-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Marketplace Contribution] Microsoft Defender for Endpoint - Content Pack Update #30323
Conversation
Thank you for your contribution. Your generosity and caring are unrivaled! Rest assured - our content wizard @MosheEichler will very shortly look over your proposed changes. |
Thanks for contributing to a Cortex XSOAR supported pack. To receive credit for your generous contribution, please ask the reviewer to update your information in the pack contributors file. See more information here link |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @amontminypa,
Thank you for your contribution!
Good work :)
Please see my comments.
Please feel free to reach out to me with any questions - I'm available here or on slack :)
Thanks again
@@ -1305,7 +1309,7 @@ def run_antivirus_scan(self, machine_id, comment, scan_type): | |||
|
|||
Args: | |||
machine_id (str): Machine ID | |||
comment (str): Comment to associate with the action | |||
comment (str): Comment to associate with the action |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
comment (str): Comment to associate with the action | |
comment (str): Comment to associate with the action |
import demistomock as demisto # noqa: F401 | ||
from CommonServerPython import * # noqa: F401 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
import demistomock as demisto # noqa: F401 | |
from CommonServerPython import * # noqa: F401 |
Please remove.
from CommonServerPython import * # noqa: F401 | ||
import demistomock as demisto # noqa: F401 | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
from CommonServerPython import * # noqa: F401 | |
import demistomock as demisto # noqa: F401 | |
import demistomock as demisto # noqa: F401 | |
from CommonServerPython import * # noqa: F401 |
Revert just to remove the diff.
import urllib3 | ||
from dateutil.parser import parse | ||
from requests import Response | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Revert just to remove the diff.
@@ -7,7 +7,7 @@ There are 2 application authentication methods available: | |||
|
|||
* [Cortex XSOAR Application](https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication#cortex-xsoar-application) | |||
* [Self-Deployed Application](https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication#self-deployed-application) | |||
|
|||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Revert just to remove the diff.
sectionOrder: | ||
- Connect | ||
- Collect |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please revert.
@@ -39,6 +36,7 @@ configuration: | |||
type: 9 | |||
hiddenusername: true | |||
required: false | |||
display: '' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
display: '' |
@@ -96,6 +94,7 @@ configuration: | |||
type: 9 | |||
section: Connect | |||
required: false | |||
display: '' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
display: '' |
additionalinfo: More information can be found on https://cortex.marketplace.pan.dev/marketplace/details/MicrosoftDefenderAdvancedThreatProtection/ | ||
required: false | ||
- additionalinfo: Select this checkbox if you are using a self-deployed Azure application. | ||
display: Use a self-deployed Azure Application | ||
name: self_deployed | ||
type: 8 | ||
section: Connect | ||
advanced: false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You removed it in purpose?
- defaultvalue: '1' | ||
display: Incidents Fetch Interval | ||
name: incidentFetchInterval | ||
required: false | ||
type: 19 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why did you add this parameter?
c310e63
into
demisto:contrib/xsoar-contrib_amontminypa-contrib-MicrosoftDefenderAdvancedThreatProtection
…Pack Update (#30338) * "contribution update to pack "Microsoft Defender for Endpoint"" (#30323) * revert * Update Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_15.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * docker * RN * RN --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: MosheEichler <meichler@paloaltonetworks.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…Pack Update (#30338) * "contribution update to pack "Microsoft Defender for Endpoint"" (#30323) * revert * Update Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_15.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * docker * RN * RN --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: MosheEichler <meichler@paloaltonetworks.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Status
Contributor
@amontminypa
Notes
Just updated the list options in the integration configuration for the microsoft-atp-update-alert command. No changes to code were made.
Video Link
Short demo video of the Pack usage. Speeds up the review. Optional but recommended. Use a video sharing service such as Google Drive or YouTube.