New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Armis Event Collector #29340
Merged
Merged
Armis Event Collector #29340
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Added docs-approved as it was approved in the original pr |
JasBeilin
approved these changes
Aug 31, 2023
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving after original pr was approved.
moishce
pushed a commit
that referenced
this pull request
Sep 14, 2023
* Init Event Collector; Define yml file; * Move files to new pack * Event Collector logic; Events de-dup * test-module; Add modeling and parsing rules * Update fetch parameters calculation * Working fetch events * Update modeling rules * Add access token validation in client init * Add add multi-select for fetch types * Update mapping rules * Update description.md * Remove first_fetch parameter * Add pagination mechanism; aql query based fetch * Update test_module * Add function docstring * Implement armis-get-event * Fix datasets mismatch; Format & validate issues * Add integration README file * Remove redundant functions; Update pagination * Replace AQL query from time-frame to after-date * Refactor dedup events mechanism * Unify duplicate fetch code to single function * Fix 'invalid access token' runtime error * Add UTs for helper functions * Add fetch flow UTs; Minor parameter name changes * Update pack and collector README.md file * Add integration logo * CR comments: yml and md files * CR comments: EVENT_TYPES now use NamedTuple * CR comments: Fix from_Date handling * CR comments: UTs * Update UTs * Fix logo dimensions * Update modeling rules * Fix schema; Remove test_module from UTs scope * Update description file * Move ArmisEventCollector under Armis pack * Update Armis pack release notes * Update dedup to string time compression;Update UTs * Update fetch start time logic; Update UTs * Add dedup comments * Add Client UT * CR comments * Apply suggestions from tech docs review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from tech docs review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update _time key handling * Update files and folder names --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
xsoar-bot
pushed a commit
to xsoar-contrib/content
that referenced
this pull request
Oct 5, 2023
* Init Event Collector; Define yml file; * Move files to new pack * Event Collector logic; Events de-dup * test-module; Add modeling and parsing rules * Update fetch parameters calculation * Working fetch events * Update modeling rules * Add access token validation in client init * Add add multi-select for fetch types * Update mapping rules * Update description.md * Remove first_fetch parameter * Add pagination mechanism; aql query based fetch * Update test_module * Add function docstring * Implement armis-get-event * Fix datasets mismatch; Format & validate issues * Add integration README file * Remove redundant functions; Update pagination * Replace AQL query from time-frame to after-date * Refactor dedup events mechanism * Unify duplicate fetch code to single function * Fix 'invalid access token' runtime error * Add UTs for helper functions * Add fetch flow UTs; Minor parameter name changes * Update pack and collector README.md file * Add integration logo * CR comments: yml and md files * CR comments: EVENT_TYPES now use NamedTuple * CR comments: Fix from_Date handling * CR comments: UTs * Update UTs * Fix logo dimensions * Update modeling rules * Fix schema; Remove test_module from UTs scope * Update description file * Move ArmisEventCollector under Armis pack * Update Armis pack release notes * Update dedup to string time compression;Update UTs * Update fetch start time logic; Update UTs * Add dedup comments * Add Client UT * CR comments * Apply suggestions from tech docs review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from tech docs review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update _time key handling * Update files and folder names --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
tkatzir
pushed a commit
that referenced
this pull request
Dec 20, 2023
* Init Event Collector; Define yml file; * Move files to new pack * Event Collector logic; Events de-dup * test-module; Add modeling and parsing rules * Update fetch parameters calculation * Working fetch events * Update modeling rules * Add access token validation in client init * Add add multi-select for fetch types * Update mapping rules * Update description.md * Remove first_fetch parameter * Add pagination mechanism; aql query based fetch * Update test_module * Add function docstring * Implement armis-get-event * Fix datasets mismatch; Format & validate issues * Add integration README file * Remove redundant functions; Update pagination * Replace AQL query from time-frame to after-date * Refactor dedup events mechanism * Unify duplicate fetch code to single function * Fix 'invalid access token' runtime error * Add UTs for helper functions * Add fetch flow UTs; Minor parameter name changes * Update pack and collector README.md file * Add integration logo * CR comments: yml and md files * CR comments: EVENT_TYPES now use NamedTuple * CR comments: Fix from_Date handling * CR comments: UTs * Update UTs * Fix logo dimensions * Update modeling rules * Fix schema; Remove test_module from UTs scope * Update description file * Move ArmisEventCollector under Armis pack * Update Armis pack release notes * Update dedup to string time compression;Update UTs * Update fetch start time logic; Update UTs * Add dedup comments * Add Client UT * CR comments * Apply suggestions from tech docs review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from tech docs review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update _time key handling * Update files and folder names --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Related Issues
fixes: link to the issue
Description
This PR is the continuation of #28094, and was re-opened with a different branch name due to the following issue: https://jira-hq.paloaltonetworks.local/browse/CIAC-6693.