[taxii2-server] - fix bug when creating relationships (#30725)

* [taxii2-server] - fix bug when creating relationships * bump rn * taxii2 server docker update * Empty-Commit * rn * add logs
demisto · Nov 19, 2023 · 928386a · 928386a
1 parent 0b5a3e3
commit 928386a
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 20 deletions.
diff --git a/Packs/TAXIIServer/Integrations/TAXII2Server/TAXII2Server.py b/Packs/TAXIIServer/Integrations/TAXII2Server/TAXII2Server.py
@@ -1410,30 +1410,40 @@ def create_entity_b_stix_objects(relationships: list[dict[str, Any]], iocs_value
     entity_b_objects: list[dict[str, Any]] = []
     entity_b_values = ""
     for relationship in relationships:
-        if relationship.get('CustomFields', {}).get('revoked', False):
-            continue
-        if (entity_b_value := relationship.get('entityB')) and entity_b_value not in iocs_value_to_id:
-            iocs_value_to_id[entity_b_value] = ""
-            entity_b_values += f'\"{entity_b_value}\" '
+        if relationship:
+            if relationship.get('CustomFields', {}).get('revoked', False):
+                continue
+            if (entity_b_value := relationship.get('entityB')) and entity_b_value not in iocs_value_to_id:
+                iocs_value_to_id[entity_b_value] = ""
+                entity_b_values += f'\"{entity_b_value}\" '
+        else:
+            demisto.debug(f'relationship is empty {relationship=}')
     if not entity_b_values:
         return entity_b_objects
 
-    found_indicators = demisto.searchIndicators(query=f'value:({entity_b_values})').get('iocs') or []
+    try:
+        found_indicators = demisto.searchIndicators(query=f'value:({entity_b_values})').get('iocs') or []
+    except AttributeError:
+        demisto.debug(f'Could not find indicators from using query value:({entity_b_values})')
+        found_indicators = []
 
     extensions_dict: dict = {}
     for xsoar_indicator in found_indicators:
-        xsoar_type = xsoar_indicator.get('indicator_type')
-        stix_ioc, extension_definition, extensions_dict = create_stix_object(xsoar_indicator, xsoar_type, extensions_dict)
-        if XSOAR_TYPES_TO_STIX_SCO.get(xsoar_type) in SERVER.types_for_indicator_sdo:
-            stix_ioc = convert_sco_to_indicator_sdo(stix_ioc, xsoar_indicator)
-        if SERVER.has_extension and stix_ioc:
-            entity_b_objects.append(stix_ioc)
-            if extension_definition:
-                extensions.append(extension_definition)
-        elif stix_ioc:
-            entity_b_objects.append(stix_ioc)
-
-        iocs_value_to_id[(get_stix_object_value(stix_ioc))] = stix_ioc.get('id')
+        if xsoar_indicator:
+            xsoar_type = xsoar_indicator.get('indicator_type')
+            stix_ioc, extension_definition, extensions_dict = create_stix_object(xsoar_indicator, xsoar_type, extensions_dict)
+            if XSOAR_TYPES_TO_STIX_SCO.get(xsoar_type) in SERVER.types_for_indicator_sdo:
+                stix_ioc = convert_sco_to_indicator_sdo(stix_ioc, xsoar_indicator)
+            if SERVER.has_extension and stix_ioc:
+                entity_b_objects.append(stix_ioc)
+                if extension_definition:
+                    extensions.append(extension_definition)
+            elif stix_ioc:
+                entity_b_objects.append(stix_ioc)
+        else:
+            demisto.debug(f"{xsoar_indicator=} is emtpy")
+
+            iocs_value_to_id[(get_stix_object_value(stix_ioc))] = stix_ioc.get('id') if stix_ioc else None
     demisto.debug(f"Generated {len(entity_b_objects)} STIX objects for 'entityB' values.")
     return entity_b_objects
 

diff --git a/Packs/TAXIIServer/Integrations/TAXII2Server/TAXII2Server.yml b/Packs/TAXIIServer/Integrations/TAXII2Server/TAXII2Server.yml
@@ -149,7 +149,7 @@ script:
     - contextPath: TAXIIServer.ServerInfo.description
       description: The server description.
       type: String
-  dockerimage: demisto/flask-nginx:1.0.0.79973
+  dockerimage: demisto/flask-nginx:1.0.0.80240
   longRunning: true
   longRunningPort: true
   script: '-'

diff --git a/Packs/TAXIIServer/ReleaseNotes/2_0_50.md b/Packs/TAXIIServer/ReleaseNotes/2_0_50.md
@@ -0,0 +1,7 @@
+
+#### Integrations
+
+##### TAXII2 Server
+
+- Fixed an issue where the integration failed to create indicator relationships that were not returned properly from xsoar.
+- Updated the Docker image to: *demisto/flask-nginx:1.0.0.80240*.
diff --git a/Packs/TAXIIServer/pack_metadata.json b/Packs/TAXIIServer/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "TAXII Server",
     "description": "This pack provides TAXII Services for system indicators (Outbound feed).",
     "support": "xsoar",
-    "currentVersion": "2.0.49",
+    "currentVersion": "2.0.50",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",