diff --git a/Packs/CommonPlaybooks/Playbooks/playbook-Ticket_Management_-_Generic.yml b/Packs/CommonPlaybooks/Playbooks/playbook-Ticket_Management_-_Generic.yml index 276ef7de23c0..393837e61430 100644 --- a/Packs/CommonPlaybooks/Playbooks/playbook-Ticket_Management_-_Generic.yml +++ b/Packs/CommonPlaybooks/Playbooks/playbook-Ticket_Management_-_Generic.yml @@ -63,6 +63,9 @@ tasks: description: complex: root: inputs.description + serviceNowAssignmentGroup: + complex: + root: inputs.serviceNowAssignmentGroup serviceNowCategory: complex: root: inputs.serviceNowCategory @@ -272,7 +275,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 0 isoversize: false isautoswitchedtoquietmode: false @@ -336,7 +339,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 0 isoversize: false isautoswitchedtoquietmode: false @@ -402,7 +405,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 0 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/CommonPlaybooks/ReleaseNotes/2_3_76.md b/Packs/CommonPlaybooks/ReleaseNotes/2_3_76.md new file mode 100644 index 000000000000..38d76ba2bc22 --- /dev/null +++ b/Packs/CommonPlaybooks/ReleaseNotes/2_3_76.md @@ -0,0 +1,5 @@ + +#### Playbooks + +##### Ticket Management - Generic +Added skip if unavailable for `setParentIncidentContext` tasks. diff --git a/Packs/CommonPlaybooks/pack_metadata.json b/Packs/CommonPlaybooks/pack_metadata.json index e64655c172b6..4f6997620f09 100644 --- a/Packs/CommonPlaybooks/pack_metadata.json +++ b/Packs/CommonPlaybooks/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Playbooks", "description": "Frequently used playbooks pack.", "support": "xsoar", - "currentVersion": "2.3.75", + "currentVersion": "2.3.76", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Core/Playbooks/playbook-Cloud_IAM_User_Access_Investigation.yml b/Packs/Core/Playbooks/playbook-Cloud_IAM_User_Access_Investigation.yml index 53c9ac22b5b8..9461f0e79296 100644 --- a/Packs/Core/Playbooks/playbook-Cloud_IAM_User_Access_Investigation.yml +++ b/Packs/Core/Playbooks/playbook-Cloud_IAM_User_Access_Investigation.yml @@ -837,7 +837,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 2 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/Playbooks/playbook-IOC_Alert.yml b/Packs/Core/Playbooks/playbook-IOC_Alert.yml index f84094e92a29..d18f8712f432 100644 --- a/Packs/Core/Playbooks/playbook-IOC_Alert.yml +++ b/Packs/Core/Playbooks/playbook-IOC_Alert.yml @@ -1164,7 +1164,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 2 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/Playbooks/playbook-Impossible_Traveler.yml b/Packs/Core/Playbooks/playbook-Impossible_Traveler.yml index 6bd1bdaa7e51..89413848e895 100644 --- a/Packs/Core/Playbooks/playbook-Impossible_Traveler.yml +++ b/Packs/Core/Playbooks/playbook-Impossible_Traveler.yml @@ -1119,7 +1119,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 2 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/Playbooks/playbook-Local_Analysis_alert_Investigation.yml b/Packs/Core/Playbooks/playbook-Local_Analysis_alert_Investigation.yml index 3968c0bd65ca..18fde98ea3c4 100644 --- a/Packs/Core/Playbooks/playbook-Local_Analysis_alert_Investigation.yml +++ b/Packs/Core/Playbooks/playbook-Local_Analysis_alert_Investigation.yml @@ -1946,7 +1946,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 2 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/Playbooks/playbook-NGFW_Internal_Scan.yml b/Packs/Core/Playbooks/playbook-NGFW_Internal_Scan.yml index 39ec2116a768..cce02630407c 100644 --- a/Packs/Core/Playbooks/playbook-NGFW_Internal_Scan.yml +++ b/Packs/Core/Playbooks/playbook-NGFW_Internal_Scan.yml @@ -673,7 +673,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 2 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/Playbooks/playbook-NGFW_Scan.yml b/Packs/Core/Playbooks/playbook-NGFW_Scan.yml index 74146208cb64..a18a3b201393 100644 --- a/Packs/Core/Playbooks/playbook-NGFW_Scan.yml +++ b/Packs/Core/Playbooks/playbook-NGFW_Scan.yml @@ -1307,7 +1307,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 2 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/Playbooks/playbook-Ransomware_Response.yml b/Packs/Core/Playbooks/playbook-Ransomware_Response.yml index 8c50a3a85731..e5acb60f71fd 100644 --- a/Packs/Core/Playbooks/playbook-Ransomware_Response.yml +++ b/Packs/Core/Playbooks/playbook-Ransomware_Response.yml @@ -1351,7 +1351,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 2 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/Playbooks/playbook-T1036_-_Masquerading.yml b/Packs/Core/Playbooks/playbook-T1036_-_Masquerading.yml index 80e818161857..90e20e6f0b46 100644 --- a/Packs/Core/Playbooks/playbook-T1036_-_Masquerading.yml +++ b/Packs/Core/Playbooks/playbook-T1036_-_Masquerading.yml @@ -1315,7 +1315,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 2 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/Playbooks/playbook-T1059_-_Command_and_Scripting_Interpreter.yml b/Packs/Core/Playbooks/playbook-T1059_-_Command_and_Scripting_Interpreter.yml index 4d75bfba6c07..e3aff314986e 100644 --- a/Packs/Core/Playbooks/playbook-T1059_-_Command_and_Scripting_Interpreter.yml +++ b/Packs/Core/Playbooks/playbook-T1059_-_Command_and_Scripting_Interpreter.yml @@ -1287,7 +1287,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 2 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/Playbooks/playbook-WildFire_Malware.yml b/Packs/Core/Playbooks/playbook-WildFire_Malware.yml index 82ab9d874a0b..0dd983f9777c 100644 --- a/Packs/Core/Playbooks/playbook-WildFire_Malware.yml +++ b/Packs/Core/Playbooks/playbook-WildFire_Malware.yml @@ -1755,7 +1755,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 2 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/Playbooks/playbook-XCloud_Cryptomining.yml b/Packs/Core/Playbooks/playbook-XCloud_Cryptomining.yml index e10c71991c0a..ac373c2492dc 100644 --- a/Packs/Core/Playbooks/playbook-XCloud_Cryptomining.yml +++ b/Packs/Core/Playbooks/playbook-XCloud_Cryptomining.yml @@ -98,7 +98,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 0 isoversize: false isautoswitchedtoquietmode: false diff --git a/Packs/Core/ReleaseNotes/1_4_3.md b/Packs/Core/ReleaseNotes/1_4_3.md new file mode 100644 index 000000000000..89e345a52a81 --- /dev/null +++ b/Packs/Core/ReleaseNotes/1_4_3.md @@ -0,0 +1,36 @@ + +#### Playbooks + +##### T1059 - Command and Scripting Interpreter +- Added skip if unavailable for `Set Incident Severity to High` task. + +##### IOC Alert +- Added skip if unavailable for `Set Incident Severity to High` task. + +##### Local Analysis alert Investigation +- Added skip if unavailable for `Set Incident Severity to High` task. + +##### T1036 - Masquerading +- Added skip if unavailable for `Set Incident Severity to High` task. + +##### Cloud IAM User Access Investigation +- Added skip if unavailable for `Set Incident Severity to High` task. + +##### Impossible Traveler Response +- Added skip if unavailable for `Set Incident Severity to High` task. + +##### XCloud Cryptojacking +- Added skip if unavailable for `Set Incident Severity to High` task. + +##### NGFW Scan +- Added skip if unavailable for `Set Incident Severity to High` task. + +##### NGFW Internal Scan +- Added skip if unavailable for `Set Incident Severity to High` task. + +##### WildFire Malware +- Added skip if unavailable for `Set Incident Severity to High` task. + +##### Ransomware Response +- Added skip if unavailable for `Set Incident Severity to High` task. + diff --git a/Packs/Core/pack_metadata.json b/Packs/Core/pack_metadata.json index b3b5233b0e59..8e8176ddb6ee 100644 --- a/Packs/Core/pack_metadata.json +++ b/Packs/Core/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Core - Investigation and Response", "description": "Automates incident response", "support": "xsoar", - "currentVersion": "1.4.2", + "currentVersion": "1.4.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management.yml b/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management.yml index a1fbf6932951..926f65873ebc 100644 --- a/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management.yml +++ b/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management.yml @@ -686,7 +686,7 @@ tasks: root: inputs.serviceNowCategory comments: complex: - root: inputs.Comment + root: inputs.CommentToAdd description: complex: root: inputs.description @@ -832,6 +832,11 @@ inputs: required: false description: 'Whether to open a new ticket or to add a new comment. Possible values: NewTicket/AddComment.' playbookInputQuery: +- key: serviceNowAssignmentGroup + value: {} + required: false + description: The group to which to assign the new ticket. + playbookInputQuery: outputs: - contextPath: ServiceNow.Ticket.ID description: ServiceNow Ticket ID. diff --git a/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management_README.md b/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management_README.md index b6676caed9f8..93812980af8d 100644 --- a/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management_README.md +++ b/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management_README.md @@ -39,6 +39,7 @@ This playbook does not use any scripts. | addCommentPerEndpoint | Whether to add a new comment to the ticket for each endpoint in the incident. Possible values: True/False. | True | Optional | | serviceNowShortDescription | A short description of the ticket. | | Optional | | Action | Whether to open a new ticket or to add a new comment. Possible values: NewTicket/AddComment. | | Optional | +| serviceNowAssignmentGroup | The group to which to assign the new ticket. | | Optional | ## Playbook Outputs diff --git a/Packs/ServiceNow/ReleaseNotes/2_5_29.md b/Packs/ServiceNow/ReleaseNotes/2_5_29.md new file mode 100644 index 000000000000..d0a214c83a14 --- /dev/null +++ b/Packs/ServiceNow/ReleaseNotes/2_5_29.md @@ -0,0 +1,5 @@ + +#### Playbooks + +##### ServiceNow - Ticket Management +- Added input `serviceNowAssignmentGroup` - This input determines the group to which to assign the new ticket. diff --git a/Packs/ServiceNow/pack_metadata.json b/Packs/ServiceNow/pack_metadata.json index 6c74cbef0b79..c882d46ab29a 100644 --- a/Packs/ServiceNow/pack_metadata.json +++ b/Packs/ServiceNow/pack_metadata.json @@ -2,7 +2,7 @@ "name": "ServiceNow", "description": "Use The ServiceNow IT Service Management (ITSM) solution to modernize the way you manage and deliver services to your users.", "support": "xsoar", - "currentVersion": "2.5.28", + "currentVersion": "2.5.29", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "",