Enterprise Recon 2.11.0

Confluence On-Premises

This section covers the following topics:

Overview

When Confluence On-Premises is added as a scan Target, ER2 returns all spaces, blog posts, and pages that are accessible to the Confluence user account.

When the Target is probed, you can select specific spaces, blog posts, and/or pages (along with the associated comments and attachments) when setting up the scan schedule.

Example of Confluence On-Premises structure: Confluence On-Premises [host name: my-confluence-server] +- Confluence on target MY-CONFLUENCE-SERVER +- Space Engineering +- Blog Post +- Blog Post A +- Blog Post B +- Space Product +- Page Features +- Page Feature A +- Page Feature B +- Page Release +- Page Release Q1 +- Page Release Q2

To set up and scan Confluence On-Premises as a Target:

  1. Check the Requirements.
  2. Set Up and Scan a Confluence On-Premises Target.
    1. Add Confluence On-Premises as a New Target.
    2. Scan a Confluence On-Premises Target.

To scan specific paths in a Confluence On-Premises Target, see Edit Confluence On-Premises Target Path.

Licensing

For Sitewide Licenses, all scanned Confluence On-Premises Targets consume data from the Sitewide License data allowance limit.

For Non-Sitewide Licenses, Confluence On-Premises Targets require one Server & DB License per host machine, and consume data from the Server & DB License data allowance limit.

See Target Licenses for more information.

Requirements

Component Description
Version Support

Confluence Data Center 7.4 LTS, 7.19 LTS, and 8.5 LTS.

Using a different Confluence On-Premises version?

Ground Labs supports and tests the versions listed above. However, versions not indicated may still work as expected.

Proxy Agent
  • Proxy Agent host with direct access to the Confluence server.
  • ER 2.10.0 Agent and newer.

Recommended Proxy Agents:

  • Windows Agent with database runtime components
  • Windows Agent
  • Linux Agent with database runtime components
  • Linux Agent
Default Port 443
Confluence Credentials

"View" space permission is required.

Use credentials of either an individual user with "View" space permission, or a user that belongs to a Confluence group with "View" space permission.

API Limits

1000 requests (or above) per minute is recommended. See Confluence API Limits.

Set Up and Scan a Confluence On-Premises Target

Add Confluence On-Premises as a New Target

  1. From the New Scan page, Add Targets.
  2. In the Select Target Type dialog box, select Server.
  3. In the Enter New Target Hostname field, enter the host name of the Confluence server.
  4. Click Test. If ER2 can connect to the Target, the button changes to a Commit button.
  5. Click Commit to add the Target.
  6. In the Select Types dialog box, click Server Applications > Confluence.
  7. In the next window, fill in the following details:

    Dialog box to configure the path, credentials and proxy agent for a Confluence On-Premises Target

    Section Description
    Path details

    In the Path field, enter the path to scan. If the field is left blank, all Confluence spaces (on the default connector port) the user or user's Confluence group(s) has "View" permissions to are added.

    See the Path Syntax table for more information on the path syntax to use.

    Credential Details

    If you have stored the credentials, select from Stored Credentials.

    If not, fill in the following fields:

    1. New Credential Label: Enter a descriptive label for the credential set.
    2. New Username: Enter the Confluence account user name.
    3. New Password: Enter the Confluence account password.
    "View" space permission is required.

    Use credentials of either an individual user with "View" space permission, or a user that belongs to a Confluence group with "View" space permission.

    Proxy Details Select a suitable Agent. See Requirements - Proxy Agent.
  8. Click Test. If ER2 can connect to the Target, the button changes to a Commit button.
  9. Click Commit to add the Target.

Scan a Confluence On-Premises Target

  1. (Optional) On the Select Locations page, probe the Target to browse and select specific Target locations to scan.

  2. Click Next.
  3. On the Select Data Types page, select the Data Type Profiles to be included in your scan and click Next.
  4. On the Set Schedule page, configure the parameters for your scan. See Set Schedule for more information.
  5. Click Next.
  6. On the Confirm Details page, review the details of the scan schedule, and click Start Scan to start the scan. Otherwise, click Back to modify the scan schedule settings.

Edit Confluence On-Premises Target Path

To scan a specific path in Confluence On-Premises:

  1. Set Up and Scan a Confluence On-Premises Target.
  2. In the Select Locations section, select your Confluence On-Premises Target location and click Edit.
  3. In the Edit Confluence dialog box, enter the path to scan using the following syntax:

    Location to Scan Path Syntax
    All spaces

    Syntax: [:<port>]

    If connection to the Confluence server uses a port other than 443, the [:<port>] value must be defined in the Path field.

    Example: Leave the Path field blank or :9999

    All pages in a specific space

    Syntax: [:<port>/]<Space Name>

    Example: Engineering

    All blog posts in a specific space

    Syntax: [:<port>/]<Space Name>/$b

    Example: Engineering/$b

    A specific blog post in a specific space

    Syntax: [:<port>/]<Space Name>/$b/<Blog Post Name>

    Example: Engineering/$b/New Feature

    All subpages under a specific page

    Syntax: [:<port>/]<Space Name>/<Page Name>

    Example: Engineering/Features

    A specific subpage under a specific page

    Syntax: [:<port>/]<Space Name>/<Page Name>/<Page Name>

    Example: Engineering/Features/Versioning

  4. Click Test and then Commit to save the path to the Target location.

Confluence API Limits

ER2 uses REST API to query and retrieve data from Confluence. The number and frequency of REST API requests that users can make can be configured using the rate limiting feature.

When rate limiting is enabled and the Limit requests option is selected, we recommend setting the Requests allowed per node to a value not lower than 1000 requests per minute per user to allow ER2 to properly execute scans.

If an organization reaches the configured request limits, the following scan issues may be encountered:

  • The scan speed will substantially decrease, and
  • The scan schedule will take too long to complete and will be stuck in "Scanning" state.

For more information, see Confluence - Rate Limiting.

Confluence On-Premises Remediation

The following remediation actions are supported for Confluence On-Premises Targets:


PRO This feature is only available in Enterprise Recon PRO Edition. To find out more about upgrading your ER2 license, please contact Ground Labs Licensing. See Subscription License for more information.