr, let's setup a Github Sync Task, which will allow you to specify either an organization or user to load repositories in from Github.
Navigate to the Tasks page within Scumblr and click the Create Task button. On the Create Task page, navigate to Task Type and select Github Repo Sync. You'll see a number of options which you can set for this sync.
Let's step through what each option means:
Specify a name for your task, I suggest the task type and some useful context on the task (exp. Github - NetflixUI Sync)
A group is a collection of tasks that run asynchronously. Once all tasks in a Group complete, the next group executes. For this example, let's select Group 1.
You can specify if you'd like to sync a user's repositories or an organization's repositories. Let's do an org type here.
Specify the organization you'd like to sync, for our example we'll use Netflix.
This boolean allows you to also sync the contributing members of an organization's public repositories as well.
You can use this to set Scumblr to only sync public repos, private repos, or both.
If you want to sync private repos you will need to configure an API key
Next click Create Task and you will be redirected to the newly created task.
Next click on the Run Now button. After the sync completes you can refresh this page to see what results have been created by taking a look at the Task Execution Summary and Task Execution Details pages.
As you can see in the screenshot, 118 results were created. Let's click that number to see the newly created results:
We should now be on the Result view where we can get some more specifics about the repositories that were just synced. Let's take a look at a specific result by clicking the arrow next to the result Title.
You can see some additional metadata that includes the Owner, type and if the repo is public or private.
At this point, hopefully we have you hooked on how with a few clicks you can set up powerful proactive monitoring of your environment. We recommend you take a look at the videos in the 'common use cases' section .