temporary fix of VirusTotal offset 1 error in reputation #22062

thefrieddan1 · 2022-11-06T12:52:37Z

scripts

Contributing to Cortex XSOAR Content

Make sure to register your contribution by filling the contribution registration form

The Pull Request will be reviewed only after the contribution registration form is filled.

Status

In Progress
Ready
In Hold - (Reason for hold)

Related Issues

fixes: https://jira-hq.paloaltonetworks.local/browse/XSUP-17626

Description

Ignore error msg: "offset: 1".
The error returns from VT integration called from reputation scripts ( File, URL, Domain).
A Temporary fix.

Screenshots

Paste here any images that will help the reviewer

Does it break backward compatibility?

Yes
- Further details:
No

Must have

Tests
Documentation

scripts

in release notes.

ShahafBenYakir

Nice.
Gave you comments on one of the scripts and tests but the comments are relevant to all 3.

Packs/CommonScripts/ReleaseNotes/1_9_8.md

Packs/CommonScripts/Scripts/DomainReputation/DomainReputation.py

Packs/CommonScripts/Scripts/DomainReputation/DomainReputation_test.py

…XSUP-17626

xsoar-bot · 2022-11-09T17:47:22Z

Link to the unit tests coverage report:
https://output.circle-artifacts.com/output/job/4179be49-182c-4c9c-95a9-e53fc0ca3b98/artifacts/0/artifacts/coverage_report/html/index.html

* temporary fix of VirusTotal offset 1 error in reputation scripts * Latest docker image * increment revision version * Add release notes * Add a period in end of release notes sentence. * ignore VirusTotal as unknown word in release notes. * updated the JIRA ticket reference. * use latest docker image * PR changes * remove duplicated import * remove blank line contains whitespace * revert changes to file * update release notes.

* fix * fix * README * docker * rn * version * cr fixes * Update 1_2_20.md changed formatting for argument from ** to * * revert fix * docker * release-notes * PAN-OS - Fix incorrect parsing of Panorama High-Availability state XML (#22124) * PAN-OS - Fix incorrect parsing of Panorama High-Availability state XML (#20857) * Bug reproduced * Fixed by correcting xpath for panorama HA * Add support for panorama HA in get-ha-status output * Add panorama to HA peer serials dict * Fixed get-ha-status bug * Added conditional for extra safety * Fix device-group bug when no hostname in entry * Update release notes and metadata * Update release notes and metadata * Update Packs/PAN-OS/ReleaseNotes/1_15_2.md * Update Packs/PAN-OS/ReleaseNotes/1_15_2.md Co-authored-by: Spaghett <32481037+adambaumeister@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * ReadPDFFileV2Permissions Fixes (Without Copy Protected) (#21856) * Fixed the two bugs, need to handle the new ones that arised * The script deals with the two problems * Enhanced the flow of the script * Fixed errors after enhancement * Add release notes * Fixed the 2 failing unit tests * Fixed wrong expected value in unit test * Added annotations and deleted tempfile * Typo * Fixed wrong args types in test * Trying to fix Pylint error * Added unit tests to test fixes * Deleted functions that are not in use * Fixed expected output * Fixed where unit test would change pdf permissions * Deleted pdf files that were used for testing * Deleted redundant LOG * Update PdfCopyingException Co-authored-by: Jasmine Beilin <71636766+JasBeilin@users.noreply.github.com> * Update PdfCredentialsException Co-authored-by: Jasmine Beilin <71636766+JasBeilin@users.noreply.github.com> * Added CR comments * Fixed CR comments and test playbook * Tried adding file to secrets-ignore * Fixed unit tests imports * Fixed unit tests imports * Fixed unit tests * Fixed unit tests * Fixed unit tests * Using PyPDF2.PdfReader * Deleted copy protected file and corresponding unit test * Deleted copy protected file * Update .secrets-ignore Co-authored-by: Jasmine Beilin <71636766+JasBeilin@users.noreply.github.com> * Misp add email object bug fix (#22088) * fix bug * add UT * update docker image * update RN * update lint * CR fixes * fix test playbook * Initial release of Stairwell integration (#21530) (#22117) * Update readme * Exclude known URLs from .secrets-ignore * Increase testing coverage * Updated README * Updated README & Inception.yml * Fix for LINT error using urllib3 * Improved test_module error handling Co-authored-by: mikewilusz-stairwell <90697468+mikewilusz-stairwell@users.noreply.github.com> * TaegisXDR - Add support for comments (#21379) (#21901) * Adding Comment create, fetch, and update commands * Adding tests for Comment commands * Replacing readable_output with tableToMarkdown * Updating tests * Adding test for test-module command * Updating example context data for reference * Updating output for Comment create and update commands * Updating valid Investigation statuses * Updating test data url * Adding release notes and bumping pack version to 4.1.0 * Correcting docker image location * Updating to latest docker image * Updating error checks * Removing unneeded release note * Correcting error messages in tests * Adding alerts2, missed in previous version * Ensuring the input passed into fetch-alerts is a string with no single quotes * Correcting Flake8 linting * Allowing for alert IDs to be a list or string of alert IDs, correct playbook runs * Updating docker image for CI * Removing unnecessary release note * Updating docker image * Removing unnecessary release note Co-authored-by: Ryan Reed <6673689+reedium@users.noreply.github.com> * temporary fix of VirusTotal offset 1 error in reputation (#22062) * temporary fix of VirusTotal offset 1 error in reputation scripts * Latest docker image * increment revision version * Add release notes * Add a period in end of release notes sentence. * ignore VirusTotal as unknown word in release notes. * updated the JIRA ticket reference. * use latest docker image * PR changes * remove duplicated import * remove blank line contains whitespace * revert changes to file * update release notes. * install demisto-sdk master correctly in staging (#22136) * One Datamodel Ready 4 (#22020) * Creating One Datamodel Ready 4 and adding guard duty to it. * Uploaded OracleDBEventCollector_1_3 * Updated version to 1.0.1 * Added OktaOAG_1_3 * Added Cisco SMA 1.3 * Added Tenable_io 1.3 * Updated the pack_metadata * Uploaded version 1.3 (ODM) * Push Apache tomcat to One data model ready 4 * Updated readme * Added Azure Event Hub 1.3 * Push Microsoft365Defender One data model ready 4 * add modeling rules 1.3 * Updated release notes for Abnormal Security * Updated the release notes and version for 8 packs * Fixed duplicated field for AWS GuardDuty, PR One Data Model Ready 4 * Updated the OracleDB release notes * Updated version in metadata json * Adding fields and fixing url field for ApacheTomcat, PR One Data Model Ready 4 * Delete TenableioEventCollector_1_3.yml * Delete MicrosoftWSUSModelingRules_1_3.xif * Remove wsus from pr 4 * add modeling rules 1.3 * add tenable io yml * Uploaded MS WSUS to PR4 * Add box to PR 4 * Add netskope to PR 4 * Remove from xdr version from microsoft 365 defender * Removed v1.3 data from Cisco SMA and Okta OAG * updated Read.me file to origin * Updated schema and version * Removed 'to' - Not needed * Add schema to box * Add schema to box, v1 * Updated schema 'Type' error * Fix schema tenable * add toversion * update RN * update rn1 * Fix Schema to be compatible with dataset names. Fix spaces in abnormal security pack * Fix Schema to be compatible with dataset name - AWS GuardDuty * Adding two fileds to microsoft365defender pack Co-authored-by: eepstain <eepstain@paloaltonetworks.com> Co-authored-by: nkanon <nkanon@paloaltonetworks.com> Co-authored-by: gtamir <gtamir@paloaltonetworks.com> Co-authored-by: evisochek <evisochek@paloaltonetworks.com> Co-authored-by: evisochek <72695126+evisochek@users.noreply.github.com> * Fix for ms graph mail (#22120) * fix bug * add rn * api fix * cr fix * change rn * Update Docker Image To demisto/py3-tools (#22141) * Updated Metadata Of Pack Elasticsearch * Added release notes to pack Elasticsearch * Packs/Elasticsearch/Integrations/Elasticsearch_v2/Elasticsearch_v2.yml Docker image update * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * Updated Metadata Of Pack OpenLDAP * Added release notes to pack OpenLDAP * Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Docker image update * add-CortexAttackSurfaceManagement-pack (#22133) * add-CortexAttackSurfaceManagement-pack * Update Tests/Marketplace/core_packs_mpv2_list.json * Update Docker Image To demisto/python3 (#22139) * Updated Metadata Of Pack AHA * Added release notes to pack AHA * Packs/AHA/Integrations/AHA/AHA.yml Docker image update * Updated Metadata Of Pack BeyondTrust_Password_Safe * Added release notes to pack BeyondTrust_Password_Safe * Packs/BeyondTrust_Password_Safe/Integrations/BeyondTrust_Password_Safe/BeyondTrust_Password_Safe.yml Docker image update * Updated Metadata Of Pack BitcoinAbuse * Added release notes to pack BitcoinAbuse * Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml Docker image update * Updated Metadata Of Pack BluecatAddressManager * Added release notes to pack BluecatAddressManager * Packs/BluecatAddressManager/Integrations/BluecatAddressManager/BluecatAddressManager.yml Docker image update * Updated Metadata Of Pack CarbonBlackEnterpriseEDR * Added release notes to pack CarbonBlackEnterpriseEDR * Packs/CarbonBlackEnterpriseEDR/Integrations/CarbonBlackEnterpriseEDR/CarbonBlackEnterpriseEDR.yml Docker image update * Updated Metadata Of Pack Censys * Added release notes to pack Censys * Packs/Censys/Integrations/CensysV2/CensysV2.yml Docker image update * Updated Metadata Of Pack Centreon * Added release notes to pack Centreon * Packs/Centreon/Integrations/Centreon/Centreon.yml Docker image update * Updated Metadata Of Pack CheckPhish * Added release notes to pack CheckPhish * Packs/CheckPhish/Integrations/CheckPhish/CheckPhish.yml Docker image update * Updated Metadata Of Pack CircleCI * Added release notes to pack CircleCI * Packs/CircleCI/Integrations/CircleCI/CircleCI.yml Docker image update * Updated Metadata Of Pack Cisco-umbrella-enforcement * Added release notes to pack Cisco-umbrella-enforcement * Packs/Cisco-umbrella-enforcement/Integrations/CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement.yml Docker image update * Fixed Mypy Errors Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/boto3py3 (#22140) * Updated Metadata Of Pack AWS-ACM * Added release notes to pack AWS-ACM * Packs/AWS-ACM/Integrations/AWS-ACM/AWS-ACM.yml Docker image update * Updated Metadata Of Pack AWS-CloudWatchLogs * Added release notes to pack AWS-CloudWatchLogs * Packs/AWS-CloudWatchLogs/Integrations/AWS-CloudWatchLogs/AWS-CloudWatchLogs.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Lambda * Added release notes to pack AWS-Lambda * Packs/AWS-Lambda/Integrations/AWS-Lambda/AWS-Lambda.yml Docker image update * Updated Metadata Of Pack AWS-S3 * Added release notes to pack AWS-S3 * Packs/AWS-S3/Integrations/AWS-S3/AWS-S3.yml Docker image update * Updated Metadata Of Pack AWS-SQS * Added release notes to pack AWS-SQS * Packs/AWS-SQS/Integrations/AWS-SQS/AWS-SQS.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWS_SecurityHub/AWS_SecurityHub.yml Docker image update * Updated Metadata Of Pack AWS_DynamoDB * Added release notes to pack AWS_DynamoDB * Packs/AWS_DynamoDB/Integrations/AWS_DynamoDB/AWS_DynamoDB.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/smbprotocol (#22144) * Updated Metadata Of Pack SMB * Added release notes to pack SMB * Packs/SMB/Integrations/SMB_v2/SMB_v2.yml Docker image update * [AquatoneDiscover] move to commonscripts, to py3 (#21715) * move the script to commonscripts. * update the script&docker to support python3 * GitLab new integration (#21258) * first commit * add readme+playbook, fix file_del and group_proj * fix file_d & group_l add readme & playbook * ignore secrets deesc.md added * after format * format gitlab test and py file * remove unused imports gitlab_test * pack ignore and changes to read me * resize image and some unit test * corrections after PR, only few more commands to fix * project list and issue list after fixing * after fixing according Pr1 * after fixing according Pr1 _ fixed lint * adding get users command * update output for merge request branch delete * update playbook file * update README * update after PR * Removing save cotext data from playbook * adding pagination function, try on group_project, projects, issue_list commands * adding response according pagination and fixing lists commands * adding command example to README and small fixies in GitLab.py * adding test validate pagination argumnets and fixing docker image * adding unit tests * adding unit tests 30% cover * adding unit test. 40% cover * adding unit test. 40% cover * try fixing image * fix after validate * changing the devSecOps/GitLab docker image * add mid unit test * Delete GitLab.yml * Revert "Delete GitLab.yml" This reverts commit 04f39dff09ba41e93d6cea07d277821c674633a5. * undo changes to Packs/DevSecOps/Integrations/GitLab/GitLab.yml * putting the new test as a comments just to make sure the build is ok * adding # pragma: no cover to main * adding # pragma: no cover to if main * cover 51 % * unit test 62% * unit tests 66% * 70% cover unit test+ get_raw_file_command updated * temp change to id in yml file * Revert "temp change to id in yml file" This reverts commit 0f49681ec2ff327610952d381524483f93372275. * id in yml * change in conf jason to Gitlab - check * updating relevat fields to GitLab v2 * update relase notes * delete uneeded files * relelse note update * adding the word use to 2_0_0 so the sentence would make sense * adding partial_response paramter to yml and 2 func * updating read me(adding partial_response arg) * adding fixes for partial_response * adding unit tests 70% from 67% * 4 changes after pr * only two PR notes left * last PR notes+ updating playbook * updating docker image * fix after validate * updating playbook id pack name * code pan run try changing the name+adding test docstring explation * Update GitLab.yml Done. * Update GitLab_description.md Done. * Update 2_0_0.md Done. * trailing white space * doc review changes * update fromversion * pack metadata changed name * changes after eli, regarding the name gitlabv2 * eli another try * GitLab v2 to GitLabv2 * space to do build again * adding marketplaces: - marketplacev2 * try build again * update meket place * scripts for playbook * fixing suggestbranch * delete irrlevent files and checking * forgot to lint * deleting scripts related to ci cd * redone last changes * small changes * update tests * add . * . * fgdfg * conf.json and update test playbook * deleting unused var * update file changes, already changed it before * project_id check and notes from demo fixed * adding description to issue HR * add merged to branch * test update * update tests * adding tests * update merge request merge * change playbook * adding fromvision * adding explanation to api scopes * adding title to partial list branch * datetime param and add DeleteContext * updating playbook prays and hopes for the build * pr updates * fix trailing white space * fixing issues ollalal * pretty file_path for folders * demisto docker * group project read me fixed * fixed doc string Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Deprecate old gitlab (#21695) * deprecat old GitLab pack * update release notes * updating pack version and release note name * change vesrion * change version * changes * try * relase note * Delete 1_d0445cb2-f325-4894-83e1-93ac42293504 delete it * update the file name of the release note * delete 1_2_0 * [VMware] to py3 (#21830) * update to python3 * save tests (#21863) * fix duplicates (#21996) * fix duplicates * fix test * Contrib/CDS Cofense Vision 100 (#22018) (#22029) * Updated deprecation description. * [Marketplace Contribution] SplunkCIMFields (#14484) * "pack contribution initial commit" (#14439) * change the scrpt according to the contributor * change the scrpt according to the contributor Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: cshayner <cshayner@paloaltonetworks.com> * setGridField: Allow column names to have underscores (#14469) Grid column names can have underscores in them. Co-authored-by: Dean Arbel <darbel@paloaltonetworks.com> * Add more dates, tags, and TLP to feed integration (#14483) * Add more dates, tags, and TLP to feed integration (#14380) * Add more dates, tags and TLP to feed integration * Add release notes * fixed rn Co-authored-by: EvgeniyMeteliza <81425065+EvgeniyMeteliza@users.noreply.github.com> Co-authored-by: abaumgarten <abaumgarten@paloaltonetworks.com> * Fixed Custom Indicator context value key (#14422) * Fixed context value key * Fixed customIndicator test * Fixed customIndicator test * Merge branch 'master' into custom-indicator-value # Conflicts: # Packs/Base/ReleaseNotes/1_13_22.md * Update 1_13_23.md Done. Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * added ignore BA113,BA112 (#14465) * GetFailedTasks - improve err msg of failure to retrieve tasks (#14442) * improve err msg of failure to retrieve tasks * rm new line * Update Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/README.md Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Fix generic APIModule feeds (#14490) * setGridField: undo column name truncation (#14492) allow column name truncation Co-authored-by: Dean Arbel <darbel@paloaltonetworks.com> * fixed bug in pop ranks (#14493) * fixed bug in pop ranks * fixed bug in pop ranks * Migrate bucket upload workflow to GitLab (#14130) * Remove upload dev rules and env variable dev value assignment * Show that it works with fixed demisto-sdk * Revert "Show that it works with fixed demisto-sdk" This reverts commit 0a813cdbe92fcd4c2840fb92d091661853e8339c. * Enable bucket-upload trigger script to work against production bucket Co-authored-by: ikeren <itay@demisto.com> * Added Iron Bank approved tag (#14489) * Crowdstrike datetime bug (#14382) * added test * added test that fails * fix for test * added release notes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_0_4.md Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Qss new pr (#14502) * update README.md * update README.md * Rasterize improvements (#14124) (#14482) * Added support for different filename * Update the release notes * fix mypy error * Changed the naming from "filename" to "file_name" * Rename 1_0_10.md to 1_0_11.md * Update pack_metadata.json Co-authored-by: Paul <32433511+blestemee@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Paul D <88715381+nb-pdragoi@users.noreply.github.com> Co-authored-by: Paul <32433511+blestemee@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> * [Sixgill-195] dve bug (#14503) * [Sixgill-195] dve bug (#14499) * fixed tests * fixed tests * fixed tags * fixed tags * rn Co-authored-by: tamarsix <72441754+tamarsix@users.noreply.github.com> Co-authored-by: abaumgarten <abaumgarten@paloaltonetworks.com> * metadata constants (#14466) * metadata constants * metadata constants * metadata constants * fix name * typo fix * typo fix * Zip content packs step optimization (#12770) * Testing download packs from gcs * Deleting Skip Zip content packs so it can be tested * Changed file download to gsutil * Fixed bucket path * Fixed gsutil flag * Added dest path prints * Old download * Different url * Changed gcp path * Changed gcp path * Created a bash script for gcp command * Rerun * Added newline * Changed path and error message * Added shell statement to file * Added prints * Changed os.walk * Changed zip path * Changed gcp path * Changed gcp path * added prints * print entries * print entries * print entries * print entries * prints subprocess * prints subprocess * prints subprocess * prints subprocess * prints subprocess * prints subprocess * Changed set and added exception handler * removed unnecessary mkdir * print path of pack * test * test * fixes * fixes * fixes * fixes * testing old step * checks and prints * checks and prints * Added copy to other dir * Added some comments * removed script communication * Added testing, changed parameters to general build * Added docstring to tests * Fixed flake8 issues * Added packs list print - will be removed * Removed print * Added dir entries print * Added check for circle_build * Added src and dest path prints * Added src path prints and check_output * Added src path prints and check_output * Removed trailing / * Fixed zip path * Added storage_base_path, bucket_name args. Removed prints, added logging. Added try except clause. * Added missing arguments * Moved to upload flow only * Removed skip for non master branches - testing * Moved sys.exit(1) to end of script, refactored search in blobs. * Updated comment * Fixed tests * Added looseversion * Added master check back * Removed unnecessary bash script. * Fixed PR comments * Changed copy to artifacts to use the script's arguement * Added gitlab support * Testing gitlab's upload * Added check back * Fixed readme error * Added back the upload check * Fixed some todos * Added todos * Moved download to job * Fixed tests * Todo * removing conditions for testing * Added needed conditions * Removed todo and added env var * Changed packs src * Removed conditions * Updated sbp when bucket is dist-dev * Changed to default storage_base_path * Removed unnecessary conditions * updated path * Sharing variable between steps * Added step to bucket-upload.yml * Fixed flake8 issues * commented out failing tests - for testing gitlab flow * Fixed problem in unittest * Fixed problem in unittest * Changed bucket condition name * Fixed yml file * Removed unnecessary packs dir * Added echo * Added default storage_base_path value * Fixed yml structure * Fixing yml structure * test * Revert "test" This reverts commit a340bfce * Removed run validations * Changed upload-to-marketplace rules * Added gcloud login * Added rule back, removed private zip folder creation * Removed run validations * Added requirement back * Added run validations back * StixParser - skip SSDEEP (#14501) * add ssdeep to stix1 test file * trigger ut * skip ssdeep values * Update Packs/Base/ReleaseNotes/1_13_24.md Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> * Ansible Integration Quality Improvements (#14375) * Ansible Integration Quality Improvements (#12795) * Ansible API Module * Refactored Ansible Integrations using API Module * HCloud Documentation * Default values of [] and {} are invalid in Ansible * Linux README. Work in progress. * spelling * Alibaba Cloud Readme * typo * typo * commands for doco * better acme banner * better description * ACME README WIP * commands from debian server * Windows ReadMe WIP * docker tag bump * docker version bump and displayname spacing * remove commands with error outputs * Release notes / Metadata * validation issue resolution * linting and formating corrections * trimmed package listing * MS Readme WIP * aligning names in note to integrations * MS Readme WIP * get_md5 argument no longer exists on module * More README WIP * remove pester example, looks like it failed tests * mypy and flake8 lint fixes * docker image bump * ignoring pylint errpr for specialised import * typo * pylint and pep8 errors use different ignore syntax * dict2md revisions and unit tests * rec_ansible_key_strip unit test * Correct docker image for Ansible * linting * clean up loose demisto calls and add type hinting * Inventory unit tests * incorrect indentation * remove unused value * tidy up demisto calls * generic_ansible unit test * remove global var host_type * linting * mypy fixes, output_key field, and context camelCase * regenerated integrations * id/name prefixed with ansible * removed whitespace on descriptions * camelcase context * corrected predefined args for bools * outputs_key_field for targetbased integrations * context path updated * better error messages * test-command functionality * fix templating error * correct logic for test-module * version bump and linting * linting * docstring for generic_ansible * Deprecating old pack Adding new packs * Alibaba Cloud Polish * Documenetation for Alibaba Cloud * Documentation for Azure Compute * remove problematic module * Documentation for Hetzner Cloud * Partial documentation for Windows * hcloud test playbook * kubernetes documentation * remove empty command example headings * better explaination around ansible usage * Linux doco * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * remove todo * Ansible branding + description clean up * Ansible DNS Doco * Formating * Linux doco * formating * moved dns back to linux pack * Cisco NXOS * typo * IOS requires a seperate become/enable password * Cisco IOS documentation * Azure Networking Doco * VMware Doco * deprecated notice * deprecated notices * ACME deprecated notice * min version * removed erronious output * merge azure packages * corrected context case * Case corrections in Context * Added privilege escalation options for Linux * Documentation about complex command inputs * Update Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.py Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Update Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME.yml Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * editing azure readme * editing azure readme * editing ciscos readmes * editing ciscos readmes * Update Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/README.md * editing hcloud readme * Update Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/README.md * editing kubernetes readme * editing linux readme * editing windows readme * editing windows readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * changing command examples * fixing secrets * fixing secrets and validations * fixing secrets * fixing secrets * fixing secrets * fixing rm108 * use title case for context * fixing validations * host argument collision fix * whitespace * revised doco for collided arg * title case without underscores * fix title case in documentation * Title case in context path * titlecase context paths * correct display * priv escalation details * Capital letter in description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> Co-authored-by: rsagi <rsagi@paloaltonetworks.com> * reverting wrong changes * fixing same playbook name * skipping all integrations via conf.json * fixing dependencies * updating playbook-Windows_Application_Deployment_v2.yml * updating playbook-Windows_Application_Deployment_v2.yml * fixing names * updating playbook-Wait_Until_Windows_Host_Online_v2.yml * adding creds support * adding creds support * Merge branch 'master' into contrib/SergeBakharev_ansible_documentation&ApiModule # Conflicts: # Tests/conf.json * disabling guardrails false positive * adding creds support for hcould Co-authored-by: SergeBakharev <serge.bakharev@gmail.com> Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> Co-authored-by: rsagi <rsagi@paloaltonetworks.com> * [Marketplace Contribution] SendGrid - Content Pack Update (#14350) (#14507) * "contribution update to pack "SendGrid"" * pack resubmitted * pack resubmitted * pack resubmitted * fix cr * fix cr * Update RN Co-authored-by: bachen <bachen@paloaltonetworks.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: bachen <bachen@paloaltonetworks.com> * Incidents test playbook (#13848) * adding scripts * changes * adding test * adding using instance * fixed test * changed health ckeck script * new playbook * changing the playbook * new playbook * new playbook * changed playbook and added new scripts from indicators pr * fixed typo * added one more fetch incidents integraion * changes from demo * fixes from cr * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * added release notes * adding test to test-conf * added readme * Update VerifyEnoughIncidents.yml * Update 1_2_2.md * Update VerifyEnoughIncidents.yml * changed test conf * changed VerifyContextFieldsList to VerifyObjectFieldsList * save little changes * Update README.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: Richard Bluestone <53567272+richardbluestone@users.noreply.github.com> * Deprecated microsoft policy and compliance playbooks (#14378) * Deprecated Azure and office365 playbooks, moving them to other pack. * Updated release notes * Updated release notes * Wildfire polling enhancement (#13857) * polling command * report context * report context * report context * report context * report context * report context * UT * UT * Common Objects * Common Objects * deprecated: true * upload assertment * upload assertment * TPB * rn * UT * lint * validtae * validtae * Delete lolo.xml * Update Palo_Alto_Networks_WildFire_v2.yml Done. * Update 1_4_0.md Done. * RN * yml fix * Update Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.py Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> * RN * server logs * server logs * server logs * server logs * TPB * TPB * TPB * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * fix sha256 * fix sha256 * fix sha256 * fix sha256 * fix sha256 * Merge branch 'master' into upload_list_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * fstring fix Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> Co-authored-by: yaakovi <syaakovi@paloaltonetworks.com> * [Marketplace Contribution] ConvertTimezoneFromUTC (#14512) * "pack contribution initial commit" (#14384) * fixed validate & lint * Update Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py * Update Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: cshayner <cshayner@paloaltonetworks.com> Co-authored-by: ChanochShayner <57212002+ChanochShayner@users.noreply.github.com> * fix typo (#14516) * QRadar enhance ip commands (#14500) * added support for ip arguments * added args to readme * Added rn * small fixes to filter query * reverted commenting * Update Packs/QRadar/ReleaseNotes/2_0_22.md Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Update Docker Image To demisto/python3 (#14481) * Updated Metadata Of Pack KasperskySecurityCenter * Added release notes to pack KasperskySecurityCenter * Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.yml Docker image update * Updated Metadata Of Pack Shodan * Added release notes to pack Shodan * Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml Docker image update * Adding TPB of Kaspersky Security Center * Updated Metadata Of Pack KasperskySecurityCenter * Fixed build * Added dbotscore to ip command + added readme file that was missing * added dbotscore outputs to readme * deleted use-case empty section * removed unnecessary ignore * Fixed cr comments * added response_type to login Co-authored-by: sberman <sberman@paloaltonetworks.com> * Upload list content item (#14464) * removed the gke tag from run-validations job * adding list item * adding list item * widget fix * testing * testing * testing * testing * typo fix * revert testing changes * revert testing changes * revert testing changes * Update Docker Image To demisto/python3 (#14522) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Integrations/FeedExpanse/FeedExpanse.yml Docker image update * Content mgmt bug fixes (#14459) * bug fixes * bug fixes * rn * metadata * Update pack_metadata.json * Update Packs/ContentManagement/ReleaseNotes/1_0_3.md Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Typo fix constnats upload (#14525) * fix typo * fix typo * fix typo * Update Docker Image To demisto/chromium (#14523) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update * Fixed conflicts Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Shelly Berman <45915502+Shellyber@users.noreply.github.com> * ParseEmailFiles - added code for multiple mime encoding (#14076) * added code for multiple encoding * added code for multiple encoding - rn tests * added code for multiple encoding - rn tests * added code for multiple encoding - rn tests * docker * rn * add replace logic * add replace logic * meta data * fix test * lint * fix * rn * added default and force arguments, added a verification null bytes not on encoded string * rn * change debug * add debug * update * update * Update Docker Image To demisto/python3 (#14532) * Updated Metadata Of Pack Armis * Added release notes to pack Armis * Packs/Armis/Integrations/Armis/Armis.yml Docker image update * Updated Metadata Of Pack AttackIQFireDrill * Added release notes to pack AttackIQFireDrill * Packs/AttackIQFireDrill/Integrations/AttackIQFireDrill/AttackIQFireDrill.yml Docker image update * Updated Metadata Of Pack BPA * Added release notes to pack BPA * Packs/BPA/Integrations/BPA/BPA.yml Docker image update * Updated Metadata Of Pack Barracuda * Added release notes to pack Barracuda * Packs/Barracuda/Integrations/BarracudaReputationBlockListBRBL/BarracudaReputationBlockListBRBL.yml Docker image update * Updated Metadata Of Pack BastilleNetworks * Added release notes to pack BastilleNetworks * Packs/BastilleNetworks/Integrations/BastilleNetworks/BastilleNetworks.yml Docker image update * Updated Metadata Of Pack BitDam * Added release notes to pack BitDam * Packs/BitDam/Integrations/BitDam/BitDam.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack BluelivThreatCompass * Added release notes to pack BluelivThreatCompass * Packs/BluelivThreatCompass/Integrations/BluelivThreatCompass/BluelivThreatCompass.yml Docker image update * Updated Metadata Of Pack BluelivThreatContext * Added release notes to pack BluelivThreatContext * Packs/BluelivThreatContext/Integrations/BluelivThreatContext/BluelivThreatContext.yml Docker image update * Updated Metadata Of Pack Bonusly * Added release notes to pack Bonusly * Packs/Bonusly/Integrations/Bonusly/Bonusly.yml Docker image update * Updated the Microsoft Graph API README (#14368) * Updated the Microsoft Graph API README Added the authorization process commands - msgraph-api-auth-start, msgraph-api-auth-complete, msgraph-api-test * Update Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/README.md Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> Co-authored-by: ikeren <itay@demisto.com> * Whois integration connectivity issue (#14519) * test to recreate the bug * bug fixed * validate fix * RN * Update Packs/Whois/ReleaseNotes/1_2_4.md Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> * fixed proxy params in test. Added more info to the proxy section in additional info * Update Packs/Whois/Integrations/Whois/Whois.yml Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> * skip tests * Revert "skip tests (#14455)" This reverts commit 61bfafb9 * Indian domain test * Indian domain fix * rn * Update Packs/Whois/ReleaseNotes/1_2_5.md Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> * checking for in tld in playbook-Whois-Test.yml Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> * Added several commands to Darktrace integration (#13905) (#14537) * Added several commands to darktrace * Update Darktrace.yml * lint fixes * Update Darktrace.py * lint fixes * Added readme, and changed some details on the outp * Added example commands * Added additional details in readme-file * lint fix * Updated command argument desc. * upgrade the docker image * upgrade docker image * bump version * Added release notes * added outputs * Added tests for alle commends with output * Added a single iteration to skip the first result * removed all instances of add-comment * Added outputs_key_field * Added secrets to ignore * Update Packs/Darktrace/Integrations/Darktrace/README.md Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> * Update Packs/Darktrace/Integrations/Darktrace/README.md Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> * fix test * lint fix * Updated docs * lint fix * lint fix Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Solli <59604718+simmyno@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> * Update README.md (#14540) * Update README.md (#14538) * update README.md Co-authored-by: Dorin-PM <89532307+Dorin-PM@users.noreply.github.com> Co-authored-by: abaumgarten <abaumgarten@paloaltonetworks.com> * Add Edit and Pin commands to SlackV3 (#14372) * Add Edit and Pin commands to SlackV3 * Alexa v2 (#14072) Added alexa v2 intgeration * Unit42 sub-techniques (#14524) * add parent to the sub thecnique name * remove unrelated files * RN * version * version * Add UTs * Fix UT * Phishing - fixing dt + updating EWS/Gmail mappers (#14498) * Strip labels and fix mail body dt script. * Strip labels and fix mail body dt script. * Adding fields to EWS mapper * Fix dt on main playbook v5 * Changing Playbook inputs on "Process Email - Generic" from labels to fields * Adding fields to Gmail mapper * fixing EWS mapper name * Phishing release notes * Gmail release notes * EWS release notes * fixing EWS mapper id * fix playbook id * fix dt * revert field to label in V6 playbook * revert playbook inputs fields to labels in process email generic playbook * release notes * minor fix * Update 2_4_1.md Co-authored-by: Richard Bluestone <53567272+richardbluestone@users.noreply.github.com> * Added new transformer script - StringToArray (#14536) * Added new transformer script * Added rn + bumped version and fixed linting * Fixed import * Fixed cr's and added tpb * Added test to yml * changed uuid to transformer name in tpb * upload_code_coverage_report.py, initial add (#14302) * upload_code_coverage_report.py, initial add * Formatted file * upload code coverage report in nightly * Update .gitlab/ci/global.yml Co-authored-by: eli sharf <57587340+esharf@users.noreply.github.com> * fix syntax * fix script * fixup! fix script * upload_code_coverage_report.py, initial add * Formatted file * upload code coverage report in nightly * Update .gitlab/ci/global.yml Co-authored-by: eli sharf <57587340+esharf@users.noreply.github.com> * fix syntax * fix script * fixup! fix script * fixup! fixup! fix script * fix * final fix * improve * fixup! improve * Undelete line * Rearrange erinstated lines * Unit test * Test files * Format file * Pythonify * Format * Update Utils/upload_code_coverage_report.py Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> * Use Tuple instead of Dict * Format file Co-authored-by: eli sharf <57587340+esharf@users.noreply.github.com> Co-authored-by: esharf <esahrf@paloaltonetworks.com> Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> * [Marketplace Contribution] Palo Alto Networks Cortex XDR - Investigation and Response - Content Pack Update (#14550) * "contribution update to pack "Palo Alto Networks Cortex XDR - Investigation and Response"" (#14505) * fixed * fixed Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: abaumgarten <abaumgarten@paloaltonetworks.com> * AlienVault USM - handle alarms with timestamp_occured (#14542) * add test for alarm with timestamp_occured * use timestamp_occured as incident occurred time * Update Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Microsoft Graph Mail incoming mapper (#14468) * new mapper + release notes * Adding more fields * removed the use-cases from all ansible packs (#14555) * change channels:write to channels:manage scope SlackV3 (#14556) * Cisco Umbrella Investigate - handle empty emails list returned in the domain command (#14541) * add google.com to domain cmd test * add support for multiple domains * pass emails list instead of dict to tbtomd * adjust test playbook * build output per domain * ignore type hint * set isArray to true and add note about multiple domains to rn * CommonServerPython - check if session exist before trying to close it (#14526) * Cortex XDR - handle already blacklisted files (#14552) * test blacklist-files * handle err returned in case file already blacklistedd * verify res is dict * revert 3_0_25.md * revert 3_0_25.md * CrowdStrike API Integration (#12335) * crowdstrike api integration initial commit * call handle_proxy * Update CrowdStrikeAPI.yml Done. * Update CrowdStrikeAPI.yml Done. * Update CrowdStrikeAPI_description.md Done. * Update README.md Done. * Update README.md Done. * bump docker image tag * gco * add test data * fix test data filename * bump docker image tag * autopep8 * ignore E501 * rm config json * add readme * improve docs Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Zscaler - handle returned URLs protocols (#14529) * replace res urls from given ones * add rn * improve condition for matching url * Symantec DLP - fix handling of fetch limit (#14561) * test fetch incidents with limit less than num of dlp incidents returned * fix fetch limit handling * fix W293 * fix W293 * PP rule support (#14470) * pp rule support * testing * fix name * testing * typo fix * revert testing changes * revert testing changes * revert testing changes * fix typo * scheme verification * Merge branch 'master' into upload_preprocessing_rule_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * Merge branch 'master' into upload_preprocessing_rule_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * added login to gcp, fixed a default argument (#14331) * replaced the contrib checkout to use github api (#13676) * replaced the contrib checkout to use GitHub REST API * update UT Co-authored-by: esharf <esahrf@paloaltonetworks.com> * Thycotic dsv (#14475) * Thycotic dsv (#11589) * Init revision * Init revision * Add integration Thycotic Secret Server * Delete comment block * Add TestPlaybook * Modify Tests/conf.json Delete error files * Delete file * Add Test Playbook * Update Packs/Thycotic/TestPlaybooks/Thycotic-Test.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Tests/conf.json Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/pack_metadata.json Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/pack_metadata.json Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Change support contacts * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Change description for output parameters * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Fix * Change exception message for command test_command * Change description, add version Secret Server * Add param proxy * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Generate documentation for integration * Change version for Secret Server in documentation * Add param verify to class Client * Add files via upload * Add files via upload * Add files via upload * Updated Thycotic Integration * Delete conf.json * Regenerate Thycotc-Test * Update Thycotic_test.py * Update Thycotic.yml * Update pack_metadata.json Change tags * Update README.md * Update conf.json * Update pack_metadata.json * Update Thycotic.yml Change description * Update Thycotic.py Change test_module * Update Thycotic.py Fix syntax error * Update Thycotic_test.py Fix UT * Modify test command fetch-credential * running format * Add files via upload Change description * Update Thycotic_description.md * Update Thycotic_description.md * Add files via upload Updated description for output paramets * Init release for Thycotic DevOps Storage Vault * Change description * Fixed errors in descriptions. * Fixed * Add files via upload * Fixed * Add files via upload * Add files via upload * Fix description * Add files via upload * Add files via upload * Fixed * Add files via upload * Add files via upload * Add files via upload * Delete ThycoticDSV.yml * Add files via upload * Delete ThycoticDSV.py * Delete ThycoticDSV.yml * Delete Packs/Thycotic directory * Update pack_metadata.json * Update descriptions * Update descriptions * Fix * Markdown output Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Guy Keller <33782301+guykeller@users.noreply.github.com> Co-authored-by: guykeller <g12k34ppp> * fixing docs * added author image Co-authored-by: Andrey Nikolaev <69254946+AndyNikolaev@users.noreply.github.com> Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Guy Keller <33782301+guykeller@users.noreply.github.com> Co-authored-by: guykeller <g12k34ppp> * Splunk Fixes (#14568) * fixed an issue in the outgoing mapper, fixed an issue in update-remote-system command * improved documentation * version bump * cr fixes * Fix Get endpoint details - Generic playbook (#14569) * fix_playbook * fix task * Fix RN * upload new image * update image link * Update 2_0_3.md Done. Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * LogsignSiem Pack PR (#14565) * LogsignSiem Pack PR (#13875) * created logsignsiem pack * added logsignsiem classifiers mapper files and deleted dockerfile * fixed [PA126] validation warning * fixed some description in yaml file * deleted override http_request method and updated unittests * fixed last_fetch parameter and updated tests * removed unused variable * fixed logsignsiem api description * fixed logsignsiem api description * added query parameter and help section and fixed get-columns-query on api * fixed unittest func name * fixed Flake8 error * Update Packs/LogsignSiem/README.md * deleted logsign-get-incident method, added default param to query * rm integration setup from detailed desc * set default classifier and mapper Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> * add author_image Co-authored-by: Kerem <keremvatandas@gmail.com> Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> Co-authored-by: ikeren <itay@demisto.com> * Update Docker Image To demisto/python3 (#14558) * Updated Metadata Of Pack C2sec * Added release notes to pack C2sec * Packs/C2sec/Integrations/C2sec/C2sec.yml Docker image update * Updated Metadata Of Pack CTIX * Added release notes to pack CTIX * Packs/CTIX/Integrations/CTIX/CTIX.yml Docker image update * Updated Metadata Of Pack CVESearch * Added release notes to pack CVESearch * Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml Docker image update * Updated Metadata Of Pack CarbonBlackProtect * Added release notes to pack CarbonBlackProtect * Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml Docker image update * Updated Metadata Of Pack CentrifyVault * Added release notes to pack CentrifyVault * Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml Docker image update * Updated Metadata Of Pack Cherwell * Added release notes to pack Cherwell * Packs/Cherwell/Integrations/Cherwell/Cherwell.yml Docker image update * Updated Metadata Of Pack CiscoESAIronPortEmailAPI * Added release notes to pack CiscoESAIronPortEmailAPI * Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml Docker image update * Updated Metadata Of Pack CiscoEmailSecurity * Added release notes to pack CiscoEmailSecurity * Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml Docker image update * Updated Metadata Of Pack Claroty * Added release notes to pack Claroty * Packs/Claroty/Integrations/Claroty/Claroty.yml Docker image update * Updated Metadata Of Pack CloudConvert * Added release notes to pack CloudConvert * Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml Docker image update * Added dbotscore outputs to yml and readme Co-authored-by: sberman <sberman@paloaltonetworks.com> * IAM Group Sync - Slack & Okta (#13550) * changes * fixes and changes * fixes and changes * RN * remove test functions * lint * fix * fix * command result * fix * fix * changes * Merge branch 'master' into slack-iam # Conflicts: # Packs/Okta/ReleaseNotes/2_2_2.md # Packs/Slack/ReleaseNotes/2_1_2.md * in progress * some minor changes * RN conflicts fix * RN conflicts fix Co-authored-by: Dan Tavori <dtavori@paloaltonetworks.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * fixing dups and typos (#14578) * fix upload-flow bug in collect_content_items (#14579) * qradar: fix aql link (#13902) Co-authored-by: glicht <glicht@users.noreply.github.com> * ran update conf script to generate full conf. Deleted from build call to script (#14583) * Prisma Cloud playbooks bug fix (#14511) * Prisma Cloud playbooks bug fix * updated release notes * Edited playbooks structure and added new photos * Updated image names * Added new links to images * Nightly test failure skippings (#14557) * Skipped the following tests: "iDefense_v2_Test", "EWS Mail Sender Test", "McAfee ESM v2 - Test v10.3.0", "AzureADTest", "AWS - IAM Test Playbook", "Feed iDefense Test", "FireEyeNX-Test", "McAfee ESM v2 - Test v10.2.0", "McAfee ESM Watchlists - Test v10.3.0", "McAfee ESM Watchlists - Test v10.2.0", "Microsoft Teams Management - Test" * reverted integration changes * reverted * Skipped the following tests: "Zscaler Test", "palo_alto_panorama_test_pb" * Update from master * Skipped the following tests: "LogRhythm REST test", "Cisco Umbrella Test" * Skipped the following tests: "Cisco Umbrella Test", "LogRhythm REST test" * Skipped the following tests: "Detonate URL - WildFire v2.1 - Test", "LogRhythm REST test" * Skipped the following tests: "Detonate URL - WildFire v2.1 - Test", "LogRhythm REST test" * merge from master * merge from master Co-authored-by: ShahafBenYakir <shahaf.benyakir@demisto.com> * ParseEmailFiles - roll back to multiple encoding part (#14585) * roll back * rn * du * test * Update Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * Update Threat Intel objects and their score (#14587) * Test DONT Merge * Test DONT Merge * test * Add to Threat Intel * Update Threat Intel Objs and Score * remove unrelated files * docker update * CrowdStrike falcon enhancement (#14476) Added new commands for CrowdStrike falcon integration: - ***cs-falcon-create-host-group*** - ***cs-falcon-update-host-group*** - ***cs-falcon-list-host-group-members*** - ***cs-falcon-add-host-group-members*** - ***cs-falcon-remove-host-group-members*** - ***cs-falcon-list-host-groups*** - ***cs-falcon-delete-host-groups*** * Active Directory Query v2 - fixed an issue where group name includes parentheses (#14451) * unskip LogRhythm REST test (#14596) * ArcSight ESM - add the eventFieldsToStringify arg to get-case cmd (#14553) * add the eventFieldsToStringify arg to get-case cmd * fix W293 * rm fieldstostringify and cast to str every large int * fix notes and docs * bump docker image * fix docker image * [Bug] Maltiverse returns error when file command has no proccess_list (#14517) * adding test that fails * replace [] with get * added rn * Update Packs/Maltiverse/ReleaseNotes/1_0_7.md Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * fixed typo in rn * added given when then to test Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Add markdown images support in sanePdfReport (#14508) * Add markdown images support in sanePdfReport * Verify server object before closing the server * Start markdown server only if demisto version is ge 6.5 * Add markdown server unit test * update sane-pdf-reports image version in RN * Update 1_13_28.md Co-authored-by: yaron-libman <43783884+yaron-libman@users.noreply.github.com> * Update Docker Image To demisto/carbon-black-cloud (#14605) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/boto3py3 (#14609) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Update Docker Image To demisto/cyjax (#14607) * Updated Metadata Of Pack FeedCyjax * Added release notes to pack FeedCyjax * Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.yml Docker image update * Fixed fetch to include max fetch + time range as part of api query (#14599) * GitHub Releases List Command (#14480) * added command, yml, unit test * added test file data * added task of new command to TPB * added rn * add README command entry * removed dor username from test data * validation fix * dan cr notes * lint fixes * Added extra check since some eml files where still passing (#14600) * Added extra check since some eml files where still passing (#14545) * Added extra check since some eml files where still passing * - Update metadata - Add releasenotes Co-authored-by: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> * update RN * update RN Co-authored-by: Steven Goossens <steven@teamg.be> Co-authored-by: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> Co-authored-by: abaumgarten <abaumgarten@paloaltonetworks.com> * Update Docker Image To demisto/google-api-py3 (#14608) * Updated Metadata Of Pack GoogleCloudSCC * Added release notes to pack GoogleCloudSCC * Packs/GoogleCloudSCC/Integrations/GoogleCloudSCC/GoogleCloudSCC.yml Docker image update * Update Docker Image To demisto/crypto (#14604) * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Added test to script yml Co-authored-by: sberman <sberman@paloaltonetworks.com> * Microsoft Teams bug fixes and improvements (#14548) * Microsoft Teams bug fixes and improvements (#14543) * Add support for full width * Add support for Informational threshold * Fix bug with auto_notifications * Update release notes * Change default for 'auto_notifications' to false * changed parameter to be disable instead of enable * Update readme * possible test fixes * lint fixes for severity to float Co-authored-by: tneeman <tneeman@paloaltonetworks.com> * cr fixes * added microsoft teams TPB to conf json, although skipepd (for validation) Co-authored-by: Paul D <88715381+nb-pdragoi@users.noreply.github.com> Co-authored-by: tneeman <tneeman@paloaltonetworks.com> * Update Docker Image To demisto/python3 (#14602) * Updated Metadata Of Pack C2sec * Added release notes to pack C2sec * Packs/C2sec/Integrations/C2sec/C2sec.yml Docker image update * Updated Metadata Of Pack CTIX * Added release notes to pack CTIX * Packs/CTIX/Integrations/CTIX/CTIX.yml Docker image update * Updated Metadata Of Pack CVESearch * Added release notes to pack CVESearch * Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml Docker image update * Updated Metadata Of Pack CarbonBlackProtect * Added release notes to pack CarbonBlackProtect * Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml Docker image update * Updated Metadata Of Pack CentrifyVault * Added release notes to pack CentrifyVault * Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml Docker image update * Updated Metadata Of Pack Cherwell * Added release notes to pack Cherwell * Packs/Cherwell/Integrations/Cherwell/Cherwell.yml Docker image update * Updated…

* url regex * rn * fixed rn * Update 1_31_40.md Done. * docker * fix * fix * fix ut * rn * rn * domain * hot fix demisto sdk (#22577) * added the env * added hotfix * added demisto-sdk hot fix * fixup! added demisto-sdk hot fix * fixed lock file * move var outside code * XSIAM Impossible Traveler Enhancement (#22563) * test * test * Enhancements * New list and docs * update RN * fixes Co-authored-by: evisochek <evisochek@paloaltonetworks.com> * add alert_action_status arg to xdr-get-alerts command (#22526) * add alert_action_status arg to xdr-get-alerts command * update readme * fix code review notes * fix release notes * update readme * add secrets * Modeling Rule Testing Test Data File Examples (#22567) * feat(jamf): add modeling rule testdata example * feat(ApacheTomcat): add syslog testdata example Co-authored-by: avidan-H <> * Googledrive fixes (#22021) * fix * fix * README * docker * rn * version * cr fixes * Update 1_2_20.md changed formatting for argument from ** to * * revert fix * docker * release-notes * PAN-OS - Fix incorrect parsing of Panorama High-Availability state XML (#22124) * PAN-OS - Fix incorrect parsing of Panorama High-Availability state XML (#20857) * Bug reproduced * Fixed by correcting xpath for panorama HA * Add support for panorama HA in get-ha-status output * Add panorama to HA peer serials dict * Fixed get-ha-status bug * Added conditional for extra safety * Fix device-group bug when no hostname in entry * Update release notes and metadata * Update release notes and metadata * Update Packs/PAN-OS/ReleaseNotes/1_15_2.md * Update Packs/PAN-OS/ReleaseNotes/1_15_2.md Co-authored-by: Spaghett <32481037+adambaumeister@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * ReadPDFFileV2Permissions Fixes (Without Copy Protected) (#21856) * Fixed the two bugs, need to handle the new ones that arised * The script deals with the two problems * Enhanced the flow of the script * Fixed errors after enhancement * Add release notes * Fixed the 2 failing unit tests * Fixed wrong expected value in unit test * Added annotations and deleted tempfile * Typo * Fixed wrong args types in test * Trying to fix Pylint error * Added unit tests to test fixes * Deleted functions that are not in use * Fixed expected output * Fixed where unit test would change pdf permissions * Deleted pdf files that were used for testing * Deleted redundant LOG * Update PdfCopyingException Co-authored-by: Jasmine Beilin <71636766+JasBeilin@users.noreply.github.com> * Update PdfCredentialsException Co-authored-by: Jasmine Beilin <71636766+JasBeilin@users.noreply.github.com> * Added CR comments * Fixed CR comments and test playbook * Tried adding file to secrets-ignore * Fixed unit tests imports * Fixed unit tests imports * Fixed unit tests * Fixed unit tests * Fixed unit tests * Using PyPDF2.PdfReader * Deleted copy protected file and corresponding unit test * Deleted copy protected file * Update .secrets-ignore Co-authored-by: Jasmine Beilin <71636766+JasBeilin@users.noreply.github.com> * Misp add email object bug fix (#22088) * fix bug * add UT * update docker image * update RN * update lint * CR fixes * fix test playbook * Initial release of Stairwell integration (#21530) (#22117) * Update readme * Exclude known URLs from .secrets-ignore * Increase testing coverage * Updated README * Updated README & Inception.yml * Fix for LINT error using urllib3 * Improved test_module error handling Co-authored-by: mikewilusz-stairwell <90697468+mikewilusz-stairwell@users.noreply.github.com> * TaegisXDR - Add support for comments (#21379) (#21901) * Adding Comment create, fetch, and update commands * Adding tests for Comment commands * Replacing readable_output with tableToMarkdown * Updating tests * Adding test for test-module command * Updating example context data for reference * Updating output for Comment create and update commands * Updating valid Investigation statuses * Updating test data url * Adding release notes and bumping pack version to 4.1.0 * Correcting docker image location * Updating to latest docker image * Updating error checks * Removing unneeded release note * Correcting error messages in tests * Adding alerts2, missed in previous version * Ensuring the input passed into fetch-alerts is a string with no single quotes * Correcting Flake8 linting * Allowing for alert IDs to be a list or string of alert IDs, correct playbook runs * Updating docker image for CI * Removing unnecessary release note * Updating docker image * Removing unnecessary release note Co-authored-by: Ryan Reed <6673689+reedium@users.noreply.github.com> * temporary fix of VirusTotal offset 1 error in reputation (#22062) * temporary fix of VirusTotal offset 1 error in reputation scripts * Latest docker image * increment revision version * Add release notes * Add a period in end of release notes sentence. * ignore VirusTotal as unknown word in release notes. * updated the JIRA ticket reference. * use latest docker image * PR changes * remove duplicated import * remove blank line contains whitespace * revert changes to file * update release notes. * install demisto-sdk master correctly in staging (#22136) * One Datamodel Ready 4 (#22020) * Creating One Datamodel Ready 4 and adding guard duty to it. * Uploaded OracleDBEventCollector_1_3 * Updated version to 1.0.1 * Added OktaOAG_1_3 * Added Cisco SMA 1.3 * Added Tenable_io 1.3 * Updated the pack_metadata * Uploaded version 1.3 (ODM) * Push Apache tomcat to One data model ready 4 * Updated readme * Added Azure Event Hub 1.3 * Push Microsoft365Defender One data model ready 4 * add modeling rules 1.3 * Updated release notes for Abnormal Security * Updated the release notes and version for 8 packs * Fixed duplicated field for AWS GuardDuty, PR One Data Model Ready 4 * Updated the OracleDB release notes * Updated version in metadata json * Adding fields and fixing url field for ApacheTomcat, PR One Data Model Ready 4 * Delete TenableioEventCollector_1_3.yml * Delete MicrosoftWSUSModelingRules_1_3.xif * Remove wsus from pr 4 * add modeling rules 1.3 * add tenable io yml * Uploaded MS WSUS to PR4 * Add box to PR 4 * Add netskope to PR 4 * Remove from xdr version from microsoft 365 defender * Removed v1.3 data from Cisco SMA and Okta OAG * updated Read.me file to origin * Updated schema and version * Removed 'to' - Not needed * Add schema to box * Add schema to box, v1 * Updated schema 'Type' error * Fix schema tenable * add toversion * update RN * update rn1 * Fix Schema to be compatible with dataset names. Fix spaces in abnormal security pack * Fix Schema to be compatible with dataset name - AWS GuardDuty * Adding two fileds to microsoft365defender pack Co-authored-by: eepstain <eepstain@paloaltonetworks.com> Co-authored-by: nkanon <nkanon@paloaltonetworks.com> Co-authored-by: gtamir <gtamir@paloaltonetworks.com> Co-authored-by: evisochek <evisochek@paloaltonetworks.com> Co-authored-by: evisochek <72695126+evisochek@users.noreply.github.com> * Fix for ms graph mail (#22120) * fix bug * add rn * api fix * cr fix * change rn * Update Docker Image To demisto/py3-tools (#22141) * Updated Metadata Of Pack Elasticsearch * Added release notes to pack Elasticsearch * Packs/Elasticsearch/Integrations/Elasticsearch_v2/Elasticsearch_v2.yml Docker image update * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * Updated Metadata Of Pack OpenLDAP * Added release notes to pack OpenLDAP * Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Docker image update * add-CortexAttackSurfaceManagement-pack (#22133) * add-CortexAttackSurfaceManagement-pack * Update Tests/Marketplace/core_packs_mpv2_list.json * Update Docker Image To demisto/python3 (#22139) * Updated Metadata Of Pack AHA * Added release notes to pack AHA * Packs/AHA/Integrations/AHA/AHA.yml Docker image update * Updated Metadata Of Pack BeyondTrust_Password_Safe * Added release notes to pack BeyondTrust_Password_Safe * Packs/BeyondTrust_Password_Safe/Integrations/BeyondTrust_Password_Safe/BeyondTrust_Password_Safe.yml Docker image update * Updated Metadata Of Pack BitcoinAbuse * Added release notes to pack BitcoinAbuse * Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml Docker image update * Updated Metadata Of Pack BluecatAddressManager * Added release notes to pack BluecatAddressManager * Packs/BluecatAddressManager/Integrations/BluecatAddressManager/BluecatAddressManager.yml Docker image update * Updated Metadata Of Pack CarbonBlackEnterpriseEDR * Added release notes to pack CarbonBlackEnterpriseEDR * Packs/CarbonBlackEnterpriseEDR/Integrations/CarbonBlackEnterpriseEDR/CarbonBlackEnterpriseEDR.yml Docker image update * Updated Metadata Of Pack Censys * Added release notes to pack Censys * Packs/Censys/Integrations/CensysV2/CensysV2.yml Docker image update * Updated Metadata Of Pack Centreon * Added release notes to pack Centreon * Packs/Centreon/Integrations/Centreon/Centreon.yml Docker image update * Updated Metadata Of Pack CheckPhish * Added release notes to pack CheckPhish * Packs/CheckPhish/Integrations/CheckPhish/CheckPhish.yml Docker image update * Updated Metadata Of Pack CircleCI * Added release notes to pack CircleCI * Packs/CircleCI/Integrations/CircleCI/CircleCI.yml Docker image update * Updated Metadata Of Pack Cisco-umbrella-enforcement * Added release notes to pack Cisco-umbrella-enforcement * Packs/Cisco-umbrella-enforcement/Integrations/CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement.yml Docker image update * Fixed Mypy Errors Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/boto3py3 (#22140) * Updated Metadata Of Pack AWS-ACM * Added release notes to pack AWS-ACM * Packs/AWS-ACM/Integrations/AWS-ACM/AWS-ACM.yml Docker image update * Updated Metadata Of Pack AWS-CloudWatchLogs * Added release notes to pack AWS-CloudWatchLogs * Packs/AWS-CloudWatchLogs/Integrations/AWS-CloudWatchLogs/AWS-CloudWatchLogs.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Lambda * Added release notes to pack AWS-Lambda * Packs/AWS-Lambda/Integrations/AWS-Lambda/AWS-Lambda.yml Docker image update * Updated Metadata Of Pack AWS-S3 * Added release notes to pack AWS-S3 * Packs/AWS-S3/Integrations/AWS-S3/AWS-S3.yml Docker image update * Updated Metadata Of Pack AWS-SQS * Added release notes to pack AWS-SQS * Packs/AWS-SQS/Integrations/AWS-SQS/AWS-SQS.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWS_SecurityHub/AWS_SecurityHub.yml Docker image update * Updated Metadata Of Pack AWS_DynamoDB * Added release notes to pack AWS_DynamoDB * Packs/AWS_DynamoDB/Integrations/AWS_DynamoDB/AWS_DynamoDB.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/smbprotocol (#22144) * Updated Metadata Of Pack SMB * Added release notes to pack SMB * Packs/SMB/Integrations/SMB_v2/SMB_v2.yml Docker image update * [AquatoneDiscover] move to commonscripts, to py3 (#21715) * move the script to commonscripts. * update the script&docker to support python3 * GitLab new integration (#21258) * first commit * add readme+playbook, fix file_del and group_proj * fix file_d & group_l add readme & playbook * ignore secrets deesc.md added * after format * format gitlab test and py file * remove unused imports gitlab_test * pack ignore and changes to read me * resize image and some unit test * corrections after PR, only few more commands to fix * project list and issue list after fixing * after fixing according Pr1 * after fixing according Pr1 _ fixed lint * adding get users command * update output for merge request branch delete * update playbook file * update README * update after PR * Removing save cotext data from playbook * adding pagination function, try on group_project, projects, issue_list commands * adding response according pagination and fixing lists commands * adding command example to README and small fixies in GitLab.py * adding test validate pagination argumnets and fixing docker image * adding unit tests * adding unit tests 30% cover * adding unit test. 40% cover * adding unit test. 40% cover * try fixing image * fix after validate * changing the devSecOps/GitLab docker image * add mid unit test * Delete GitLab.yml * Revert "Delete GitLab.yml" This reverts commit 04f39dff09ba41e93d6cea07d277821c674633a5. * undo changes to Packs/DevSecOps/Integrations/GitLab/GitLab.yml * putting the new test as a comments just to make sure the build is ok * adding # pragma: no cover to main * adding # pragma: no cover to if main * cover 51 % * unit test 62% * unit tests 66% * 70% cover unit test+ get_raw_file_command updated * temp change to id in yml file * Revert "temp change to id in yml file" This reverts commit 0f49681ec2ff327610952d381524483f93372275. * id in yml * change in conf jason to Gitlab - check * updating relevat fields to GitLab v2 * update relase notes * delete uneeded files * relelse note update * adding the word use to 2_0_0 so the sentence would make sense * adding partial_response paramter to yml and 2 func * updating read me(adding partial_response arg) * adding fixes for partial_response * adding unit tests 70% from 67% * 4 changes after pr * only two PR notes left * last PR notes+ updating playbook * updating docker image * fix after validate * updating playbook id pack name * code pan run try changing the name+adding test docstring explation * Update GitLab.yml Done. * Update GitLab_description.md Done. * Update 2_0_0.md Done. * trailing white space * doc review changes * update fromversion * pack metadata changed name * changes after eli, regarding the name gitlabv2 * eli another try * GitLab v2 to GitLabv2 * space to do build again * adding marketplaces: - marketplacev2 * try build again * update meket place * scripts for playbook * fixing suggestbranch * delete irrlevent files and checking * forgot to lint * deleting scripts related to ci cd * redone last changes * small changes * update tests * add . * . * fgdfg * conf.json and update test playbook * deleting unused var * update file changes, already changed it before * project_id check and notes from demo fixed * adding description to issue HR * add merged to branch * test update * update tests * adding tests * update merge request merge * change playbook * adding fromvision * adding explanation to api scopes * adding title to partial list branch * datetime param and add DeleteContext * updating playbook prays and hopes for the build * pr updates * fix trailing white space * fixing issues ollalal * pretty file_path for folders * demisto docker * group project read me fixed * fixed doc string Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Deprecate old gitlab (#21695) * deprecat old GitLab pack * update release notes * updating pack version and release note name * change vesrion * change version * changes * try * relase note * Delete 1_d0445cb2-f325-4894-83e1-93ac42293504 delete it * update the file name of the release note * delete 1_2_0 * [VMware] to py3 (#21830) * update to python3 * save tests (#21863) * fix duplicates (#21996) * fix duplicates * fix test * Contrib/CDS Cofense Vision 100 (#22018) (#22029) * Updated deprecation description. * [Marketplace Contribution] SplunkCIMFields (#14484) * "pack contribution initial commit" (#14439) * change the scrpt according to the contributor * change the scrpt according to the contributor Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: cshayner <cshayner@paloaltonetworks.com> * setGridField: Allow column names to have underscores (#14469) Grid column names can have underscores in them. Co-authored-by: Dean Arbel <darbel@paloaltonetworks.com> * Add more dates, tags, and TLP to feed integration (#14483) * Add more dates, tags, and TLP to feed integration (#14380) * Add more dates, tags and TLP to feed integration * Add release notes * fixed rn Co-authored-by: EvgeniyMeteliza <81425065+EvgeniyMeteliza@users.noreply.github.com> Co-authored-by: abaumgarten <abaumgarten@paloaltonetworks.com> * Fixed Custom Indicator context value key (#14422) * Fixed context value key * Fixed customIndicator test * Fixed customIndicator test * Merge branch 'master' into custom-indicator-value # Conflicts: # Packs/Base/ReleaseNotes/1_13_22.md * Update 1_13_23.md Done. Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * added ignore BA113,BA112 (#14465) * GetFailedTasks - improve err msg of failure to retrieve tasks (#14442) * improve err msg of failure to retrieve tasks * rm new line * Update Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/README.md Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Fix generic APIModule feeds (#14490) * setGridField: undo column name truncation (#14492) allow column name truncation Co-authored-by: Dean Arbel <darbel@paloaltonetworks.com> * fixed bug in pop ranks (#14493) * fixed bug in pop ranks * fixed bug in pop ranks * Migrate bucket upload workflow to GitLab (#14130) * Remove upload dev rules and env variable dev value assignment * Show that it works with fixed demisto-sdk * Revert "Show that it works with fixed demisto-sdk" This reverts commit 0a813cdbe92fcd4c2840fb92d091661853e8339c. * Enable bucket-upload trigger script to work against production bucket Co-authored-by: ikeren <itay@demisto.com> * Added Iron Bank approved tag (#14489) * Crowdstrike datetime bug (#14382) * added test * added test that fails * fix for test * added release notes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_0_4.md Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Qss new pr (#14502) * update README.md * update README.md * Rasterize improvements (#14124) (#14482) * Added support for different filename * Update the release notes * fix mypy error * Changed the naming from "filename" to "file_name" * Rename 1_0_10.md to 1_0_11.md * Update pack_metadata.json Co-authored-by: Paul <32433511+blestemee@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Paul D <88715381+nb-pdragoi@users.noreply.github.com> Co-authored-by: Paul <32433511+blestemee@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> * [Sixgill-195] dve bug (#14503) * [Sixgill-195] dve bug (#14499) * fixed tests * fixed tests * fixed tags * fixed tags * rn Co-authored-by: tamarsix <72441754+tamarsix@users.noreply.github.com> Co-authored-by: abaumgarten <abaumgarten@paloaltonetworks.com> * metadata constants (#14466) * metadata constants * metadata constants * metadata constants * fix name * typo fix * typo fix * Zip content packs step optimization (#12770) * Testing download packs from gcs * Deleting Skip Zip content packs so it can be tested * Changed file download to gsutil * Fixed bucket path * Fixed gsutil flag * Added dest path prints * Old download * Different url * Changed gcp path * Changed gcp path * Created a bash script for gcp command * Rerun * Added newline * Changed path and error message * Added shell statement to file * Added prints * Changed os.walk * Changed zip path * Changed gcp path * Changed gcp path * added prints * print entries * print entries * print entries * print entries * prints subprocess * prints subprocess * prints subprocess * prints subprocess * prints subprocess * prints subprocess * Changed set and added exception handler * removed unnecessary mkdir * print path of pack * test * test * fixes * fixes * fixes * fixes * testing old step * checks and prints * checks and prints * Added copy to other dir * Added some comments * removed script communication * Added testing, changed parameters to general build * Added docstring to tests * Fixed flake8 issues * Added packs list print - will be removed * Removed print * Added dir entries print * Added check for circle_build * Added src and dest path prints * Added src path prints and check_output * Added src path prints and check_output * Removed trailing / * Fixed zip path * Added storage_base_path, bucket_name args. Removed prints, added logging. Added try except clause. * Added missing arguments * Moved to upload flow only * Removed skip for non master branches - testing * Moved sys.exit(1) to end of script, refactored search in blobs. * Updated comment * Fixed tests * Added looseversion * Added master check back * Removed unnecessary bash script. * Fixed PR comments * Changed copy to artifacts to use the script's arguement * Added gitlab support * Testing gitlab's upload * Added check back * Fixed readme error * Added back the upload check * Fixed some todos * Added todos * Moved download to job * Fixed tests * Todo * removing conditions for testing * Added needed conditions * Removed todo and added env var * Changed packs src * Removed conditions * Updated sbp when bucket is dist-dev * Changed to default storage_base_path * Removed unnecessary conditions * updated path * Sharing variable between steps * Added step to bucket-upload.yml * Fixed flake8 issues * commented out failing tests - for testing gitlab flow * Fixed problem in unittest * Fixed problem in unittest * Changed bucket condition name * Fixed yml file * Removed unnecessary packs dir * Added echo * Added default storage_base_path value * Fixed yml structure * Fixing yml structure * test * Revert "test" This reverts commit a340bfce * Removed run validations * Changed upload-to-marketplace rules * Added gcloud login * Added rule back, removed private zip folder creation * Removed run validations * Added requirement back * Added run validations back * StixParser - skip SSDEEP (#14501) * add ssdeep to stix1 test file * trigger ut * skip ssdeep values * Update Packs/Base/ReleaseNotes/1_13_24.md Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> * Ansible Integration Quality Improvements (#14375) * Ansible Integration Quality Improvements (#12795) * Ansible API Module * Refactored Ansible Integrations using API Module * HCloud Documentation * Default values of [] and {} are invalid in Ansible * Linux README. Work in progress. * spelling * Alibaba Cloud Readme * typo * typo * commands for doco * better acme banner * better description * ACME README WIP * commands from debian server * Windows ReadMe WIP * docker tag bump * docker version bump and displayname spacing * remove commands with error outputs * Release notes / Metadata * validation issue resolution * linting and formating corrections * trimmed package listing * MS Readme WIP * aligning names in note to integrations * MS Readme WIP * get_md5 argument no longer exists on module * More README WIP * remove pester example, looks like it failed tests * mypy and flake8 lint fixes * docker image bump * ignoring pylint errpr for specialised import * typo * pylint and pep8 errors use different ignore syntax * dict2md revisions and unit tests * rec_ansible_key_strip unit test * Correct docker image for Ansible * linting * clean up loose demisto calls and add type hinting * Inventory unit tests * incorrect indentation * remove unused value * tidy up demisto calls * generic_ansible unit test * remove global var host_type * linting * mypy fixes, output_key field, and context camelCase * regenerated integrations * id/name prefixed with ansible * removed whitespace on descriptions * camelcase context * corrected predefined args for bools * outputs_key_field for targetbased integrations * context path updated * better error messages * test-command functionality * fix templating error * correct logic for test-module * version bump and linting * linting * docstring for generic_ansible * Deprecating old pack Adding new packs * Alibaba Cloud Polish * Documenetation for Alibaba Cloud * Documentation for Azure Compute * remove problematic module * Documentation for Hetzner Cloud * Partial documentation for Windows * hcloud test playbook * kubernetes documentation * remove empty command example headings * better explaination around ansible usage * Linux doco * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * remove todo * Ansible branding + description clean up * Ansible DNS Doco * Formating * Linux doco * formating * moved dns back to linux pack * Cisco NXOS * typo * IOS requires a seperate become/enable password * Cisco IOS documentation * Azure Networking Doco * VMware Doco * deprecated notice * deprecated notices * ACME deprecated notice * min version * removed erronious output * merge azure packages * corrected context case * Case corrections in Context * Added privilege escalation options for Linux * Documentation about complex command inputs * Update Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.py Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Update Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME.yml Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * editing azure readme * editing azure readme * editing ciscos readmes * editing ciscos readmes * Update Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/README.md * editing hcloud readme * Update Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/README.md * editing kubernetes readme * editing linux readme * editing windows readme * editing windows readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * changing command examples * fixing secrets * fixing secrets and validations * fixing secrets * fixing secrets * fixing secrets * fixing rm108 * use title case for context * fixing validations * host argument collision fix * whitespace * revised doco for collided arg * title case without underscores * fix title case in documentation * Title case in context path * titlecase context paths * correct display * priv escalation details * Capital letter in description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> Co-authored-by: rsagi <rsagi@paloaltonetworks.com> * reverting wrong changes * fixing same playbook name * skipping all integrations via conf.json * fixing dependencies * updating playbook-Windows_Application_Deployment_v2.yml * updating playbook-Windows_Application_Deployment_v2.yml * fixing names * updating playbook-Wait_Until_Windows_Host_Online_v2.yml * adding creds support * adding creds support * Merge branch 'master' into contrib/SergeBakharev_ansible_documentation&ApiModule # Conflicts: # Tests/conf.json * disabling guardrails false positive * adding creds support for hcould Co-authored-by: SergeBakharev <serge.bakharev@gmail.com> Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> Co-authored-by: rsagi <rsagi@paloaltonetworks.com> * [Marketplace Contribution] SendGrid - Content Pack Update (#14350) (#14507) * "contribution update to pack "SendGrid"" * pack resubmitted * pack resubmitted * pack resubmitted * fix cr * fix cr * Update RN Co-authored-by: bachen <bachen@paloaltonetworks.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: bachen <bachen@paloaltonetworks.com> * Incidents test playbook (#13848) * adding scripts * changes * adding test * adding using instance * fixed test * changed health ckeck script * new playbook * changing the playbook * new playbook * new playbook * changed playbook and added new scripts from indicators pr * fixed typo * added one more fetch incidents integraion * changes from demo * fixes from cr * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * added release notes * adding test to test-conf * added readme * Update VerifyEnoughIncidents.yml * Update 1_2_2.md * Update VerifyEnoughIncidents.yml * changed test conf * changed VerifyContextFieldsList to VerifyObjectFieldsList * save little changes * Update README.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: Richard Bluestone <53567272+richardbluestone@users.noreply.github.com> * Deprecated microsoft policy and compliance playbooks (#14378) * Deprecated Azure and office365 playbooks, moving them to other pack. * Updated release notes * Updated release notes * Wildfire polling enhancement (#13857) * polling command * report context * report context * report context * report context * report context * report context * UT * UT * Common Objects * Common Objects * deprecated: true * upload assertment * upload assertment * TPB * rn * UT * lint * validtae * validtae * Delete lolo.xml * Update Palo_Alto_Networks_WildFire_v2.yml Done. * Update 1_4_0.md Done. * RN * yml fix * Update Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.py Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> * RN * server logs * server logs * server logs * server logs * TPB * TPB * TPB * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * fix sha256 * fix sha256 * fix sha256 * fix sha256 * fix sha256 * Merge branch 'master' into upload_list_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * fstring fix Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> Co-authored-by: yaakovi <syaakovi@paloaltonetworks.com> * [Marketplace Contribution] ConvertTimezoneFromUTC (#14512) * "pack contribution initial commit" (#14384) * fixed validate & lint * Update Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py * Update Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: cshayner <cshayner@paloaltonetworks.com> Co-authored-by: ChanochShayner <57212002+ChanochShayner@users.noreply.github.com> * fix typo (#14516) * QRadar enhance ip commands (#14500) * added support for ip arguments * added args to readme * Added rn * small fixes to filter query * reverted commenting * Update Packs/QRadar/ReleaseNotes/2_0_22.md Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Update Docker Image To demisto/python3 (#14481) * Updated Metadata Of Pack KasperskySecurityCenter * Added release notes to pack KasperskySecurityCenter * Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.yml Docker image update * Updated Metadata Of Pack Shodan * Added release notes to pack Shodan * Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml Docker image update * Adding TPB of Kaspersky Security Center * Updated Metadata Of Pack KasperskySecurityCenter * Fixed build * Added dbotscore to ip command + added readme file that was missing * added dbotscore outputs to readme * deleted use-case empty section * removed unnecessary ignore * Fixed cr comments * added response_type to login Co-authored-by: sberman <sberman@paloaltonetworks.com> * Upload list content item (#14464) * removed the gke tag from run-validations job * adding list item * adding list item * widget fix * testing * testing * testing * testing * typo fix * revert testing changes * revert testing changes * revert testing changes * Update Docker Image To demisto/python3 (#14522) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Integrations/FeedExpanse/FeedExpanse.yml Docker image update * Content mgmt bug fixes (#14459) * bug fixes * bug fixes * rn * metadata * Update pack_metadata.json * Update Packs/ContentManagement/ReleaseNotes/1_0_3.md Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Typo fix constnats upload (#14525) * fix typo * fix typo * fix typo * Update Docker Image To demisto/chromium (#14523) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update * Fixed conflicts Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Shelly Berman <45915502+Shellyber@users.noreply.github.com> * ParseEmailFiles - added code for multiple mime encoding (#14076) * added code for multiple encoding * added code for multiple encoding - rn tests * added code for multiple encoding - rn tests * added code for multiple encoding - rn tests * docker * rn * add replace logic * add replace logic * meta data * fix test * lint * fix * rn * added default and force arguments, added a verification null bytes not on encoded string * rn * change debug * add debug * update * update * Update Docker Image To demisto/python3 (#14532) * Updated Metadata Of Pack Armis * Added release notes to pack Armis * Packs/Armis/Integrations/Armis/Armis.yml Docker image update * Updated Metadata Of Pack AttackIQFireDrill * Added release notes to pack AttackIQFireDrill * Packs/AttackIQFireDrill/Integrations/AttackIQFireDrill/AttackIQFireDrill.yml Docker image update * Updated Metadata Of Pack BPA * Added release notes to pack BPA * Packs/BPA/Integrations/BPA/BPA.yml Docker image update * Updated Metadata Of Pack Barracuda * Added release notes to pack Barracuda * Packs/Barracuda/Integrations/BarracudaReputationBlockListBRBL/BarracudaReputationBlockListBRBL.yml Docker image update * Updated Metadata Of Pack BastilleNetworks * Added release notes to pack BastilleNetworks * Packs/BastilleNetworks/Integrations/BastilleNetworks/BastilleNetworks.yml Docker image update * Updated Metadata Of Pack BitDam * Added release notes to pack BitDam * Packs/BitDam/Integrations/BitDam/BitDam.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack BluelivThreatCompass * Added release notes to pack BluelivThreatCompass * Packs/BluelivThreatCompass/Integrations/BluelivThreatCompass/BluelivThreatCompass.yml Docker image update * Updated Metadata Of Pack BluelivThreatContext * Added release notes to pack BluelivThreatContext * Packs/BluelivThreatContext/Integrations/BluelivThreatContext/BluelivThreatContext.yml Docker image update * Updated Metadata Of Pack Bonusly * Added release notes to pack Bonusly * Packs/Bonusly/Integrations/Bonusly/Bonusly.yml Docker image update * Updated the Microsoft Graph API README (#14368) * Updated the Microsoft Graph API README Added the authorization process commands - msgraph-api-auth-start, msgraph-api-auth-complete, msgraph-api-test * Update Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/README.md Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> Co-authored-by: ikeren <itay@demisto.com> * Whois integration connectivity issue (#14519) * test to recreate the bug * bug fixed * validate fix * RN * Update Packs/Whois/ReleaseNotes/1_2_4.md Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> * fixed proxy params in test. Added more info to the proxy section in additional info * Update Packs/Whois/Integrations/Whois/Whois.yml Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> * skip tests * Revert "skip tests (#14455)" This reverts commit 61bfafb9 * Indian domain test * Indian domain fix * rn * Update Packs/Whois/ReleaseNotes/1_2_5.md Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> * checking for in tld in playbook-Whois-Test.yml Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> * Added several commands to Darktrace integration (#13905) (#14537) * Added several commands to darktrace * Update Darktrace.yml * lint fixes * Update Darktrace.py * lint fixes * Added readme, and changed some details on the outp * Added example commands * Added additional details in readme-file * lint fix * Updated command argument desc. * upgrade the docker image * upgrade docker image * bump version * Added release notes * added outputs * Added tests for alle commends with output * Added a single iteration to skip the first result * removed all instances of add-comment * Added outputs_key_field * Added secrets to ignore * Update Packs/Darktrace/Integrations/Darktrace/README.md Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> * Update Packs/Darktrace/Integrations/Darktrace/README.md Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> * fix test * lint fix * Updated docs * lint fix * lint fix Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Solli <59604718+simmyno@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> * Update README.md (#14540) * Update README.md (#14538) * update README.md Co-authored-by: Dorin-PM <89532307+Dorin-PM@users.noreply.github.com> Co-authored-by: abaumgarten <abaumgarten@paloaltonetworks.com> * Add Edit and Pin commands to SlackV3 (#14372) * Add Edit and Pin commands to SlackV3 * Alexa v2 (#14072) Added alexa v2 intgeration * Unit42 sub-techniques (#14524) * add parent to the sub thecnique name * remove unrelated files * RN * version * version * Add UTs * Fix UT * Phishing - fixing dt + updating EWS/Gmail mappers (#14498) * Strip labels and fix mail body dt script. * Strip labels and fix mail body dt script. * Adding fields to EWS mapper * Fix dt on main playbook v5 * Changing Playbook inputs on "Process Email - Generic" from labels to fields * Adding fields to Gmail mapper * fixing EWS mapper name * Phishing release notes * Gmail release notes * EWS release notes * fixing EWS mapper id * fix playbook id * fix dt * revert field to label in V6 playbook * revert playbook inputs fields to labels in process email generic playbook * release notes * minor fix * Update 2_4_1.md Co-authored-by: Richard Bluestone <53567272+richardbluestone@users.noreply.github.com> * Added new transformer script - StringToArray (#14536) * Added new transformer script * Added rn + bumped version and fixed linting * Fixed import * Fixed cr's and added tpb * Added test to yml * changed uuid to transformer name in tpb * upload_code_coverage_report.py, initial add (#14302) * upload_code_coverage_report.py, initial add * Formatted file * upload code coverage report in nightly * Update .gitlab/ci/global.yml Co-authored-by: eli sharf <57587340+esharf@users.noreply.github.com> * fix syntax * fix script * fixup! fix script * upload_code_coverage_report.py, initial add * Formatted file * upload code coverage report in nightly * Update .gitlab/ci/global.yml Co-authored-by: eli sharf <57587340+esharf@users.noreply.github.com> * fix syntax * fix script * fixup! fix script * fixup! fixup! fix script * fix * final fix * improve * fixup! improve * Undelete line * Rearrange erinstated lines * Unit test * Test files * Format file * Pythonify * Format * Update Utils/upload_code_coverage_report.py Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> * Use Tuple instead of Dict * Format file Co-authored-by: eli sharf <57587340+esharf@users.noreply.github.com> Co-authored-by: esharf <esahrf@paloaltonetworks.com> Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> * [Marketplace Contribution] Palo Alto Networks Cortex XDR - Investigation and Response - Content Pack Update (#14550) * "contribution update to pack "Palo Alto Networks Cortex XDR - Investigation and Response"" (#14505) * fixed * fixed Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: abaumgarten <abaumgarten@paloaltonetworks.com> * AlienVault USM - handle alarms with timestamp_occured (#14542) * add test for alarm with timestamp_occured * use timestamp_occured as incident occurred time * Update Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Microsoft Graph Mail incoming mapper (#14468) * new mapper + release notes * Adding more fields * removed the use-cases from all ansible packs (#14555) * change channels:write to channels:manage scope SlackV3 (#14556) * Cisco Umbrella Investigate - handle empty emails list returned in the domain command (#14541) * add google.com to domain cmd test * add support for multiple domains * pass emails list instead of dict to tbtomd * adjust test playbook * build output per domain * ignore type hint * set isArray to true and add note about multiple domains to rn * CommonServerPython - check if session exist before trying to close it (#14526) * Cortex XDR - handle already blacklisted files (#14552) * test blacklist-files * handle err returned in case file already blacklistedd * verify res is dict * revert 3_0_25.md * revert 3_0_25.md * CrowdStrike API Integration (#12335) * crowdstrike api integration initial commit * call handle_proxy * Update CrowdStrikeAPI.yml Done. * Update CrowdStrikeAPI.yml Done. * Update CrowdStrikeAPI_description.md Done. * Update README.md Done. * Update README.md Done. * bump docker image tag * gco * add test data * fix test data filename * bump docker image tag * autopep8 * ignore E501 * rm config json * add readme * improve docs Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Zscaler - handle returned URLs protocols (#14529) * replace res urls from given ones * add rn * improve condition for matching url * Symantec DLP - fix handling of fetch limit (#14561) * test fetch incidents with limit less than num of dlp incidents returned * fix fetch limit handling * fix W293 * fix W293 * PP rule support (#14470) * pp rule support * testing * fix name * testing * typo fix * revert testing changes * revert testing changes * revert testing changes * fix typo * scheme verification * Merge branch 'master' into upload_preprocessing_rule_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * Merge branch 'master' into upload_preprocessing_rule_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * added login to gcp, fixed a default argument (#14331) * replaced the contrib checkout to use github api (#13676) * replaced the contrib checkout to use GitHub REST API * update UT Co-authored-by: esharf <esahrf@paloaltonetworks.com> * Thycotic dsv (#14475) * Thycotic dsv (#11589) * Init revision * Init revision * Add integration Thycotic Secret Server * Delete comment block * Add TestPlaybook * Modify Tests/conf.json Delete error files * Delete file * Add Test Playbook * Update Packs/Thycotic/TestPlaybooks/Thycotic-Test.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Tests/conf.json Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/pack_metadata.json Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/pack_metadata.json Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Change support contacts * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Change description for output parameters * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Fix * Change exception message for command test_command * Change description, add version Secret Server * Add param proxy * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Generate documentation for integration * Change version for Secret Server in documentation * Add param verify to class Client * Add files via upload * Add files via upload * Add files via upload * Updated Thycotic Integration * Delete conf.json * Regenerate Thycotc-Test * Update Thycotic_test.py * Update Thycotic.yml * Update pack_metadata.json Change tags * Update README.md * Update conf.json * Update pack_metadata.json * Update Thycotic.yml Change description * Update Thycotic.py Change test_module * Update Thycotic.py Fix syntax error * Update Thycotic_test.py Fix UT * Modify test command fetch-credential * running format * Add files via upload Change description * Update Thycotic_description.md * Update Thycotic_description.md * Add files via upload Updated description for output paramets * Init release for Thycotic DevOps Storage Vault * Change description * Fixed errors in descriptions. * Fixed * Add files via upload * Fixed * Add files via upload * Add files via upload * Fix description * Add files via upload * Add files via upload * Fixed * Add files via upload * Add files via upload * Add files via upload * Delete ThycoticDSV.yml * Add files via upload * Delete ThycoticDSV.py * Delete ThycoticDSV.yml * Delete Packs/Thycotic directory * Update pack_metadata.json * Update descriptions * Update descriptions * Fix * Markdown output Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Guy Keller <33782301+guykeller@users.noreply.github.com> Co-authored-by: guykeller <g12k34ppp> * fixing docs * added author image Co-authored-by: Andrey Nikolaev <69254946+AndyNikolaev@users.noreply.github.com> Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Guy Keller <33782301+guykeller@users.noreply.github.com> Co-authored-by: guykeller <g12k34ppp> * Splunk Fixes (#14568) * fixed an issue in the outgoing mapper, fixed an issue in update-remote-system command * improved documentation * version bump * cr fixes * Fix Get endpoint details - Generic playbook (#14569) * fix_playbook * fix task * Fix RN * upload new image * update image link * Update 2_0_3.md Done. Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * LogsignSiem Pack PR (#14565) * LogsignSiem Pack PR (#13875) * created logsignsiem pack * added logsignsiem classifiers mapper files and deleted dockerfile * fixed [PA126] validation warning * fixed some description in yaml file * deleted override http_request method and updated unittests * fixed last_fetch parameter and updated tests * removed unused variable * fixed logsignsiem api description * fixed logsignsiem api description * added query parameter and help section and fixed get-columns-query on api * fixed unittest func name * fixed Flake8 error * Update Packs/LogsignSiem/README.md * deleted logsign-get-incident method, added default param to query * rm integration setup from detailed desc * set default classifier and mapper Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> * add author_image Co-authored-by: Kerem <keremvatandas@gmail.com> Co-authored-by: Itay Keren <ikeren@paloaltonetworks.com> Co-authored-by: ikeren <itay@demisto.com> * Update Docker Image To demisto/python3 (#14558) * Updated Metadata Of Pack C2sec * Added release notes to pack C2sec * Packs/C2sec/Integrations/C2sec/C2sec.yml Docker image update * Updated Metadata Of Pack CTIX * Added release notes to pack CTIX * Packs/CTIX/Integrations/CTIX/CTIX.yml Docker image update * Updated Metadata Of Pack CVESearch * Added release notes to pack CVESearch * Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml Docker image update * Updated Metadata Of Pack CarbonBlackProtect * Added release notes to pack CarbonBlackProtect * Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml Docker image update * Updated Metadata Of Pack CentrifyVault * Added release notes to pack CentrifyVault * Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml Docker image update * Updated Metadata Of Pack Cherwell * Added release notes to pack Cherwell * Packs/Cherwell/Integrations/Cherwell/Cherwell.yml Docker image update * Updated Metadata Of Pack CiscoESAIronPortEmailAPI * Added release notes to pack CiscoESAIronPortEmailAPI * Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml Docker image update * Updated Metadata Of Pack CiscoEmailSecurity * Added release notes to pack CiscoEmailSecurity * Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml Docker image update * Updated Metadata Of Pack Claroty * Added release notes to pack Claroty * Packs/Claroty/Integrations/Claroty/Claroty.yml Docker image update * Updated Metadata Of Pack CloudConvert * Added release notes to pack CloudConvert * Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml Docker image update * Added dbotscore outputs to yml and readme Co-authored-by: sberman <sberman@paloaltonetworks.com> * IAM Group Sync - Slack & Okta (#13550) * changes * fixes and changes * fixes and changes * RN * remove test functions * lint * fix * fix * command result * fix * fix * changes * Merge branch 'master' into slack-iam # Conflicts: # Packs/Okta/ReleaseNotes/2_2_2.md # Packs/Slack/ReleaseNotes/2_1_2.md * in progress * some minor changes * RN conflicts fix * RN conflicts fix Co-authored-by: Dan Tavori <dtavori@paloaltonetworks.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * fixing dups and typos (#14578) * fix upload-flow bug in collect_content_items (#14579) * qradar: fix aql link (#13902) Co-authored-by: glicht <glicht@users.noreply.github.com> * ran update conf script to generate full conf. Deleted from build call to script (#14583) * Prisma Cloud playbooks bug fix (#14511) * Prisma Cloud playbooks bug fix * updated release notes * Edited playbooks structure and added new photos * Updated image names * Added new links to images * Nightly test failure skippings (#14557) * Skipped the following tests: "iDefense_v2_Test", "EWS Mail Sender Test", "McAfee ESM v2 - Test v10.3.0", "AzureADTest", "AWS - IAM Test Playbook", "Feed iDefense Test", "FireEyeNX-Test", "McAfee ESM v2 - Test v10.2.0", "McAfee ESM Watchlists - Test v10.3.0", "McAfee ESM Watchlists - Test v10.2.0", "Microsoft Teams Management - Test" * reverted integration changes * reverted * Skipped the following tests: "Zscaler Test", "palo_alto_panorama_test_pb" * Update from master * Skipped the following tests: "LogRhythm REST test", "Cisco Umbrella Test" * Skipped the following tests: "Cisco Umbrella Test", "LogRhythm REST test" * Skipped the following tests: "Detonate URL - WildFire v2.1 - Test", "LogRhythm REST test" * Skipped the following tests: "Detonate URL - WildFire v2.1 - Test", "LogRhythm REST test" * merge from master * merge from master Co-authored-by: ShahafBenYakir <shahaf.benyakir@demisto.com> * ParseEmailFiles - roll back to multiple encoding part (#14585) * roll back * rn * du * test * Update Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * Update Threat Intel objects and their score (#14587) * Test DONT Merge * Test DONT Merge * test * Add to Threat Intel * Update Threat Intel Objs and Score * remove unrelated files * docker update * CrowdStrike falcon enhancement (#14476) Added new commands for CrowdStrike falcon integration: - ***cs-falcon-create-host-group*** - ***cs-falcon-update-host-group*** - ***cs-falcon-list-host-group-members*** - ***cs-falcon-add-host-group-members*** - ***cs-falcon-remove-host-group-members*** - ***cs-falcon-list-host-groups*** - ***cs-falcon-delete-host-groups*** * Active Directory Query v2 - fixed an issue where group name includes parentheses (#14451) * unskip LogRhythm REST test (#14596) * ArcSight ESM - add the eventFieldsToStringify arg to get-case cmd (#14553) * add the eventFieldsToStringify arg to get-case cmd * fix W293 * rm fieldstostringify and cast to str every large int * fix notes and docs * bump docker image * fix docker image * [Bug] Maltiverse returns error when file command has no proccess_list (#14517) * adding test that fails * replace [] with get * added rn * Update Packs/Maltiverse/ReleaseNotes/1_0_7.md Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * fixed typo in rn * added given when then to test Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Add markdown images support in sanePdfReport (#14508) * Add markdown images support in sanePdfReport * Verify server object before closing the server * Start markdown server only if demisto version is ge 6.5 * Add markdown server unit test * update sane-pdf-reports image version in RN * Update 1_13_28.md Co-authored-by: yaron-libman <43783884+yaron-libman@users.noreply.github.com> * Update Docker Image To demisto/carbon-black-cloud (#14605) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/boto3py3 (#14609) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Update Docker Image To demisto/cyjax (#14607) * Updated Metadata Of Pack FeedCyjax * Added release notes to pack FeedCyjax * Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.yml Docker image update * Fixed fetch to include max fetch + time range as part of api query (#14599) * GitHub Releases List Command (#14480) * added command, yml, unit test * added test file data * added task of new command to TPB * added rn * add README command entry * removed dor username from test data * validation fix * dan cr notes * lint fixes * Added extra check since some eml files where still passing (#14600) * Added extra check since some eml files where still passing (#14545) * Added extra check since some eml files where still passing * - Update metadata - Add releasenotes Co-authored-by: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> * update RN * update RN Co-authored-by: Steven Goossens <steven@teamg.be> Co-authored-by: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> Co-authored-by: abaumgarten <abaumgarten@paloaltonetworks.com> * Update Docker Image To demisto/google-api-py3 (#14608) * Updated Metadata Of Pack GoogleCloudSCC * Added release notes to pack GoogleCloudSCC * Packs/GoogleCloudSCC/Integrations/GoogleCloudSCC/GoogleCloudSCC.yml Docker image update * Update Docker Image To demisto/crypto (#14604) * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Added test to script yml Co-authored-by: sberman <sberman@paloaltonetworks.com> * Microsoft Teams bug fixes and improvements (#14548) * Microsoft Teams bug fixes and improvements (#14543) * Add support for full width * Add support for Informational threshold * Fix bug with auto_notifications * Update release notes * Change default for 'auto_notifications' to false * changed parameter to be disable instead of enable * Update readme * possible test fixes * lint fixes for severity to float Co-authored-by: tneeman <tneeman@paloaltonetworks.com> * cr fixes * added microsoft teams TPB to conf json, although skipepd (for validation) Co-authored-by: Paul D <88715381+nb-pdragoi@users.noreply.github.com> Co-authored-by: tneeman <tneeman@paloaltonetworks.com> * Update Docker Image To demisto/python3 (#14602…

thefrieddan1 added 2 commits November 6, 2022 14:51

temporary fix of VirusTotal offset 1 error in reputation

ad1e3a7

scripts

Latest docker image

c15c9d6

thefrieddan1 requested a review from ShahafBenYakir November 8, 2022 08:06

thefrieddan1 added 2 commits November 8, 2022 10:27

increment revision version

5e22544

Merge branch 'master' into XSUP-17626

3027c6c

thefrieddan1 added the docs-approved label Nov 8, 2022

thefrieddan1 added 9 commits November 8, 2022 11:47

Merge branch 'master' into XSUP-17626

b7e9758

Add release notes

252ad48

Add a period in end of release notes sentence.

7e144c0

ignore VirusTotal as unknown word

2f22a06

in release notes.

updated the JIRA ticket reference.

96ec1ab

Merge branch 'master' into XSUP-17626

e02b792

Merge branch 'master' into XSUP-17626

33c17dc

Merge branch 'master' into XSUP-17626

3fe56c9

use latest docker image

7ce28cc

ShahafBenYakir reviewed Nov 8, 2022

View reviewed changes

thefrieddan1 added 2 commits November 8, 2022 20:55

PR changes

179eb89

Merge branch 'master' into XSUP-17626

dec5c8b

thefrieddan1 requested a review from ShahafBenYakir November 9, 2022 07:07

ShahafBenYakir reviewed Nov 9, 2022

View reviewed changes

Packs/CommonScripts/Scripts/DomainReputation/DomainReputation_test.py Outdated Show resolved Hide resolved

thefrieddan1 added 2 commits November 9, 2022 13:36

remove duplicated import

19ed93c

Merge branch 'master' into XSUP-17626

3142a07

ShahafBenYakir approved these changes Nov 9, 2022

View reviewed changes

thefrieddan1 added 2 commits November 9, 2022 13:51

remove blank line contains whitespace

c259865

Merge branch 'XSUP-17626' of https://github.com/demisto/content into …

5329fa2

…XSUP-17626

ShahafBenYakir approved these changes Nov 9, 2022

View reviewed changes

thefrieddan1 added 4 commits November 9, 2022 15:36

Merge branch 'master' into XSUP-17626

5a84ed7

revert changes to file

79e0f0f

Merge branch 'master' into XSUP-17626

9cacc64

Merge branch 'master' into XSUP-17626

a7f3ecf

thefrieddan1 added 3 commits November 9, 2022 18:24

update release notes.

14b0514

Merge branch 'XSUP-17626' of https://github.com/demisto/content into …

b32423d

…XSUP-17626

Merge branch 'master' into XSUP-17626

4b4c32c

thefrieddan1 merged commit 2436d68 into master Nov 9, 2022

thefrieddan1 deleted the XSUP-17626 branch November 9, 2022 18:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

temporary fix of VirusTotal offset 1 error in reputation #22062

temporary fix of VirusTotal offset 1 error in reputation #22062

thefrieddan1 commented Nov 6, 2022 •

edited

ShahafBenYakir left a comment

xsoar-bot commented Nov 9, 2022

temporary fix of VirusTotal offset 1 error in reputation #22062

temporary fix of VirusTotal offset 1 error in reputation #22062

Conversation

thefrieddan1 commented Nov 6, 2022 • edited

Contributing to Cortex XSOAR Content

Status

Related Issues

Description

Screenshots

Does it break backward compatibility?

Must have

ShahafBenYakir left a comment

Choose a reason for hiding this comment

xsoar-bot commented Nov 9, 2022

thefrieddan1 commented Nov 6, 2022 •

edited