Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor/CIAC 832/Process Indicators as SCOs #26026

Merged
merged 43 commits into from May 10, 2023
Merged

Refactor/CIAC 832/Process Indicators as SCOs #26026

merged 43 commits into from May 10, 2023

Conversation

RotemAmit
Copy link
Contributor

Contributing to Cortex XSOAR Content

Make sure to register your contribution by filling the contribution registration form

The Pull Request will be reviewed only after the contribution registration form is filled.

Status

  • In Progress
  • Ready
  • In Hold - (Reason for hold)

Related Issues

fixes: link to the issue

Description

The JSON created by exporting an indicator to STIX does not work as it should and creates the wrong JSON for the indicator type. So I added an option to enter a flag for creating SCO indicators, in order to fix the wrong JSON. I also updated the process of generating IDs for SDO indicators.

Screenshots

Paste here any images that will help the reviewer

Minimum version of Cortex XSOAR

  • 6.0.0
  • 6.1.0
  • 6.2.0
  • 6.5.0

Does it break backward compatibility?

  • Yes
    • Further details:
  • No

Must have

  • Tests
  • Documentation

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CommonScripts pack version was bumped to 1.11.63.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

RotemAmit and others added 2 commits April 23, 2023 14:45
@RotemAmit @MLainer1
Update Packs/CommonScripts/ReleaseNotes/1_11_63.md
63592f3 
Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com>
@RotemAmit @MLainer1
Update Packs/CommonScripts/Scripts/StixCreator/StixCreator.py
f058eff 
Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com>
ShahafBenYakir
ShahafBenYakir reviewed Apr 23, 2023
View reviewed changes
Copy link
Contributor

@ShahafBenYakir ShahafBenYakir left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good

Packs/CommonScripts/ReleaseNotes/1_11_63.md Outdated Show resolved Hide resolved
Packs/CommonScripts/ReleaseNotes/1_11_63.md Outdated
##### StixCreator

- Added an option to enter a flag for creating SCO indicators.
- Updated the process of generating IDs for SDO indicators.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the update?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The update part is the use of create_sdo_stix_uuid function to create the stix_id of the SDO indicators or SCO indicators when the flag is false. I did this update because I discovered that in each click on the button "export (stix)" generates a new indicator ID. After I talked to @Ni-Knight we decided to do it this. It is also written as a comment in the issue.

Packs/CommonScripts/Scripts/StixCreator/StixCreator.py Outdated Show resolved Hide resolved
Packs/CommonScripts/Scripts/StixCreator/StixCreator.py Outdated Show resolved Hide resolved
Packs/CommonScripts/Scripts/StixCreator/StixCreator.py Outdated Show resolved Hide resolved
Packs/CommonScripts/Scripts/StixCreator/StixCreator.py Outdated Show resolved Hide resolved
Packs/CommonScripts/Scripts/StixCreator/StixCreator_test.py Outdated Show resolved Hide resolved
ShahafBenYakir
ShahafBenYakir approved these changes Apr 24, 2023
View reviewed changes
Copy link
Contributor

@ShahafBenYakir ShahafBenYakir left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice

Packs/CommonScripts/ReleaseNotes/1_11_63.md Outdated Show resolved Hide resolved
@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CommonScripts pack version was bumped to 1.11.64.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@Ni-Knight
Copy link
Contributor

@RotemAmit can we have a self-service with the flag on and the scripts updated so I can QA it?

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CommonScripts pack version was bumped to 1.11.65.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CommonScripts pack version was bumped to 1.11.68.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CommonScripts pack version was bumped to 1.11.69.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@RotemAmit RotemAmit changed the title Refactor/CIAC 932/Process Indicators as SCOs Refactor/CIAC 832/Process Indicators as SCOs May 8, 2023
@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CommonScripts pack version was bumped to 1.11.70.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CommonScripts pack version was bumped to 1.11.71.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

Shellyber
Shellyber reviewed May 8, 2023
View reviewed changes
Copy link
Contributor

@Shellyber Shellyber left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.

Packs/CommonScripts/Scripts/StixCreator/StixCreator.py Outdated Show resolved Hide resolved
@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CommonScripts pack version was bumped to 1.11.72.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@RotemAmit RotemAmit requested a review from Shellyber May 9, 2023 16:39
Shellyber
Shellyber approved these changes May 10, 2023
View reviewed changes
Copy link
Contributor

@Shellyber Shellyber left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work

@RotemAmit RotemAmit merged commit 25e5aa1 into master May 10, 2023
13 of 14 checks passed
@RotemAmit RotemAmit deleted the refactor/ciac-932/process-indicators-as-SCOs branch May 10, 2023 07:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MLainer1 MLainer1 MLainer1 left review comments

@Shellyber Shellyber Shellyber approved these changes

@Ni-Knight Ni-Knight Awaiting requested review from Ni-Knight Ni-Knight is a code owner

@ShahafBenYakir ShahafBenYakir Awaiting requested review from ShahafBenYakir

Assignees
No one assigned
Labels
docs-approved
Projects
None yet
Milestone
No milestone
6 participants
@RotemAmit @content-bot @Ni-Knight @ShahafBenYakir @Shellyber @MLainer1