[EWS Extension Online Powershell v3] Fix issue with human_readable re…

…sponse in the Tenant Allow/Block Lists commands (#33780) * update * fix README.md * Update Packs/MicrosoftExchangeOnline/ReleaseNotes/1_3_1.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Bump pack from version MicrosoftExchangeOnline to 1.3.2. --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com>
demisto · Apr 7, 2024 · 4b256fb · 4b256fb
1 parent a7e9f15
commit 4b256fb
Show file tree

Hide file tree

Showing 4 changed files with 59 additions and 28 deletions.
diff --git a/...ftExchangeOnline/Integrations/EwsExtensionEXOPowershellV3/EwsExtensionEXOPowershellV3.ps1 b/...ftExchangeOnline/Integrations/EwsExtensionEXOPowershellV3/EwsExtensionEXOPowershellV3.ps1
@@ -1351,9 +1351,14 @@ function EXONewTenantAllowBlockListCommand
     $raw_response = $client.EXONewTenantAllowBlockList(
         $entries, $list_type, $list_subtype, $action, $notes, $no_expiration, $expiration_date
     )
-    $human_readable = TableToMarkdown $raw_response "Results of $command"
-    $entry_context = @{ "$script:INTEGRATION_ENTRY_CONTEXT.NewTenantBlocks" = $raw_response }
-    Write-Output $human_readable, $entry_context, $raw_response
+    if($raw_response -eq $null){
+        Write-Output "No Tenant Allow/Block List items were found."
+    }
+    else{
+        $human_readable = TableToMarkdown $raw_response "Results of $command"
+        $entry_context = @{ "$script:INTEGRATION_ENTRY_CONTEXT.NewTenantBlocks" = $raw_response }
+        Write-Output $human_readable, $entry_context, $raw_response
+    }
 
 }
 
@@ -1373,9 +1378,14 @@ function EXOGetTenantAllowBlockListCommand
     $raw_response = $client.EXOGetTenantAllowBlockList(
         $entry, $list_type, $list_subtype, $action, $no_expiration, $expiration_date
     )
-    $human_readable = TableToMarkdown $raw_response "Results of $command"
-    $entry_context = @{ "$script:INTEGRATION_ENTRY_CONTEXT.CurrentTenantBlocks" = $raw_response }
-    Write-Output $human_readable, $entry_context, $raw_response
+    if($raw_response -eq $null){
+        Write-Output "No Tenant Allow/Block List items were found."
+    }
+    else{
+        $human_readable = TableToMarkdown $raw_response "Results of $command"
+        $entry_context = @{ "$script:INTEGRATION_ENTRY_CONTEXT.CurrentTenantBlocks" = $raw_response }
+        Write-Output $human_readable, $entry_context, $raw_response
+    }
 }
 
 function EXOCountTenantAllowBlockListCommand
@@ -1393,9 +1403,14 @@ function EXOCountTenantAllowBlockListCommand
         ListSubType = $list_subtype
         Count = $m.Count
     }
-    $human_readable = TableToMarkdown $raw_response "Results of $command"
-    $entry_context = @{ "$script:INTEGRATION_ENTRY_CONTEXT.CurrentListCount" = $raw_response }
-    Write-Output $human_readable, $entry_context, $raw_response
+    if($raw_response -eq $null){
+        Write-Output "No Tenant Allow/Block List items were found."
+    }
+    else{
+        $human_readable = TableToMarkdown $raw_response "Results of $command"
+        $entry_context = @{ "$script:INTEGRATION_ENTRY_CONTEXT.CurrentListCount" = $raw_response }
+        Write-Output $human_readable, $entry_context, $raw_response
+    }
 
 }
 
@@ -1417,9 +1432,14 @@ function EXORemoveTenantAllowBlockListCommand
     $raw_response = $client.EXORemoveTenantAllowBlockList(
         $entries, $ids, $list_type, $list_subtype
     )
-    $human_readable = TableToMarkdown $raw_response "Results of $command"
-    $entry_context = @{ "$script:INTEGRATION_ENTRY_CONTEXT.RemovedTenantBlocks" = $raw_response }
-    Write-Output $human_readable, $entry_context, $raw_response
+    if($raw_response -eq $null){
+        Write-Output "No Tenant Allow/Block List items were found."
+    }
+    else{
+        $human_readable = TableToMarkdown $raw_response "Results of $command"
+        $entry_context = @{ "$script:INTEGRATION_ENTRY_CONTEXT.RemovedTenantBlocks" = $raw_response }
+        Write-Output $human_readable, $entry_context, $raw_response
+    }
 
 }
 

diff --git a/Packs/MicrosoftExchangeOnline/Integrations/EwsExtensionEXOPowershellV3/README.md b/Packs/MicrosoftExchangeOnline/Integrations/EwsExtensionEXOPowershellV3/README.md
@@ -465,9 +465,9 @@ Official PowerShell cmdlet documentation [here](https://docs.microsoft.com/en-us
 #### Human Readable Output
 
 >### Results of ews-new-tenant-allow-block-list-items
-| Action | EntryValueHash | Error | ExpirationDate | Identity | LastModifiedDateTime | ListSubType | ModifiedBy | Notes | ObjectState | PSComputerName | PSShowComputerName | RunspaceId | SubmissionID | SysManaged | Value
-| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | ---
-| Block | d568L6iokOxrYqB2L1CxcKy6S6A/tCDoQQJal33AFWo= |  | \{"value":"2022\-06\-15T19:34:01.2028448Z","DateTime":"Wednesday, June 15, 2022 7:34:01 PM"\} | RgAAAAAuoyIuRcZsTKgZbIQyJWZUBwA02rlnO0nOR5RO\-QI\-xRP9AAAAAAEVAAA02rlnO0nOR5RO\-QI\-xRP9AAADfzPiAAAA0 | \{"value":"2022\-05\-16T19:34:01.2652934Z","DateTime":"Monday, May 16, 2022 7:34:01 PM"\} | Tenant |  | Email observed in a phishing campaign. | New | outlook.office365.com | false | \{"value":"8f736b87\-f951\-4b6b\-aa21\-e358720c44e3","Guid":"8f736b87\-f951\-4b6b\-aa21\-e358720c44e3"\} |  | false | attacker@phishingsite.com
+>| Action | EntryValueHash | Error | ExpirationDate | Identity | LastModifiedDateTime | ListSubType | ModifiedBy | Notes | ObjectState | PSComputerName | PSShowComputerName | RunspaceId | SubmissionID | SysManaged | Value
+>| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | ---
+>| Block | d568L6iokOxrYqB2L1CxcKy6S6A/tCDoQQJal33AFWo= |  | \{"value":"2022\-06\-15T19:34:01.2028448Z","DateTime":"Wednesday, June 15, 2022 7:34:01 PM"\} | RgAAAAAuoyIuRcZsTKgZbIQyJWZUBwA02rlnO0nOR5RO\-QI\-xRP9AAAAAAEVAAA02rlnO0nOR5RO\-QI\-xRP9AAADfzPiAAAA0 | \{"value":"2022\-05\-16T19:34:01.2652934Z","DateTime":"Monday, May 16, 2022 7:34:01 PM"\} | Tenant |  | Email observed in a phishing campaign. | New | outlook.office365.com | false | \{"value":"8f736b87\-f951\-4b6b\-aa21\-e358720c44e3","Guid":"8f736b87\-f951\-4b6b\-aa21\-e358720c44e3"\} |  | false | attacker@phishingsite.com
 
 
 
@@ -543,10 +543,10 @@ Official PowerShell cmdlet documentation [here](https://docs.microsoft.com/en-us
 ```
 
 #### Human Readable Output
-### Results of ews-get-tenant-allow-block-list-items
-| Action | EntryValueHash | Error | ExpirationDate | Identity | LastModifiedDateTime | ListSubType | ModifiedBy | Notes | ObjectState | PSComputerName | PSShowComputerName | RunspaceId | SubmissionID | SysManaged | Value
-| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | ---
-| Block | d568L6iokOxrYqB2L1CxcKy6S6A/tCDoQQJal33AFWo= |  | \{"value":"2022\-06\-15T19:34:01.2028448Z","DateTime":"Wednesday, June 15, 2022 7:34:01 PM"\} | RgAAAAAuoyIuRcZsTKgZbIQyJWZUBwA02rlnO0nOR5RO\-QI\-xRP9AAAAAAEVAAA02rlnO0nOR5RO\-QI\-xRP9AAADfzPiAAAA0 | \{"value":"2022\-05\-16T19:34:01.2652934Z","DateTime":"Monday, May 16, 2022 7:34:01 PM"\} | Tenant |  | Email observed in a phishing campaign. | Unchanged | outlook.office365.com | false | \{"value":"feada07c\-99b7\-48e9\-a562\-a755073522ff","Guid":"feada07c\-99b7\-48e9\-a562\-a755073522ff"\} |  | false | attacker@phishingsite.com
+>### Results of ews-get-tenant-allow-block-list-items
+>| Action | EntryValueHash | Error | ExpirationDate | Identity | LastModifiedDateTime | ListSubType | ModifiedBy | Notes | ObjectState | PSComputerName | PSShowComputerName | RunspaceId | SubmissionID | SysManaged | Value
+>| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | ---
+>| Block | d568L6iokOxrYqB2L1CxcKy6S6A/tCDoQQJal33AFWo= |  | \{"value":"2022\-06\-15T19:34:01.2028448Z","DateTime":"Wednesday, June 15, 2022 7:34:01 PM"\} | RgAAAAAuoyIuRcZsTKgZbIQyJWZUBwA02rlnO0nOR5RO\-QI\-xRP9AAAAAAEVAAA02rlnO0nOR5RO\-QI\-xRP9AAADfzPiAAAA0 | \{"value":"2022\-05\-16T19:34:01.2652934Z","DateTime":"Monday, May 16, 2022 7:34:01 PM"\} | Tenant |  | Email observed in a phishing campaign. | Unchanged | outlook.office365.com | false | \{"value":"feada07c\-99b7\-48e9\-a562\-a755073522ff","Guid":"feada07c\-99b7\-48e9\-a562\-a755073522ff"\} |  | false | attacker@phishingsite.com
 
 
 ### ews-get-tenant-allow-block-list-count
@@ -589,10 +589,10 @@ Official PowerShell cmdlet documentation [here](https://docs.microsoft.com/en-us
 ```
 
 #### Human Readable Output
-### Results of ews-get-tenant-allow-block-list-count
-| Count | ListSubType | ListType
-| --- | --- | ---
-| 2 | Tenant | sender
+>### Results of ews-get-tenant-allow-block-list-count
+>| Count | ListSubType | ListType
+>| --- | --- | ---
+>| 2 | Tenant | sender
 
 
 ### ews-remove-tenant-allow-block-list-items
@@ -662,10 +662,10 @@ Official PowerShell cmdlet documentation [here](https://docs.microsoft.com/en-us
 ```
 
 #### Human Readable Output
-### Results of ews-remove-tenant-allow-block-list-items
-| Action | EntryValueHash | Error | ExpirationDate | Identity | LastModifiedDateTime | ListSubType | ModifiedBy | Notes | ObjectState | PSComputerName | PSShowComputerName | RunspaceId | SubmissionID | SysManaged | Value
-| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | ---
-| 0 |  |  |  |  |  |  |  |  | Deleted | outlook.office365.com | false | \{"value":"cd58060e\-d033\-4cdb\-814e\-9f9748fdf78c","Guid":"cd58060e\-d033\-4cdb\-814e\-9f9748fdf78c"\} |  |  | attacker@phishingsite.com
+>### Results of ews-remove-tenant-allow-block-list-items
+>| Action | EntryValueHash | Error | ExpirationDate | Identity | LastModifiedDateTime | ListSubType | ModifiedBy | Notes | ObjectState | PSComputerName | PSShowComputerName | RunspaceId | SubmissionID | SysManaged | Value
+>| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | ---
+>| 0 |  |  |  |  |  |  |  |  | Deleted | outlook.office365.com | false | \{"value":"cd58060e\-d033\-4cdb\-814e\-9f9748fdf78c","Guid":"cd58060e\-d033\-4cdb\-814e\-9f9748fdf78c"\} |  |  | attacker@phishingsite.com
 
 
 ### ews-junk-rules-get

diff --git a/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_3_2.md b/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_3_2.md
@@ -0,0 +1,11 @@
+
+
+#### Integrations
+
+##### EWS Extension Online Powershell v3
+
+Fixed an issue where the following commands returned an error when no response was received:
+- ***ews-new-tenant-allow-block-list-items***
+- ***ews-get-tenant-allow-block-list-items***
+- ***ews-get-tenant-allow-block-list-count***
+- ***ews-remove-tenant-allow-block-list-items*** 
diff --git a/Packs/MicrosoftExchangeOnline/pack_metadata.json b/Packs/MicrosoftExchangeOnline/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Microsoft Exchange Online",
     "description": "Exchange Online and Office 365 (mail)",
     "support": "xsoar",
-    "currentVersion": "1.3.1",
+    "currentVersion": "1.3.2",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",