Forum Discussion

AustinC's avatar
AustinC
Icon for Neophyte rankNeophyte
9 months ago

LM Exchange Use Cases

Can anyone share with me the design intent of LM Exchange? I would like to explore using this as a way of having my users publish LogicModules in our Non-Prod environment that can be easily imported to Production, but I’m intuiting that this is perhaps not an intended use of it. We are presently using the ‘Import from Repository’ functionality, but I know that this is legacy, and understandably a little clunky.

That said, it appears that ‘publishing to LM Exchange’ results in my datasources going into Security Review, even though they are ‘Private’ visibility -- this tells me that using this to share LogicModules between my company’s portals is likely not an intended use case.

Anyone have thoughts/know anything about this?

  • monetizing the exchange

    Palo Alto’s XSOAR (formally Demisto) has a similar exchange system with monetization. Once they added it, it was night and day the quality of modules. Vendors and users wrote so many good modules once they incentivized people to create them.

  • @Austin Culbertson  the original intent was just to facilitate sharing amongst the entire LM customer community.

    I’m surprised you’re seeing modules in “Security Review” before they are marked “Public”. Security Review is a prerequisite for sharing (for obvious reasons), but isn’t required for the “private backup” use case.

    We didn’t originally have private/public distinction in the LM Exchange because we originally had no way to view the “repository” of the Exchange. This meant that the public or privateness of a locator was dependent upon how the user who created it decided to share it.

    I would love to enable “Google drive like” sharing where you can select specific accounts to share between, but I don’t see that coming this year.

    The marketplace concept has certainly crossed our minds but so far is not in plan. @Joe Williams that’s a rather interesting anecdote, I’ll have to take a closer look at what they’re doing with XSOAR, thanks.

    @Stuart Weenig there was a backend issue that caused issues with the Use Status indexing. To avoid giving you incorrect data, we replaced it with effectively no data until it is resolved in the next release.

  • Anonymous's avatar
    Anonymous

    LM probably shouldn’t require security review until you mark it as public. However, since the security review workflow really doesn’t work on anyone’s timelines, they should at least not required it unless it’s going public. That would allow you to move them back and forth between portals.

    Alternatively, allowing the author to specify which portals the module is made available to would be an easy to begin monetizing the exchange. Said monetization would reveal all source code in the module though, so there’s no security around it.

    Suffice it to say, right now, the main goal of the exchange is just to work. Said work only involves LM getting their modules and module updates out to their customers. Once that (multi-year old) problem is solved, perhaps they can work on actual community exchanges, paid or otherwise.

  • Anonymous's avatar
    Anonymous

    monetizing the exchange

    Palo Alto’s XSOAR (formally Demisto) has a similar exchange system with monetization. Once they added it, it was night and day the quality of modules. Vendors and users wrote so many good modules once they incentivized people to create them.

    Yeah, it’s gotta be a stable platform first. I mean the diff in the exchange when pulling in an update is still the raw json.

    Is anybody else’s “Use Status” column showing “N/A” for everything?

  • Anonymous's avatar
    Anonymous

    @Stuart Weenig there was a backend issue that caused issues with the Use Status indexing. To avoid giving you incorrect data, we replaced it with effectively no data until it is resolved in the next release.

    Thanks. First mention of it i see is in v199, which we’re not on yet. I assume that was just the first release notes where that issue could be notated?