Incident context core pb fix (#27546)

* change setparentincident tasks to skipunavailable:true * RN after changed setparentincident tasks to skipunavailable:true * fix for validation errors * RN after fix for validation errors * fix for validation error
demisto · Jun 19, 2023 · daa0c1e · daa0c1e
1 parent 5ad8d86
commit daa0c1e
Show file tree

Hide file tree

Showing 20 changed files with 73 additions and 18 deletions.
diff --git a/Packs/CommonPlaybooks/Playbooks/playbook-Ticket_Management_-_Generic.yml b/Packs/CommonPlaybooks/Playbooks/playbook-Ticket_Management_-_Generic.yml
@@ -63,6 +63,9 @@ tasks:
       description:
         complex:
           root: inputs.description
+      serviceNowAssignmentGroup:
+        complex:
+          root: inputs.serviceNowAssignmentGroup
       serviceNowCategory:
         complex:
           root: inputs.serviceNowCategory
@@ -272,7 +275,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 0
     isoversize: false
     isautoswitchedtoquietmode: false
@@ -336,7 +339,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 0
     isoversize: false
     isautoswitchedtoquietmode: false
@@ -402,7 +405,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 0
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/CommonPlaybooks/ReleaseNotes/2_3_76.md b/Packs/CommonPlaybooks/ReleaseNotes/2_3_76.md
@@ -0,0 +1,5 @@
+
+#### Playbooks
+
+##### Ticket Management - Generic
+Added skip if unavailable for `setParentIncidentContext` tasks.
diff --git a/Packs/CommonPlaybooks/pack_metadata.json b/Packs/CommonPlaybooks/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Common Playbooks",
     "description": "Frequently used playbooks pack.",
     "support": "xsoar",
-    "currentVersion": "2.3.75",
+    "currentVersion": "2.3.76",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

diff --git a/Packs/Core/Playbooks/playbook-Cloud_IAM_User_Access_Investigation.yml b/Packs/Core/Playbooks/playbook-Cloud_IAM_User_Access_Investigation.yml
@@ -837,7 +837,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 2
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/Playbooks/playbook-IOC_Alert.yml b/Packs/Core/Playbooks/playbook-IOC_Alert.yml
@@ -1164,7 +1164,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 2
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/Playbooks/playbook-Impossible_Traveler.yml b/Packs/Core/Playbooks/playbook-Impossible_Traveler.yml
@@ -1119,7 +1119,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 2
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/Playbooks/playbook-Local_Analysis_alert_Investigation.yml b/Packs/Core/Playbooks/playbook-Local_Analysis_alert_Investigation.yml
@@ -1946,7 +1946,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 2
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/Playbooks/playbook-NGFW_Internal_Scan.yml b/Packs/Core/Playbooks/playbook-NGFW_Internal_Scan.yml
@@ -673,7 +673,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 2
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/Playbooks/playbook-NGFW_Scan.yml b/Packs/Core/Playbooks/playbook-NGFW_Scan.yml
@@ -1307,7 +1307,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 2
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/Playbooks/playbook-Ransomware_Response.yml b/Packs/Core/Playbooks/playbook-Ransomware_Response.yml
@@ -1351,7 +1351,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 2
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/Playbooks/playbook-T1036_-_Masquerading.yml b/Packs/Core/Playbooks/playbook-T1036_-_Masquerading.yml
@@ -1315,7 +1315,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 2
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/Playbooks/playbook-T1059_-_Command_and_Scripting_Interpreter.yml b/Packs/Core/Playbooks/playbook-T1059_-_Command_and_Scripting_Interpreter.yml
@@ -1287,7 +1287,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 2
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/Playbooks/playbook-WildFire_Malware.yml b/Packs/Core/Playbooks/playbook-WildFire_Malware.yml
@@ -1755,7 +1755,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 2
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/Playbooks/playbook-XCloud_Cryptomining.yml b/Packs/Core/Playbooks/playbook-XCloud_Cryptomining.yml
@@ -98,7 +98,7 @@ tasks:
     note: false
     timertriggers: []
     ignoreworker: false
-    skipunavailable: false
+    skipunavailable: true
     quietmode: 0
     isoversize: false
     isautoswitchedtoquietmode: false

diff --git a/Packs/Core/ReleaseNotes/1_4_3.md b/Packs/Core/ReleaseNotes/1_4_3.md
@@ -0,0 +1,36 @@
+
+#### Playbooks
+
+##### T1059 - Command and Scripting Interpreter
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
+##### IOC Alert
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
+##### Local Analysis alert Investigation
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
+##### T1036 - Masquerading
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
+##### Cloud IAM User Access Investigation
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
+##### Impossible Traveler Response
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
+##### XCloud Cryptojacking
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
+##### NGFW Scan
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
+##### NGFW Internal Scan
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
+##### WildFire Malware
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
+##### Ransomware Response
+- Added skip if unavailable for `Set Incident Severity to High` task.
+
diff --git a/Packs/Core/pack_metadata.json b/Packs/Core/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Core - Investigation and Response",
     "description": "Automates incident response",
     "support": "xsoar",
-    "currentVersion": "1.4.2",
+    "currentVersion": "1.4.3",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

diff --git a/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management.yml b/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management.yml
@@ -686,7 +686,7 @@ tasks:
           root: inputs.serviceNowCategory
       comments:
         complex:
-          root: inputs.Comment
+          root: inputs.CommentToAdd
       description:
         complex:
           root: inputs.description
@@ -832,6 +832,11 @@ inputs:
   required: false
   description: 'Whether to open a new ticket or to add a new comment. Possible values: NewTicket/AddComment.'
   playbookInputQuery:
+- key: serviceNowAssignmentGroup
+  value: {}
+  required: false
+  description: The group to which to assign the new ticket.
+  playbookInputQuery:
 outputs:
 - contextPath: ServiceNow.Ticket.ID
   description: ServiceNow Ticket ID.

diff --git a/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management_README.md b/Packs/ServiceNow/Playbooks/playbook-ServiceNow_-_Ticket_Management_README.md
@@ -39,6 +39,7 @@ This playbook does not use any scripts.
 | addCommentPerEndpoint | Whether to add a new comment to the ticket for each endpoint in the incident. Possible values: True/False. | True | Optional |
 | serviceNowShortDescription | A short description of the ticket. |  | Optional |
 | Action | Whether to open a new ticket or to add a new comment. Possible values: NewTicket/AddComment. |  | Optional |
+| serviceNowAssignmentGroup | The group to which to assign the new ticket. |  | Optional |
 
 ## Playbook Outputs
 

diff --git a/Packs/ServiceNow/ReleaseNotes/2_5_29.md b/Packs/ServiceNow/ReleaseNotes/2_5_29.md
@@ -0,0 +1,5 @@
+
+#### Playbooks
+
+##### ServiceNow - Ticket Management
+- Added input `serviceNowAssignmentGroup` - This input determines the group to which to assign the new ticket.
diff --git a/Packs/ServiceNow/pack_metadata.json b/Packs/ServiceNow/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "ServiceNow",
     "description": "Use The ServiceNow IT Service Management (ITSM) solution to modernize the way you manage and deliver services to your users.",
     "support": "xsoar",
-    "currentVersion": "2.5.28",
+    "currentVersion": "2.5.29",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",