Splunk py raise timezone exception (#27316)

* SplunkPy - fix uninformative error message when missing timezone in mirroring

* Added RNs

* Updated readme

* CR updates

* Update Packs/SplunkPy/ReleaseNotes/3_0_20.md

Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com>

* Updated Docker Image

---------

Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com>

Packs/SplunkPy/Integrations/SplunkPy/README.md

@@ -30,7 +30,7 @@ This integration was integrated and tested with Splunk v7.2.
     | Use Splunk Clock Time For Fetch |  | False |
     | Parse Raw Part of Notable Events |  | False |
     | Replace with Underscore in Incident Fields |  | False |
-    | Timezone of the Splunk server, in minutes. For example, if GMT is gmt +3, set timezone to +180. For UTC, set the timezone to 0. (Set only if the Splunk server is different than the Cortex XSOAR server.) Relevant only for fetching and mirroring notable events. |  | False |
+    | Timezone of the Splunk server, in minutes. For example, if GMT is gmt +3, set timezone to +180. For UTC, set the timezone to 0. This is relevant only for fetching and mirroring notable events. It must be specified when mirroring is enabled. |  | False |
     | First fetch timestamp (<number> <time unit>, e.g., 12 hours, 7 days, 3 months, 1 year) | The amount of time to go back when performing the first fetch, or when creating a mapping using the Select Schema option. | False |
     | Extract Fields - CSV fields that will be parsed out of _raw notable events |  | False |
     | Event Type Field | Used only for mapping with the Select Schema option. The name of the field that contains the type of the event or alert. The default value is "source", which is a good option for notable events. However, you may choose any custom field. | False |

Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.py

@@ -1220,7 +1220,7 @@ def get_last_update_in_splunk_time(last_update):
 
     try:
         splunk_timezone = int(params['timezone'])
-    except (KeyError, ValueError):
+    except (KeyError, ValueError, TypeError):
         raise Exception('Cannot mirror incidents when timezone is not configured. Please enter the '
                         'timezone of the Splunk server being used in the integration configuration.')
 

Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.yml

@@ -65,7 +65,7 @@ configuration:
   type: 8
   section: Collect
   advanced: true
-- display: Timezone of the Splunk server, in minutes. For example, if GMT is gmt +3, set timezone to +180. For UTC, set the timezone to 0. (Set only if the Splunk server is different than the Cortex XSOAR server.) Relevant only for fetching and mirroring notable events.
+- display: Timezone of the Splunk server, in minutes. For example, if GMT is gmt +3, set timezone to +180. For UTC, set the timezone to 0. This is relevant only for fetching and mirroring notable events. It must be specified when mirroring is enabled.
   name: timezone
   required: false
   type: 0
@@ -626,7 +626,7 @@ script:
     - contextPath: Splunk.UserMapping.SplunkUser
       description: Splunk user mapping.
       type: String
-  dockerimage: demisto/splunksdk-py3:1.0.0.61535
+  dockerimage: demisto/splunksdk-py3:1.0.0.62919
   isfetch: true
   ismappable: true
   isremotesyncin: true

Packs/SplunkPy/ReleaseNotes/3_0_20.md

@@ -0,0 +1,7 @@
+
+#### Integrations
+
+##### SplunkPy
+
+- Fixed an issue where it was possible to configure mirroring without specifying a timezone.
+- Updated the Docker image to: *demisto/splunksdk-py3:1.0.0.62919*.

Packs/SplunkPy/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Splunk",
     "description": "Run queries on Splunk servers.",
     "support": "xsoar",
-    "currentVersion": "3.0.19",
+    "currentVersion": "3.0.20",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",