Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Mitre indicators by open incidents bug fix (#28530) * bug fix and UT * bug fix and UT * bug fix and UT * fix syntax error sdk nightly (#28516) * YR/PAN-OS-Policy-Optimizer-V10.2.0/XSUP-25940/CIAC-7392 (#28408) * basic fix * fix for new version * add test * readme * readme * ReleaseNotes * docker * modify 3 commands to fit to panorama * explanation * add test * fix * readme * readme and yml description * add unit test * add unit test * format unit test * add unit test * fix unit test * fix test * syntax * docker * fix typo * Apply suggestions from Shirley Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * CR --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Jira V3 - Update docs (#28506) * Updated docs, added RNs * Dod review * Packs/GSuiteAdmin.py: added user signout command (#28278) * Packs/GSuiteAdmin.py: added user signout command (#28040) * Packs/GSuiteAdmin.py: added user signout command Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GSuiteAdmin: unit test + release notes Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GSuiteAdmin: added command to the yml Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GSuiteAdmin/playbook-GSuiteAdmin-Test.yml: added user-signout Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GSuiteAdmin/ERADME.md: added docs Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GSuiteAdmin/playbook-test: format Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GoogleDrive: added use_domain_admin_access flag Added use_domain_admin_access to get list of permissions of shared drives. Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GoogleDrive: update readme Signed-off-by: Gal Nakash <gal@recolabs.ai> Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GoogleDrive: update release notes Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GoogleDrive: fix lint Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GoogleDrive: run pre commit Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GoogleDrive: fix lint Signed-off-by: Gal Nakash <gal@recolabs.ai> * Packs/GoogleDrive: bump version Signed-off-by: Gal Nakash <gal@recolabs.ai> * Update Packs/GoogleDrive/Integrations/GoogleDrive/README.md Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GoogleDrive/ReleaseNotes/1_2_37.md Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> --------- Signed-off-by: Gal Nakash <gal@recolabs.ai> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Updated the Docker image * memory_threshold upgrade * remove changes in the playbook * Revert "remove changes in the playbook" This reverts commit 43e7c64b88173a4955f79b364adf7f97210a0393. * use_domain_admin_access adding default * Bump pack from version GoogleDrive to 1.2.38. * fix test playbook * docker image * fixing memory_threshold --------- Signed-off-by: Gal Nakash <gal@recolabs.ai> Co-authored-by: GalNakash-RecoLabs <71227802+GalNakash-RecoLabs@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> * Added ignore for image in readme (#28536) * [ASM] EXPANDR - 4367-8 (#28269) (#28534) * first draft * unit tests done * typo and truth table * sdk pre-commit * add boolean key * field/RPR play boolean changes * boolean->results_readable and fix RPR * devcheckdetails to RemediationPathRuleEvaluation * Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_6_26.md Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> * [Marketplace Contribution] Okta v2 (#28453) * [Marketplace Contribution] Okta v2 (#27823) * "pack contribution initial commit" * Added RNs * Added advanced_search argument to okta-search command * Fixed RN * Added information to README file * Fixed documentation, and deleted demisto.log * Removed useless expression Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: Anas Yousef <44998563+anas-yousef@users.noreply.github.com> * Update Docker Image To demisto/py3-tools (#28545) * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Update Docker Image To demisto/taxii-server (#28548) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Update Docker Image To demisto/keeper-ksm (#28549) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/pyjwt3 (#28547) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Update Docker Image To demisto/azure-kusto-data (#28550) * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Update Docker Image To demisto/fp-smc (#28551) * Updated Metadata Of Pack ForcepointSecurityManagementCenter * Added release notes to pack ForcepointSecurityManagementCenter * Packs/ForcepointSecurityManagementCenter/Integrations/ForcepointSecurityManagementCenter/ForcepointSecurityManagementCenter.yml Docker image update * Update Docker Image To demisto/python3 (#28544) * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack FeedSOCRadarThreatFeed * Added release notes to pack FeedSOCRadarThreatFeed * Packs/FeedSOCRadarThreatFeed/Integrations/FeedSOCRadarThreatFeed/FeedSOCRadarThreatFeed.yml Docker image update * Updated Metadata Of Pack TeamViewer * Added release notes to pack TeamViewer * Packs/TeamViewer/Integrations/TeamViewerEventCollector/TeamViewerEventCollector.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack Palo_Alto_Networks_Enterprise_DLP * Added release notes to pack Palo_Alto_Networks_Enterprise_DLP * Packs/Palo_Alto_Networks_Enterprise_DLP/Integrations/Palo_Alto_Networks_Enterprise_DLP/Palo_Alto_Networks_Enterprise_DLP.yml Docker image update * Updated Metadata Of Pack Twitter * Added release notes to pack Twitter * Packs/Twitter/Integrations/Twitterv2/Twitterv2.yml Docker image update * Updated Metadata Of Pack CyberTriage * Added release notes to pack CyberTriage * Updated Metadata Of Pack Automox * Added release notes to pack Automox * Packs/Automox/Integrations/Automox/Automox.yml Docker image update * Updated Metadata Of Pack Rapid7_Nexpose * Added release notes to pack Rapid7_Nexpose * Packs/Rapid7_Nexpose/Integrations/Rapid7_Nexpose/Rapid7_Nexpose.yml Docker image update * Updated Metadata Of Pack EclecticIQ * Added release notes to pack EclecticIQ * Packs/EclecticIQ/Integrations/EclecticIQv2/EclecticIQv2.yml Docker image update * Update Docker Image To demisto/sixgill (#28553) * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/devo (#28552) * Updated Metadata Of Pack Devo * Added release notes to pack Devo * Packs/Devo/Integrations/Devo_v2/Devo_v2.yml Docker image update * Update Docker Image To demisto/crypto (#28546) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphIdentityandAccess * Added release notes to pack MicrosoftGraphIdentityandAccess * Packs/MicrosoftGraphIdentityandAccess/Integrations/MicrosoftGraphIdentityandAccess/MicrosoftGraphIdentityandAccess.yml Docker image update * CIAC 7515 - prisma cloud - fix Nonetype in scan images command (#28474) * fixed null values * pre-commit * Containment and eradication plan (#28071) * New containment plan and eradication plan playbooks. * New containment plan and eradication plan playbooks. * RN for new containment plan and eradication plan playbooks. * fix validation error * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix validation error * fix validation error * New outputs were added for the objects that were contained and eradicated. * fix - RN conflict * fix - RN conflict * Bump pack from version CommonPlaybooks to 2.3.81. * removed comparison between inputs and incident context to decide whether to perform a containment action * fix after review. add process termination by PID to Eradication PLAN * RN after fix after review. add process termination by PID to Eradication PLAN * fix after review. * add pair to file hash and file path for quarantine file * RN after added pair to file hash and file path for quarantine file * Bump pack from version CommonPlaybooks to 2.3.83. * changed playbooks description * changed playbooks description removed --- --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Update Docker Image To demisto/python3 (#28541) * Updated Metadata Of Pack PhishTank * Added release notes to pack PhishTank * Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2.yml Docker image update * Updated Metadata Of Pack XForceExchange * Added release notes to pack XForceExchange * Packs/XForceExchange/Integrations/XFE_v2/XFE_v2.yml Docker image update * Updated Metadata Of Pack AlienVault_OTX * Added release notes to pack AlienVault_OTX * Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.yml Docker image update * Updated Metadata Of Pack CrowdStrikeFalconX * Added release notes to pack CrowdStrikeFalconX * Packs/CrowdStrikeFalconX/Integrations/CrowdStrikeFalconX/CrowdStrikeFalconX.yml Docker image update * Updated Metadata Of Pack URLHaus * Added release notes to pack URLHaus * Packs/URLHaus/Integrations/URLHaus/URLHaus.yml Docker image update * Bump certifi from 2023.5.7 to 2023.7.22 (#28503) Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.5.7 to 2023.7.22. - [Commits](https://github.com/certifi/python-certifi/compare/2023.05.07...2023.07.22) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * logger.error instead of info on invalid test (#28444) * [MicrosoftTeams] update docs (#28529) * update docs * mypy err * mypy err * mypy err * pre-commit + updated docker * Date time now to epoch (#28554) * Date time now to epoch (#28310) * Test commit * Revert test commit * Initial commit * Update release notes * Add context key output and update release notes * Update release notes * Add SetContext and change demisto.results to return_results * Update release notes * Update docker image version --------- Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * val errors fixed --------- Co-authored-by: Josh Levine <76795471+TerminalFin@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> * added content gitlab ci to vars for lint uses (#28367) * added content gitlab ci to vars * Add RDP cache use-case files (#26053) * Add content for RDP cache hunting usecase * Add updated playbook * Add updated playbook * Fix context keys name * fix bug with display rdp image * Fix tag for display rdp image * Fix validation errors * Resolved conflicts * Add README for automation script * split automation scripts according to structure * Add pack name as prefix to incident fields * Update to CI by new pre-commit ruff * Fix linting errors * Update Docker image * Move RDP scripts to commonScripts pack * Remove scripts from RDP pack, moved to commonScripts pack * Add BMCTool unitests * Add BMCTool unitests * Fix linter errors * Remove dup StringSifter files * Fix validation errors * Remove script for displaying RDP image, implemented in playbook instead * Fix validation error for missing field * Add unitests * Update script and args names * Fix validation and linting errors * Fix format and validation * Update stringSimilarity task, removed old way to display image * Fix some review comments * Fix some review comments * Modified command output to use CommandResults * Modified command outputs to use CommandResults * Fix review comments and updated ifelse logic * Fix validation and lint errors * Fix liner errors * Fix validation errors * Fix validation errors * Fix duplicate 'description' key * Remove duplicate description field * Update docker image version tag * Update image filename to fix validation error * Fix validation errors * Fix validation errors * Fix validation error * Add unitests * Fix linting error * Fix Linting errors * Fix validation errors * Update release notes * Update release notes * Fix mismatch fromversion value * Fix validation errors * Fix validation error * Fix validation error for missing pack readme * Bump pack from version CommonScripts to 1.11.90. * Fix linting errors * Improve unitests * Improve unitests * Improve unitests * Update Packs/CommonScripts/Scripts/StringSimilarity/StringSimilarity.py Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> * Fix long lines * Bump pack from version CommonScripts to 1.11.91. * Bump pack from version CommonScripts to 1.11.92. * Fix layout validation errors * Added retry for safety * Fix validation error due to wrong fields IDs * Fix broken bmp format * Update playbook docs * Update release notes * Update docker image tag * Ignore long lines as shortening them breaks the code * Fix dynamic-section results * Fix validation * Bump pack from version CommonScripts to 1.11.94. * Bump pack from version CommonScripts to 1.11.95. * Bump pack from version CommonScripts to 1.11.96. * Bump pack from version CommonScripts to 1.11.97. * Fix bug not adding indicators types to list * Bump pack from version CommonScripts to 1.11.98. * Bump pack from version CommonScripts to 1.11.99. * Fix font size * Fix issue with stringSimilarity table, Add stringSifter automation * Fix similarity threshold * Fix IndicatorsTypes dynamic section to use context instead of list * Add missing IndicatorTypes * Update release notes * removed unused playbook * Update release notes * Bump pack from version CommonScripts to 1.12.3. * Remove unused test data * Bump pack from version CommonScripts to 1.12.4. * Bump pack from version CommonScripts to 1.12.5. * Fix review comments, removed unneeded PB image and fix script's readme * Improve name according to review comment * Fix review comments of wrong indicators query for new indicator types * Fix review comments * Changed script to save file as png * Improved output file name * Improved readme based on review comments * Update review comments * Fix review comments * Fix review comments * Fix review comments * Update timeout and retries * Bump pack from version CommonScripts to 1.12.6. * Update Packs/CommonScripts/ReleaseNotes/1_12_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/ReleaseNotes/1_12_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/ReleaseNotes/1_12_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/BMCTool/BMCTool.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/BMCTool/BMCTool.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/RDPCacheHunting/ReleaseNotes/1_0_1.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/RDPCacheHunting/ReleaseNotes/1_0_1.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/RDPCacheHunting/ReleaseNotes/1_0_1.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/RDPCacheHunting/ReleaseNotes/1_0_1.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/RDPCacheHunting/Scripts/SetRDPOverallScore/SetRDPOverallScore.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/BMCTool/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/BMCTool/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/StringSimilarity/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/StringSimilarity/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/StringSimilarity/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/StringSimilarity/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/StringSimilarity/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/StringSimilarity/StringSimilarity.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update README.md * Update Packs/RDPCacheHunting/Playbooks/playbook-RDP_Bitmap_Cache_-_Detect_and_Hunt.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Fix validation errors * Fix Validation errors and docs review comment * Fix validation errors * Fix validation errors, update docker image * Fix validation errors, update docker image * Fix docs review comments * Fix validation errors * Fix validation errors * Fix validation errors * Fix failing unitests * Fix linter errors * Fix linter errors * Fix unitests coverage * Add unitests * Fix linter errors * Fix linter errors * Bump pack from version CommonScripts to 1.12.7. * Improve unitests coverage * Add unitests coverage * Improved unitests coverage * Fix validation errors * Fix unitests errors * Fix errors * Fix unitests errors --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Parsing rules fix filter 8 (#28448) * Updated parsing rules for JuniperSRX * Removed extra // from the comment and added release note * Added filter to SonicWallNSvParsingRules * Added release note to SonicWallNSvParsingRules * Added release note to SonicWallNSvParsingRules * Added filter to Tenable_ioParsingRules * Added release note to Tenable_ioParsingRules * Update Packs/Tenable_io/ReleaseNotes/2_1_10.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/JuniperSRX/ReleaseNotes/1_0_9.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/SonicWallNSv/ReleaseNotes/1_0_1.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Modified Tenable_io ParsingRules. * Added filter to juniper srx * Added filter to juniper srx --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * restore (#28561) * remove non ignorable errors (#28324) * remove non ignorable errors * remove auto-test errors * Update .pack-ignore * Update .pack_ignore * remove commas * Update .pack-ignore * Update .pack-ignore * Update .pack-ignore --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Improved SDK release GitHub action (#28234) * improved sdk release GitHub action * fixed the variables * echo input variable * add apostrophes * echo release changes * echo * pr_body variable * pr_body printf * changed body * Update Docker Image To demisto/googleapi-python3 (#28584) * Updated Metadata Of Pack GoogleSheets * Added release notes to pack GoogleSheets * Packs/GoogleSheets/Integrations/GoogleSheets/GoogleSheets.yml Docker image update * Update Docker Image To demisto/boto3py3 (#28581) * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Update Docker Image To demisto/crypto (#28583) * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack AzureFirewall * Added release notes to pack AzureFirewall * Packs/AzureFirewall/Integrations/AzureFirewall/AzureFirewall.yml Docker image update * Update Docker Image To demisto/py3-tools (#28582) * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/python3 (#28580) * Updated Metadata Of Pack Lumu * Added release notes to pack Lumu * Packs/Lumu/Integrations/Lumu/Lumu.yml Docker image update * Updated Metadata Of Pack Wiz * Added release notes to pack Wiz * Packs/Wiz/Integrations/Wiz/Wiz.yml Docker image update * Updated Metadata Of Pack FortinetFortiwebVM * Added release notes to pack FortinetFortiwebVM * Packs/FortinetFortiwebVM/Integrations/FortinetFortiwebVM/FortinetFortiwebVM.yml Docker image update * Updated Metadata Of Pack InfobloxBloxOne * Added release notes to pack InfobloxBloxOne * Packs/InfobloxBloxOne/Integrations/InfobloxBloxOneThreatDefenseEventCollector/InfobloxBloxOneThreatDefenseEventCollector.yml Docker image update * Packs/InfobloxBloxOne/Integrations/InfobloxBloxOneThreatDefense/InfobloxBloxOneThreatDefense.yml Docker image update * Updated Metadata Of Pack PicusNGAutomation * Added release notes to pack PicusNGAutomation * Packs/PicusNGAutomation/Integrations/PicusNG/PicusNG.yml Docker image update * Updated Metadata Of Pack SkyhighSecurity * Added release notes to pack SkyhighSecurity * Packs/SkyhighSecurity/Integrations/SkyhighSecurity/SkyhighSecurity.yml Docker image update * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack WALLIXBastion * Added release notes to pack WALLIXBastion * Packs/WALLIXBastion/Integrations/WAB/WAB.yml Docker image update * Updated Metadata Of Pack CounterCraft * Added release notes to pack CounterCraft * Packs/CounterCraft/Integrations/CounterCraft/CounterCraft.yml Docker image update * Update Docker Image To demisto/py42 (#28585) * Updated Metadata Of Pack Code42 * Added release notes to pack Code42 * Packs/Code42/Integrations/Code42/Code42.yml Docker image update * Update Docker Image To demisto/python3 (#28574) * Updated Metadata Of Pack CrowdStrikeIntel * Added release notes to pack CrowdStrikeIntel * Packs/CrowdStrikeIntel/Integrations/CrowdStrikeFalconIntel_v2/CrowdStrikeFalconIntel_v2.yml Docker image update * Updated Metadata Of Pack Shodan * Added release notes to pack Shodan * Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml Docker image update * Updated Metadata Of Pack FeedOffice365 * Added release notes to pack FeedOffice365 * Packs/FeedOffice365/Integrations/FeedOffice365/FeedOffice365.yml Docker image update * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Integrations/FeedExpanse/FeedExpanse.yml Docker image update * Packs/ExpanseV2/Integrations/ExpanseV2/ExpanseV2.yml Docker image update --------- Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com> * [ASM] - Expander - Add update alerts command (#28568) (#28587) * Add update alerts command * removing unsupported resolution statuses * status list update * update status validation Co-authored-by: Andrew Scott <77340714+andrew-paloalto@users.noreply.github.com> * GetIndicatorDBotScoreFromContext Automation (#28576) (#28591) * Updated * Updated * Updated YML * Updated README Co-authored-by: M Azmat <69823542+mazmat-panw@users.noreply.github.com> * Using docker image which supports (#28589) REST version of the Exchange Online library * Xsoar mirror no sync xsup 26146 (#28455) * Adding logs * if reset fetch data then call get-remote-data command with from_date = 0 * Update notes and tags after incident delete and reset last fetch. * Removing local test done for temp testing. * RN doc review. * changes * Add argument to reset mirror time as well. * bump docker. RN phrase. * Ignore main for unit test coverage. * Revert accidental changes to mail sender. * CR changes. * Change param name in code as well. * Write to a dict to contextData and not a CSV string list * PR changes. * line too long. * [MicrosoftAPIModule] - support auth-reset command (#26482) * reverted changes from https://github.com/demisto/content/pull/24347 * updated msgs * updated all the integrations that already have the 'auth-reset' command to use the MicrosoftApiModule.py function * update rn * pre commit * Bump pack from version Microsoft365Defender to 4.5.7. * updated docker&ruff * updated docker * Bump pack from version MicrosoftGraphIdentityandAccess to 1.2.22. * Bump pack from version MicrosoftTeams to 1.4.20. * Bump pack from version MicrosoftGraphMail to 1.5.4. * updated rn * added the command_prefix parameter * cr fixes + added integrations * solved conflicts * solved conflicts * solved conflicts API * added integrations * added integrations * fixes * pre-commit ruff * fixes * fixes * Bump pack from version MicrosoftDefenderAdvancedThreatProtection to 1.15.29. * Bump pack from version MicrosoftCloudAppSecurity to 2.1.34. * fixes + ruff * Bump pack from version MicrosoftDefenderAdvancedThreatProtection to 1.15.30. * added test + ruff * update * Bump pack from version MicrosoftDefenderAdvancedThreatProtection to 1.15.31. * update * Bump pack from version MicrosoftDefenderAdvancedThreatProtection to 1.15.32. * fixed mypy error * Bump pack from version MicrosoftTeams to 1.4.23. * added unitest * Bump pack from version MicrosoftTeams to 1.4.24. * update rn * cr fixes * mypy + resolve conflicts * mypy + resolve conflicts * mypy + resolve conflicts * pre-commit * Bump pack from version MicrosoftDefenderAdvancedThreatProtection to 1.15.33. * Bump pack from version MicrosoftExchangeOnline to 1.2.10. * Bump pack from version AzureSentinel to 1.5.13. * Bump pack from version Microsoft365Defender to 4.5.8. * Bump pack from version MicrosoftExchangeOnline to 1.2.11. * mypy errors * mypy errors * mypy errors * fixed * fixed * resolved conflicts + updated dockers * solved conflicts * updated tpb * updated docker + fixed mypy * revert + skip * resolved conflicts * cr fixes * increased memory_threshold * resolved conflicts * resolved conflicts * updated tpb * resolved conflicts * resolved conflicts + updated '_raise_authentication_error' after arad changes * fixed * fixed + added test * updated dockers * fixed * updated conf * Update conf.json * resolved conflicts * updated conf.json * Update conf.json * Update conf.json * Bump pack from version MicrosoftExchangeOnline to 1.2.12. * updated 1_2_12.md * Update conf.json * updated conf.json * Bump pack from version MicrosoftGraphSecurity to 2.1.25. * updated dockers and docs * Bump pack from version MicrosoftExchangeOnline to 1.2.13. * mypy + dockers * updated rn * Update Packs/AzureStorage/ReleaseNotes/1_2_16.md * Update Packs/AzureSentinel/ReleaseNotes/1_5_14.md * Update Packs/AzureSecurityCenter/ReleaseNotes/2_0_6.md * Update Packs/AzureNetworkSecurityGroups/ReleaseNotes/1_2_15.md * Update Packs/AzureKubernetesServices/ReleaseNotes/1_1_16.md * updated rn * updated mypy * mypy+updated conf.json * revert teams * resolved conflicts * Bump pack from version MicrosoftTeams to 1.4.26. * fixed README.md * updated docker * resolved conflicts * Bump pack from version MicrosoftExchangeOnline to 1.2.14. --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Binat Ziser <89336697+bziser@users.noreply.github.com> * Parsing rules fix filter 9 (#28478) * Added filter to MicrosoftCloudAppSecurity * Added release notes to MicrosoftCloudAppSecurity * Added release notes to MicrosoftCloudAppSecurity * Added filter to MicrosoftDHCP parsing rules * Added release note to MicrosoftDHCP * Modified microsoftadfs parsing rule * Added release note for microsoftadfs * Updated MicrosoftDefenderAdvancedThreatProtection parsing rule * Added release note for microsoftdefenderadvancedthreatprotection * Updated parsing rule for MicrosoftCloudAppSecurity * Modified the filter for DHCP parsing rule, and modified the readme. * Modified microsoft cloud app security readme. * Modified microsoft dhcp readme. * Modified microsoft defender advanced threat protection readme. * Modified microsoft defender advanced threat protection parsing rule. * Updated MicrosoftWindowsEvents parsing rules * Added release note for microsoftwindowsevents * Added note to microsoft windows events * Added note to microsoft windows events * Bump pack from version MicrosoftDefenderAdvancedThreatProtection to 1.15.35. * Bump pack from version MicrosoftCloudAppSecurity to 2.1.36. --------- Co-authored-by: Content Bot <bot@demisto.com> * Deprecate safe breach v2 (#28578) * Deprecate safe breach v2 (#28291) * deprecateSafeBreachV2 * deprecateSafeBreachV2 * RN * CR * Update the README files --------- Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> * Update the pack_metadata --------- Co-authored-by: MayYaariSafeBreach <135131028+MayYaariSafeBreach@users.noreply.github.com> * Uninstall one-by-one with waiting for the status from the server not to be in "create / update / delete operation is already in progress (10102)" (#28586) * [SplunkPy] Fix An Issue with parse response (#28451) * fix an issue * rn * revert gitlab changed * RN * revert gitlab changed * sdk words * fix * UD * Update Docker Image To demisto/python3 (#28606) * Updated Metadata Of Pack PrismaSaasSecurity * Added release notes to pack PrismaSaasSecurity * Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.yml Docker image update * Updated Metadata Of Pack AbuseDB * Added release notes to pack AbuseDB * Packs/AbuseDB/Scripts/AbuseIPDBPopulateIndicators/AbuseIPDBPopulateIndicators.yml Docker image update * Updated Metadata Of Pack Slack * Added release notes to pack Slack * Packs/Slack/Scripts/SlackAskV2/SlackAskV2.yml Docker image update * Packs/Slack/Scripts/SlackAsk/SlackAsk.yml Docker image update * Packs/Slack/Scripts/SlackBlockBuilder/SlackBlockBuilder.yml Docker image update * Update Docker Image To demisto/lxml (#28613) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/pymisp2 (#28608) * Updated Metadata Of Pack MISP * Added release notes to pack MISP * Packs/MISP/Integrations/MISPV3/MISPV3.yml Docker image update * Update Docker Image To demisto/python3 (#28612) * Updated Metadata Of Pack CofenseTriage * Added release notes to pack CofenseTriage * Packs/CofenseTriage/Integrations/CofenseTriagev3/CofenseTriagev3.yml Docker image update * Updated Metadata Of Pack SumoLogic_Cloud_SIEM * Added release notes to pack SumoLogic_Cloud_SIEM * Packs/SumoLogic_Cloud_SIEM/Integrations/SumoLogicCloudSIEM/SumoLogicCloudSIEM.yml Docker image update * Updated Metadata Of Pack AzureStorageQueue * Added release notes to pack AzureStorageQueue * Packs/AzureStorageQueue/Integrations/AzureStorageQueue/AzureStorageQueue.yml Docker image update * Updated Metadata Of Pack CrowdStrikeFalconSandbox * Added release notes to pack CrowdStrikeFalconSandbox * Packs/CrowdStrikeFalconSandbox/Integrations/CrowdStrikeFalconSandboxV2/CrowdStrikeFalconSandboxV2.yml Docker image update * Updated Metadata Of Pack DataminrPulse * Added release notes to pack DataminrPulse * Packs/DataminrPulse/Integrations/DataminrPulse/DataminrPulse.yml Docker image update * Updated Metadata Of Pack HostIo * Added release notes to pack HostIo * Packs/HostIo/Integrations/HostIo/HostIo.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack Logzio * Added release notes to pack Logzio * Packs/Logzio/Integrations/Logzio/Logzio.yml Docker image update * Updated Metadata Of Pack Netskope * Added release notes to pack Netskope * Packs/Netskope/Integrations/NetskopeEventCollector/NetskopeEventCollector.yml Docker image update * Updated Metadata Of Pack CTIX * Added release notes to pack CTIX * Packs/CTIX/Integrations/CTIX/CTIX.yml Docker image update * MicrosoftCloudAppSecurity - update rule folder name (#28446) * change rule folder name to MicrosoftCloudAppSecurity * update RN * remove microsoft_defender_modeling_rule * update RN * update pack-ignore * update RN * update RN * remove RN * Recordedfuture reduce callingcontext sent (#28579) * Recordedfuture reduce callingcontext sent (#28492) * Cleaned out data sent to recorded future when Collective Insights setting has value On, updated tool tip and tests to reflect change * bumped app version and added documentationfor Recorded Future v2 app * Updated Docker image * added periods to end of sentences in release notes * pre-commit --------- Co-authored-by: recordedfuture-simonhornestedt <109588368+recordedfuture-simonhornestedt@users.noreply.github.com> * demisto-sdk-release 1.18.0 (#28600) * poetry files * pre-commit --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: MosheEichler <meichler@paloaltonetworks.com> * [ParseEmailFilesV2] S/MIME files without to/from/subject fields (#28442) * updated * Update 1_12_6.md * pre-commit+ruff * Bump pack from version CommonScripts to 1.12.7. * sourcery * Update Packs/CommonScripts/ReleaseNotes/1_12_7.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker * Bump pack from version CommonScripts to 1.12.8. * updated docker * ignore native images * Update Tests/docker_native_image_config.json Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * updated ignored_native_images * Update docker_native_image_config.json --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * uninstalling packs adding retry to every endpoint call to the server (#28605) Improvements to uninstall packs. protecting all server endpoints with retry. * cisco asa - add new event ids (#28184) * add event ids * add event ids * add event ids * add event ids * add event ids * add event ids * add event ids * add event ids * add event ids + parsing rules * add event ids + parsing rules * add event ids * add event ids * add event ids * add event ids * add event ids * add event ids * Update 1_1_1.md * Update Packs/CiscoASA/ReleaseNotes/1_1_1.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CiscoASA/ReleaseNotes/1_1_1.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * add event ids * add event ids * add event ids * add event ids * add event ids * update * update * add event ids * add event ids * add event ids * add event ids * add event ids * add event ids --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update readme file (#28626) * delete pips (#28615) * Recordedfuture fix insecure (#28624) (#28631) * Added changes from previous PR * Added BC note for 1.6.6 * Update docker image version * update release notes * Fixed typ0 in breaking change note Co-authored-by: recordedfuture-simonhornestedt <109588368+recordedfuture-simonhornestedt@users.noreply.github.com> * GitHub trigger workflow with inputs argument allowed control characters (#28527) * GitHub trigger workflow with inputs argument allowed control characters * RN * RN * pack version * add UT * add UT * Fix dynamic script cortex xdr identity information widget (#28558) * Added validation to identify if the AWS.IAM.Users is a dict ot list * Updated RN * update docker tag * added another test * Update 5_0_5.md * Updated RN * Update 5_0_5.md TW edit for release notes * Update Packs/CortexXDR/ReleaseNotes/5_0_5.md --------- Co-authored-by: julieschwartz18 <91824591+julieschwartz18@users.noreply.github.com> * generatePassword handle len0 password (#28599) * remove zero arguments option * update RN * added ***Breaking Changes:*** * cr changes * Cr fixes * Bump pack from version CommonScripts to 1.12.9. * added bc note and update docker * Update Packs/CommonScripts/Scripts/GeneratePassword/GeneratePassword.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/GeneratePassword/GeneratePassword_test.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/GeneratePassword/GeneratePassword_test.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * added bc note * lint fix --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Gsm fixes (#28509) * Merge secrets PR * Test * Test * Test * Test * Test error * Test error * Test error * Test * Test * Test * Test * Test * Test * Test * Test * Test * Merge master * Merge master * Merge master * Merge master * Nightly test * Nightly test * New gitlab version * New gitlab version * test * Added cp to github * Aruba Clearpass Mapping (#28625) * Updated HPEArubaClearPass * Updated .yml and ReleaseNotes * Updated .yml and ReleaseNotes * Updated README * Updated README * Updated HPEArubaClearPass Details * Updated TestData and ParsingRules * Updated README * Updated README * Update Packs/HPEArubaClearPass/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/HPEArubaClearPass/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated HPEArubaClearPass_schema * Updated .yml configs --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/python3 (#28640) * Updated Metadata Of Pack PaloAltoNetworks_IoT * Added release notes to pack PaloAltoNetworks_IoT * Packs/PaloAltoNetworks_IoT/Integrations/PaloAltoNetworks_IoT/PaloAltoNetworks_IoT.yml Docker image update * Updated Metadata Of Pack Base * Added release notes to pack Base * Packs/Base/Scripts/HighlightWords/HighlightWords.yml Docker image update * Packs/Base/Scripts/GetIndicatorsByQuery/GetIndicatorsByQuery.yml Docker image update * Packs/Base/Scripts/CheckDockerImageAvailable/CheckDockerImageAvailable.yml Docker image update * Packs/Base/Scripts/GetIncidentsByQuery/GetIncidentsByQuery.yml Docker image update * Update Docker Image To demisto/py3-tools (#28642) * Updated Metadata Of Pack MailListener * Added release notes to pack MailListener * Packs/MailListener/Integrations/MailListenerV2/MailListenerV2.yml Docker image update * Update Docker Image To demisto/flask-nginx (#28646) * Updated Metadata Of Pack TAXIIServer * Added release notes to pack TAXIIServer * Packs/TAXIIServer/Integrations/TAXII2Server/TAXII2Server.yml Docker image update * Update Docker Image To demisto/pyjwt3 (#28645) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Update Docker Image To demisto/boto3py3 (#28644) * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Update Docker Image To demisto/python3 (#28643) * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack SentinelOne * Added release notes to pack SentinelOne * Packs/SentinelOne/Integrations/SentinelOneEventCollector/SentinelOneEventCollector.yml Docker image update * Updated Metadata Of Pack CybleEvents * Added release notes to pack CybleEvents * Packs/CybleEvents/Integrations/CybleEvents/CybleEvents.yml Docker image update * Updated Metadata Of Pack Censys * Added release notes to pack Censys * Packs/Censys/Integrations/CensysV2/CensysV2.yml Docker image update * Updated Metadata Of Pack LogsignSiem * Added release notes to pack LogsignSiem * Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem.yml Docker image update * Updated Metadata Of Pack FeedCrowdstrikeFalconIntel * Added release notes to pack FeedCrowdstrikeFalconIntel * Packs/FeedCrowdstrikeFalconIntel/Integrations/CrowdStrikeIndicatorFeed/CrowdStrikeIndicatorFeed.yml Docker image update * Updated Metadata Of Pack Vectra_AI * Added release notes to pack Vectra_AI * Packs/Vectra_AI/Integrations/VectraAIEventCollector/VectraAIEventCollector.yml Docker image update * Packs/Vectra_AI/Integrations/VectraDetect/VectraDetect.yml Docker image update * Updated Metadata Of Pack VirusTotal * Added release notes to pack VirusTotal * Packs/VirusTotal/Integrations/FeedLivehunt/FeedLivehunt.yml Docker image update * Packs/VirusTotal/Integrations/FeedRetrohunt/FeedRetrohunt.yml Docker image update * Cybersixgill aa mssp multi tenancy issue (#28535) (#28635) * Passing Organization ID where applicable. * Generated and updated changelogs * Updated docker image tag * Added full stop in changelogs file. * Fixing CI issues * CVSS score is none * MAX_DAYS_BACK 30 * Added known_words section and release notes rewording * Added known_words section and release notes rewording Co-authored-by: syed-loginsoft <97145640+syed-loginsoft@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> * changed machines path (#28439) * changed machines path * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * unit test * changed to flatten * changed to flatten * pre commit * changed to field in the machines path * removed prints * pulled from master * changed servers path * added cloud path to upload * set build type to build in test upload * set build type to build in test upload * test * changed servers path * changed servers path * changed servers path * test * test * removed prints * CR * changed copy * validate and bug fix * added comma as seperator * rmoved loggings * Apply suggestions from code review Co-authored-by: Darya Koval <72339940+daryakoval@users.noreply.github.com> * CR * fix --------- Co-authored-by: Darya Koval <72339940+daryakoval@users.noreply.github.com> * Similarity list bugfix (#28598) * Similarity list bugfix * Remove unused variables * Fix review comments * Update release notes * Bump pack from version CommonScripts to 1.12.9. * Bump pack from version CommonScripts to 1.12.10. --------- Co-authored-by: Content Bot <bot@demisto.com> * demisto-sdk update dep add pre-commit (#28601) * demisto-sdk update dep add pre-commit * poetry install * with dev * move * source * depth 0 * -f * remove -f * remove -f * reduce pre-commit * Parsing rules fix filter 7 (#28425) * modified mysql enterprise parsing rule. * Updated release notes for mysql enterprise. * Updated parsing rule of NGINXWebServerParsingRules. * Added release notes for NGINXWebServerParsingRules. * added filter to prisma saas security * added release note to prisma saas security * added release note to prisma saas security * Added note to readme for mysql * Modified nginxwebserver readme * Modified nginxwebserver readme * Modified PrismaSaasSecurity parsing rule. * Bump pack from version PrismaSaasSecurity to 2.0.25. * Revert PrismaSaasSecurity changes. --------- Co-authored-by: Content Bot <bot@demisto.com> * Parsing Rules Filter Fix Round 2 (#28218) * Parsing Rules Filter Fix Round 2 * Updated Parsing * xsiam-ciac-7462-manage-engine-ad-manager-refactor-parsing-rule-filter * xsiam-ciac-7462-manage-engine-ad-manager-refactor-release-notes * xsiam-ciac-7462-manage-engine-ad-manager-exclude-from-known-words-typos * xsiam-ciac-7462-manage-engine-ad-manager-update-readme * xsiam-ciac-7462-manage-engine-ad-manager-refactor-parsing-rule * Update Packs/Workday/ReleaseNotes/1_3_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/MicrosoftExchangeServer/ReleaseNotes/1_0_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/ManageEngine-ADManager/ReleaseNotes/1_0_1.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/ManageEngine-ADManager/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Modified WorkdayParsingRules.xif * Modified workday release notes * Added filter to mimecast parsing rule. * Added release note to mimecast * Modified the readme file of mimecast pack. * Modified the readme file and the parsing rule of workday pack. * Revert 1_3_6 release note for workday * Updated the readme of mimecast * Added urls in the readme to the secret ignore for ManageEngine * Revert MicrosoftExchangeServer changes. * Updated the release note of ManageEngine ADManager --------- Co-authored-by: cweltPA <129675344+cweltPA@users.noreply.github.com> Co-authored-by: Chanan Welt <cwelt@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * skip scripts running with native-image (#28629) * skip ConverFile script in native-image * skip DockerHardeningCheck * fixed dt condition in snow ticket state polling playbook (#28653) * fixed dt condition in snow ticket state polling playbook * rn * Code review google chronicle (#28522) * fixing error of Shirley CR * regenerate readme * adding RL and updating docker image * update rl * adding to ignore pack * dix validate * [OpsGenie v3] Get Team Routing Rules (#28620) * [OpsGenie v3] Get Team Routing Rules (#28496) * master * reverting crowdstrike.py * get-routing-rules * added release notes * quick fix * Opsgenie * fixing release note issues * bumped version * details * argument * ran demisto-sdk format on the files * added docs for the command * required True * team_id required * flake8 * improved docs for details * removed _dev * flake8g * Update Packs/OpsGenie/Integrations/OpsGenieV3/OpsGenieV3.yml Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> * Update Packs/OpsGenie/Integrations/OpsGenieV3/OpsGenieV3.py Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> * get routing rules * added outputs * outputs * ran precommit * fixed ISC001 Implicitly concatenated string literals on one line * Update the README file * Update Packs/OpsGenie/Integrations/OpsGenieV3/OpsGenieV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/OpsGenie/Integrations/OpsGenieV3/OpsGenieV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/OpsGenie/Integrations/OpsGenieV3/OpsGenieV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/OpsGenie/Integrations/OpsGenieV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/OpsGenie/Integrations/OpsGenieV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/OpsGenie/Integrations/OpsGenieV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/OpsGenie/ReleaseNotes/2_0_17.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/OpsGenie/ReleaseNotes/2_0_17.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Change output prefix "OpsGenie.Team.RoutingRules" -> "OpsGenie.TeamRoutingRule" * Fix the README file * Add isArray: true --------- Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Fix the test playbook * Skip the TPB --------- Co-authored-by: Enes Özdemir <49711791+ennozdd@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Remove `BA125` validation from `.pack-ignore` * Override corepacks-8.3.0.json File (#28662) * Override corepacks-8.3.0.json File * Unlocked corepacks-8.3.0.json --------- Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> * Re-lock corepacks-8.3.0.json file (#28672) * Update Docker Image To demisto/python3 (#28679) * Updated Metadata Of Pack DemistoRESTAPI * Added release notes to pack DemistoRESTAPI * Packs/DemistoRESTAPI/Scripts/UploadFile/UploadFile.yml Docker image update * Updated Metadata Of Pack PANWComprehensiveInvestigation * Added release notes to pack PANWComprehensiveInvestigation * Packs/PANWComprehensiveInvestigation/Scripts/PanwIndicatorCreateQueries/PanwIndicatorCreateQueries.yml Docker image update * Update Docker Image To demisto/pyjwt3 (#28685) * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/Zoom/Zoom.yml Docker image update * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Update Docker Image To demisto/boto3py3 (#28684) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Update Docker Image To demisto/python3 (#28683) * Updated Metadata Of Pack Darktrace * Added release notes to pack Darktrace * Packs/Darktrace/Integrations/DarktraceAdmin/DarktraceAdmin.yml Docker image update * Packs/Darktrace/Integrations/DarktraceMBs/DarktraceMBs.yml Docker image update * Packs/Darktrace/Integrations/DarktraceAIA/DarktraceAIA.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack RunZero * Added release notes to pack RunZero * Packs/RunZero/Integrations/RunZeroEventCollector/RunZeroEventCollector.yml Docker image update * Updated Metadata Of Pack Gamma * Added release notes to pack Gamma * Packs/Gamma/Integrations/Gamma/Gamma.yml Docker image update * Updated Metadata Of Pack MandiantAdvantageThreatIntelligence * Added release notes to pack MandiantAdvantageThreatIntelligence * Packs/MandiantAdvantageThreatIntelligence/Integrations/MandiantAdvantageThreatIntelligence/MandiantAdvantageThreatIntelligence.yml Docker image update * Updated Metadata Of Pack qualys * Added release notes to pack qualys * Packs/qualys/Integrations/QualysEventCollector/QualysEventCollector.yml Docker image update * Updated Metadata Of Pack HYASInsight * Added release notes to pack HYASInsight * Packs/HYASInsight/Integrations/HYASInsight/HYASInsight.yml Docker image update * Updated Metadata Of Pack TrendMicroVisionOne * Added release notes to pack TrendMicroVisionOne * Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneEventCollector/TrendMicroVisionOneEventCollector.yml Docker image update * Update Docker Image To demisto/pycountry (#28687) * Updated Metadata Of Pack CyCognito * Added release notes to pack CyCognito * Packs/CyCognito/Integrations/CyCognito/CyCognito.yml Docker image update * Update Docker Image To demisto/netmiko (#28688) * Updated Metadata Of Pack RemoteAccess * Added release notes to pack RemoteAccess * Packs/RemoteAccess/Integrations/RemoteAccessv2/RemoteAccessv2.yml Docker image update * Pan os edit rule error without commit issue (#28533) * Made it so it will not need the commit function arg * Release notes * Release notes * Fixed unit test * Update Packs/PAN-OS/ReleaseNotes/1_17_17.md Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * Unit tet fix * Update Packs/PAN-OS/ReleaseNotes/1_17_17.md Co-authored-by: Dean Arbel <darbel@paloaltonetworks.com> * Updated docker image * Too many blank lines fix --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Dean Arbel <darbel@paloaltonetworks.com> * Command line analysis lolbas enahancement (#28594) * New Content * release-notes * release-notes fix * fromversion fix * playbook fix * playbook fix * playbook fix * playbook fix * review fixes * review fixes * review fixes * review fixes * review fixes * review fixes * review fixes * [AWSSecurityHubCollector] Fix `is_array` in Schema File (#28597) * Update `is_array` value to `false` * Bump version * [tanium v4] updated content disposition header (#28659) * fixed * pre-commit * update known_words * Adding new queue for upload machines (#28695) * testing the change * renaming the folder * change work with upload only * Update Docker Image To demisto/python3 (#28699) * Updated Metadata Of Pack FeedProofpoint * Added release notes to pack FeedProofpoint * Packs/FeedProofpoint/Integrations/FeedProofpoint/FeedProofpoint.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEM/FortiSIEM.yml Docker image update * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack Ipstack * Added release notes to pack Ipstack * Packs/Ipstack/Integrations/Ipstack/Ipstack.yml Docker image update * Updated Metadata Of Pack RedCanary * Added release notes to pack RedCanary * Packs/RedCanary/Integrations/RedCanary/RedCanary.yml Docker image update * Updated Metadata Of Pack PiHole * Added release notes to pack PiHole * Packs/PiHole/Integrations/PiHole/PiHole.yml Docker image update * Updated Metadata Of Pack SignalSciences * Added release notes to pack SignalSciences * Packs/SignalSciences/Integrations/SignalSciences/SignalSciences.yml Docker image update * Updated Metadata Of Pack FeedDShield * Added release notes to pack FeedDShield * Packs/FeedDShield/Integrations/FeedDShield/FeedDShield.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccess/SafeNetTrustedAccess.yml Docker image update * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack OpenPhish * Added release notes to pack OpenPhish * Packs/OpenPhish/Integrations/OpenPhish_v2/OpenPhish_v2.yml Docker image update * Updated Metadata Of Pack NistNVD * Added release notes to pack NistNVD * Packs/NistNVD/Integrations/NistNVD/NistNVD.yml Docker image update * Updated Metadata Of Pack Cognni * Added release notes to pack Cognni * Packs/Cognni/Integrations/Cognni/Cognni.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Packs/DeveloperTools/Integrations/CustomIndicatorDemo/CustomIndicatorDemo.yml Docker image update * Packs/DeveloperTools/Integrations/APIMetricsValidation/APIMetricsValidation.yml Docker image update * Updated Metadata Of Pack NozomiNetworks * Added release notes to pack NozomiNetworks * Packs/NozomiNetworks/Integrations/NozomiNetworks/NozomiNetworks.yml Docker image update * Updated Metadata Of Pack ANYRUN * Added release notes to pack ANYRUN * Packs/ANYRUN/Integrations/ANYRUN/ANYRUN.yml Docker image update * Updated Metadata Of Pack Carbon_Black_Enterprise_Response * Added release notes to pack Carbon_Black_Enterprise_Response * Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.yml Docker image update * Updated Metadata Of Pack Absolute * Added release notes to pack Absolute * Packs/Absolute/Integrations/Absolute/Absolute.yml Docker image update * Updated Metadata Of Pack Ironscales * Added release notes to pack …
- Loading branch information