Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Trend micro vision one (#30157) * removed microsocks Potentially harmful * imported urllib3 and removed reference to requests.packages. Updated release notes and TrendMicroVisionOne.yml * added action to add file entry from incident to sandbox and action to get result of file entry analysis status * removed redundant action to check sandbox submission status * added polling command for sandbox submissions * added unit tests for file entry to sandbox and polling for sandbox submissions * added unit tests for submit file entry and sandbox polling command * updated yml to include submit-file-entry-to-sandbox and run-sandbox-submission-polling * Update README.md Added hints for command execution order * Update README.md Updated Notes for better readability. * Update README.md Updated README.md for better readability. * updated release notes to indicate addition of submit file entry to sandbox and sandbox submission polling command * formatted files per XSOAR standards * Added command examples for V2 actions * added test_data folder containing example responses * Update README.md Added link to supported file types in submit file to sandbox and submit file entry to sandbox. * removed unused mock test case for submit file entry to sandbox and test_data folder with mock responses * Added submit file entry to sandbox and run sandbox submission polling and their respective unit tests and command_examples * added demosti.patch.object to get custom data for demisto.getFilePath in submit file entry to sandbox * updated polling comamnd per XSOAR standards and updated YAML to include polling in sandbox submissing polling command root * TrendMicroVisionOne_description * updated sandbox submission command example to include polling arg * updated yml to include polling in root of sandbox submission polling * removed unused variable declarations * updated doc string for sandbox submission polling * updated min server version to 6.2.0 in sandbox polling unit test * updated if check to differentiate between cmd instead of args * added dbotscore for sandbox submissions status and sandbox polling commands * added doc string for dbot severity helper function * Updated Vendor Name to match integration pack * updated risk to look for obj instead of str and updated release notes and updated docker image version * added dbotscore to VisionOne context data and updated YML and README.md accordingly * small context output fix * Update 1_3_0.md * updated description in YML for V3. * added pagination for suspicious/exception list as well as endpoint info and fetch incidents * updated unit test for endpoint info * updated README.md to reflect name change for 3 context outputs in get endpoint info * reverted change for get endpoint info to ensure backwards compatibility * updated docker python image in release notes * Update docker image. * Update RN. * Remove main function from unit test coverage. * corrected delete from suspicious list endpoint * updated docker image to latest per circleci test * fixed precommit error of implicitly concatenated string in regex for macaddress validation * fixed precommit error of implicitly concatenated string in regex for ipv6 validation * updated Release Notes * Add pytmv1 devdemisto image for testing * updated all actions to use pytmv1 library * added 2 new actions (get alert details and submit urls to sandbox) * updated to declare pytmv1 directly in actions instead of passing in action calls * removed commented code for pytmv1 initialization. * updated actions using pytmv1 library * added variable names for replace args and updated isolate and restore endpoint table vars * updated yml for all actions and added return_error condition for all actions * removed unused message vars * updated unit tests and added test_data folder with mock responses. * updated check_task_status unit test with correct params * updated base url for unit tests * updated var declarations to compatible union type * ran format command to format yml file * updated release notes * validated yml file * added missing default value for polling * removed commented code and wrapped digest values * added endpoint and email activity data actions and their fetch count helper functions respectively. * added unit tests for endpoint and email activity data * updated yml to include context outputs for endpoint and email activity data, added respective command examples and updated README.md * updated get_activity_data_count param for respective actions * updated README.md * added severity filter to fetch incidents * added dbotMirrorId and details to incident, added 'any' option for incident severity types and updated yml file for incidentSeverity. * added any string literal with var * updated README.md to indicate addition of 2 new actions. * updated docstrings and added comments * added comments for workbench histories and updated status check to include task class type to fetch the final task response. * removed unused vars * formatted and validated yml and README.md * updated yml for exception and suspicious list actions to correct the context outputs and updated README.md to match * updated docker image to match demsito-docker image and updated relase notes per demisto XSOAR standards. * added tmv1 url and various IPs to secrets-ignore. * updated return type for get_task_type * updated test connectivity and updated self.app reference to APP_NAME variable. * updated yml and generated new README.md * updated file path default value * updated command_examples and updated args to reference collect_files variable in collect_file action * updated yml and generated new readme, also ran command to update release notes with -bc flag * fixed submit file to sandbox unit test * Update docker image in TrendMicroVisionOneV3.yml * added breaking changes details to ReleaseNotes->4_0_0.json * Update 4_0_0.md * corrected breaking changes json file * enabled network for docker unit tests and added type:ignore for poll_time_sec * updated docker image tag to 0.6.2.79742 * updated context output for sandbox submission polling to remove report_id duplicate and replace with type. * updated 32 unit tests and added email and endpoint activity actions * corrected submit_file_to_sandbox unit test * updated yml and README.md * removed commented out code for test get endpoint information * updated endpoint and email activity data count command names and updated yml and README * added missing white space for table heading * fixed import for endpoint and email activity data * updated secretes-ignore list * updated unit test for get_endpoint_info and update dockerimage to newest. * removed top var from endpoint and email activity data count actions and updated yml and README.md accordingly. * fixed docker image tag in release notes * corrected remaining Ruff errors * added if check for str to use json loads and added input examples. Added isArray for context inputs and also updated README.md accordingly. * Added query op detailed description and examples. * replaced str if check and replaced with in-built safe_load_json method. * updated docker image to latest * Update 4_0_0.md * fixed fetch incident bug where duplicates were fetched because end date was not being set correctly. --------- Co-authored-by: yaakovpraisler <ypreisler@paloaltonetworks.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Danny_Fried <dfried@paloaltonetworks.com> Co-authored-by: Kobbi Gal <85439776+kgal-pan@users.noreply.github.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> * remove pass * update docker --------- Co-authored-by: shaqnawe <shaktishah40@gmail.com> Co-authored-by: yaakovpraisler <ypreisler@paloaltonetworks.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Danny_Fried <dfried@paloaltonetworks.com> Co-authored-by: Kobbi Gal <85439776+kgal-pan@users.noreply.github.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: ilappe <ilappe@paloaltonetworks.com>
- Loading branch information