New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ASM - Expander - Jira Notification #27987
ASM - Expander - Jira Notification #27987
Conversation
Thank you for your contribution. Your generosity and caring are unrivaled! Make sure to register your contribution by filling the Contribution Registration form, so our content wizard @mmhw will know the proposed changes are ready to be reviewed. |
@ShirleyDenkberg , can you please review when possible |
@capanw / @BigEasyJ , please review when possible. This error will clear, when #27795 goes through: @mmhw , I assume that you will be able to bypass this error? https://github.com/demisto/content/actions/runs/5489464476/jobs/10003653319?pr=27987 |
Hi @johnnywilkes, |
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ASM_Alert.yml
Show resolved
Hide resolved
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ASM_Alert_README.md
Outdated
Show resolved
Hide resolved
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ASM_Alert_README.md
Outdated
Show resolved
Hide resolved
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ASM_Alert_README.md
Outdated
Show resolved
Hide resolved
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Email_Notification_README.md
Outdated
Show resolved
Hide resolved
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ServiceNow_Notification_README.md
Outdated
Show resolved
Hide resolved
|
||
##### New: Cortex ASM - ServiceNow Notification | ||
|
||
Added the "Cortex ASM - ServiceNow Notification" Playbook that is used to create ServiceNow tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added the "Cortex ASM - ServiceNow Notification" Playbook that is used to create ServiceNow tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). | |
Added the "Cortex ASM - ServiceNow Notification" playbook that is used to create ServiceNow tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
|
||
##### Cortex ASM - Remediation Path Rules | ||
|
||
Updated the playbook to incorporate Jira check and dynamic data collection task. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated the playbook to incorporate Jira check and dynamic data collection task. | |
Updated the playbook to incorporate a Jira check and a dynamic data collection task. |
|
||
##### New: Cortex ASM - Jira Notification | ||
|
||
Added the "Cortex ASM - Jira Notification" Playbook that is used to create Jira tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added the "Cortex ASM - Jira Notification" Playbook that is used to create Jira tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). | |
Added the "Cortex ASM - Jira Notification" playbook that is used to create Jira tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
|
||
##### New: Cortex ASM - Email Notification | ||
|
||
Added the "Cortex ASM - Email Notification" Playbook that is used to send email notifications to service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added the "Cortex ASM - Email Notification" Playbook that is used to send email notifications to service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). | |
Added the "Cortex ASM - Email Notification" playbook that is used to send email notifications to service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
@mmhw Doc review completed. |
@@ -4,7 +4,7 @@ ignore=IF100 | |||
[file:incidentfield-ASM_-_Playbook_Stage.json] | |||
ignore=IF100 | |||
|
|||
[file:Cortex_ASM_-_ASM_Alert.yml] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@johnnywilkes This was intentionally removed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes, that effectively disabled a validation error that was in Cortex_ASM_-ASM_Alert.yml and got moved to Cortex_ASM-_ServiceNow_Notification.yml
methods: [] | ||
format: html | ||
format: "" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
HTML format is not needed to be specified anymore?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This GIT diff is really confusing and not sure why it is comparing these two tasks that are totally different. All of the "Select Remediation Action" data collection tasks have been moved to "Cortex ASM - Remediation Path Rules" as a single task and it is using format: html
https://github.com/johnnywilkes/content-jw/blob/14a3c5b116527d9cab0277e50686ab9c06c0a26f/Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Remediation_Path_Rules.yml#L1417
suffix: | ||
iscontext: true | ||
val4: | ||
simple: TIMESTAMP |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Observed this in few other places. Is TIMESTAMP a string? I'm guessing it should get the ISO time format and in the playbook run, I saw that the value is literal TIMESTAMP instead of an actual timestamp.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
check out this PR: #26634
@johnnywilkes Great work. Added few comments. |
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
116a67c
to
ba01be3
Compare
8732e19
to
f888e7b
Compare
@mmhw , this has been approved from our side. Please merge when possible, please. |
@mmhw , sorry for the back and forth, our QA found a potential issue I want to look into before we merge |
@mmhw , so the UI fix should be in Sunday. So after verified Monday I will take this out of draft stage |
@mmhw , we are good to merge now, please do when possible |
For the Reviewer: Successfully created a pipeline in Gitlab with url: https://code.pan.run/xsoar/content/-/pipelines/5797461 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good work!
04836a1
into
demisto:contrib/johnnywilkes_ASM-EXPANDR-3213
* ASM - Expander - Jira Notification (#27987) * 1st batch * 2nd batch * RN * update README links * RN typo * fix val errors * update rel version and remove NMAP * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * update input * fix Alert validation --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> * Bump the version * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert the core packs * set skipunavailable to true in jira-create-issue --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com>
* ASM - Expander - Jira Notification (demisto#27987) * 1st batch * 2nd batch * RN * update README links * RN typo * fix val errors * update rel version and remove NMAP * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * update input * fix Alert validation --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> * Bump the version * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert the core packs * set skipunavailable to true in jira-create-issue --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com>
* ASM - Expander - Jira Notification (demisto#27987) * 1st batch * 2nd batch * RN * update README links * RN typo * fix val errors * update rel version and remove NMAP * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * update input * fix Alert validation --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> * Bump the version * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert the core packs * set skipunavailable to true in jira-create-issue --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com>
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
https://jira-hq.paloaltonetworks.local/browse/EXPANDR-3213
Description
Adding Jira for notification purposes. Taking this opportunity to make some parts of the parent playbook as sub-playbooks for organization.
Screenshots
n/a
Minimum version of Cortex XSOAR
Does it break backward compatibility?
Must have