ASM - Expander - Jira Notification #27987
Conversation
content-bot
added
Community
Contribution Form Filled
content-bot
added
Contribution
content-bot
changed the base branch from
master
to
contrib/johnnywilkes_ASM-EXPANDR-3213
|
Thank you for your contribution. Your generosity and caring are unrivaled! Make sure to register your contribution by filling the Contribution Registration form, so our content wizard @mmhw will know the proposed changes are ready to be reviewed. |
|
@ShirleyDenkberg , can you please review when possible |
|
@capanw / @BigEasyJ , please review when possible. This error will clear, when #27795 goes through: @mmhw , I assume that you will be able to bypass this error? https://github.com/demisto/content/actions/runs/5489464476/jobs/10003653319?pr=27987 |
|
Hi @johnnywilkes, |
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ASM_Alert.yml
Show resolved
Hide resolved
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ASM_Alert_README.md
Outdated
Show resolved
Hide resolved
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ASM_Alert_README.md
Outdated
Show resolved
Hide resolved
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ASM_Alert_README.md
Outdated
Show resolved
Hide resolved
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Email_Notification_README.md
Outdated
Show resolved
Hide resolved
Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ServiceNow_Notification_README.md
Outdated
Show resolved
Hide resolved
|
|
||
| ##### New: Cortex ASM - ServiceNow Notification | ||
|
|
||
| Added the "Cortex ASM - ServiceNow Notification" Playbook that is used to create ServiceNow tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
There was a problem hiding this comment.
| Added the "Cortex ASM - ServiceNow Notification" Playbook that is used to create ServiceNow tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). | |
| Added the "Cortex ASM - ServiceNow Notification" playbook that is used to create ServiceNow tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
|
|
||
| ##### Cortex ASM - Remediation Path Rules | ||
|
|
||
| Updated the playbook to incorporate Jira check and dynamic data collection task. |
There was a problem hiding this comment.
| Updated the playbook to incorporate Jira check and dynamic data collection task. | |
| Updated the playbook to incorporate a Jira check and a dynamic data collection task. |
|
|
||
| ##### New: Cortex ASM - Jira Notification | ||
|
|
||
| Added the "Cortex ASM - Jira Notification" Playbook that is used to create Jira tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
There was a problem hiding this comment.
| Added the "Cortex ASM - Jira Notification" Playbook that is used to create Jira tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). | |
| Added the "Cortex ASM - Jira Notification" playbook that is used to create Jira tickets directed toward service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
|
|
||
| ##### New: Cortex ASM - Email Notification | ||
|
|
||
| Added the "Cortex ASM - Email Notification" Playbook that is used to send email notifications to service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
There was a problem hiding this comment.
| Added the "Cortex ASM - Email Notification" Playbook that is used to send email notifications to service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). | |
| Added the "Cortex ASM - Email Notification" playbook that is used to send email notifications to service owners to notify them of their internet exposures. (Available from Cortex XSOAR 6.8.0). |
|
@mmhw Doc review completed. |
| @@ -4,7 +4,7 @@ ignore=IF100 | |||
| [file:incidentfield-ASM_-_Playbook_Stage.json] | |||
| ignore=IF100 | |||
|
|
|||
| [file:Cortex_ASM_-_ASM_Alert.yml] | |||
There was a problem hiding this comment.
@johnnywilkes This was intentionally removed?
There was a problem hiding this comment.
yes, that effectively disabled a validation error that was in Cortex_ASM_-ASM_Alert.yml and got moved to Cortex_ASM-_ServiceNow_Notification.yml
| methods: [] | ||
| format: html | ||
| format: "" |
There was a problem hiding this comment.
HTML format is not needed to be specified anymore?
There was a problem hiding this comment.
This GIT diff is really confusing and not sure why it is comparing these two tasks that are totally different. All of the "Select Remediation Action" data collection tasks have been moved to "Cortex ASM - Remediation Path Rules" as a single task and it is using format: html
https://github.com/johnnywilkes/content-jw/blob/14a3c5b116527d9cab0277e50686ab9c06c0a26f/Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Remediation_Path_Rules.yml#L1417
| suffix: | ||
| iscontext: true | ||
| val4: | ||
| simple: TIMESTAMP |
There was a problem hiding this comment.
Observed this in few other places. Is TIMESTAMP a string? I'm guessing it should get the ISO time format and in the playbook run, I saw that the value is literal TIMESTAMP instead of an actual timestamp.
There was a problem hiding this comment.
check out this PR: #26634
|
@johnnywilkes Great work. Added few comments. |
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
johnnywilkes
requested review from
yucohen,
Ni-Knight,
ostolero and
yaakovpraisler
as code owners
|
|
johnnywilkes
force-pushed
the
ASM-EXPANDR-3213
branch
from
116a67c
to
ba01be3
Compare
BigEasyJ
force-pushed
the
ASM-EXPANDR-3213
branch
from
8732e19
to
f888e7b
Compare
|
@mmhw , this has been approved from our side. Please merge when possible, please. |
|
@mmhw , sorry for the back and forth, our QA found a potential issue I want to look into before we merge |
|
@mmhw , so the UI fix should be in Sunday. So after verified Monday I will take this out of draft stage |
|
@mmhw , we are good to merge now, please do when possible |
mmhw
added
the
ready-for-instance-test
|
For the Reviewer: Successfully created a pipeline in Gitlab with url: https://code.pan.run/xsoar/content/-/pipelines/5797461 |
mmhw
added
ready-for-instance-test
mmhw
merged commit 04836a1
into
demisto:contrib/johnnywilkes_ASM-EXPANDR-3213
* ASM - Expander - Jira Notification (#27987) * 1st batch * 2nd batch * RN * update README links * RN typo * fix val errors * update rel version and remove NMAP * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * update input * fix Alert validation --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> * Bump the version * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert the core packs * set skipunavailable to true in jira-create-issue --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com>
* ASM - Expander - Jira Notification (demisto#27987) * 1st batch * 2nd batch * RN * update README links * RN typo * fix val errors * update rel version and remove NMAP * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * update input * fix Alert validation --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> * Bump the version * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert the core packs * set skipunavailable to true in jira-create-issue --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com>
* ASM - Expander - Jira Notification (demisto#27987) * 1st batch * 2nd batch * RN * update README links * RN typo * fix val errors * update rel version and remove NMAP * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * update input * fix Alert validation --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> * Bump the version * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert the core packs * set skipunavailable to true in jira-create-issue --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: bigeasyj <janny@paloaltonetworks.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com>
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
https://jira-hq.paloaltonetworks.local/browse/EXPANDR-3213
Description
Adding Jira for notification purposes. Taking this opportunity to make some parts of the parent playbook as sub-playbooks for organization.
Screenshots
n/a
Minimum version of Cortex XSOAR
Does it break backward compatibility?
Must have