PrismaCloudV2XSIAM

Packs/CommonTypes/IncidentFields/incidentfield-Status_Reason.json

@@ -0,0 +1,27 @@
+{
+    "associatedToAll": true,
+    "caseInsensitive": true,
+    "cliName": "statusreason",
+    "closeForm": false,
+    "content": true,
+    "editForm": true,
+    "group": 0,
+    "hidden": false,
+    "id": "incident_statusreason",
+    "isReadOnly": false,
+    "locked": false,
+    "name": "Status Reason",
+    "neverSetAsRequired": false,
+    "openEnded": false,
+    "ownerOnly": false,
+    "required": false,
+    "sla": 0,
+    "system": false,
+    "threshold": 72,
+    "type": "shortText",
+    "unmapped": false,
+    "unsearchable": true,
+    "useAsKpi": false,
+    "version": -1,
+    "fromVersion": "6.10.0"
+}

Packs/CommonTypes/ReleaseNotes/3_3_98.md

@@ -0,0 +1,4 @@
+
+#### Incident Fields
+
+- New: **Status Reason**

Packs/CommonTypes/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Common Types",
     "description": "This Content Pack will get you up and running in no-time and provide you with the most commonly used incident & indicator fields and types.",
     "support": "xsoar",
-    "currentVersion": "3.3.97",
+    "currentVersion": "3.3.98",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

Packs/PrismaCloud/Classifiers/classifier-mapper-incoming-Prisma_Cloud.json

@@ -1949,7 +1949,11 @@
 						"accessor": "lastModifiedOn",
 						"filters": [],
 						"root": "policy",
-						"transformers": []
+						"transformers": [
+                            {
+                                "operator": "TimeStampToDate"
+                            }
+                        ]
 					}
 				},
 				"Last Seen": {
@@ -2073,7 +2077,11 @@
 					"complex": {
 						"filters": [],
 						"root": "alertTime",
-						"transformers": []
+						"transformers": [
+                            {
+                                "operator": "TimeStampToDate"
+                            }
+                        ]
 					}
 				},
 				"RRN": {
@@ -2159,6 +2167,13 @@
 						"transformers": []
 					}
 				},
+"Status Reason": {
+                    "complex": {
+                        "filters": [],
+                        "root": "reason",
+                        "transformers": []
+                    }
+                },
 				"Subscription Assigned By": {
 					"complex": {
 						"accessor": "data.properties.metadata.assignedBy",

Packs/PrismaCloud/LayoutRules/Prisma_Cloud_V2.json

@@ -0,0 +1,68 @@
+{
+  "rule_id": "Prisma_Cloud_V2_Layout_Rule",
+  "layout_id": "Prisma Cloud V2",
+  "description": "display for Prisma Cloud alerts.",
+  "rule_name": "Prisma Cloud V2 Layout Rule",
+  "alerts_filter": {
+    "filter": {
+      "OR": [
+        {
+            "SEARCH_FIELD": "alert_type",
+            "SEARCH_TYPE": "EQ",
+            "SEARCH_VALUE": "AWS CloudTrail Misconfiguration"
+        },
+        {
+          "SEARCH_FIELD": "alert_type",
+          "SEARCH_TYPE": "EQ",
+          "SEARCH_VALUE": "AWS EC2 Instance Misconfiguration"
+        },
+        {
+          "SEARCH_FIELD": "alert_type",
+          "SEARCH_TYPE": "EQ",
+          "SEARCH_VALUE": "AWS IAM Policy Misconfiguration"
+        },
+        {
+          "SEARCH_FIELD": "alert_type",
+          "SEARCH_TYPE": "EQ",
+          "SEARCH_VALUE": "Azure AKS Misconfiguration"
+        },
+        {
+          "SEARCH_FIELD": "alert_type",
+          "SEARCH_TYPE": "EQ",
+          "SEARCH_VALUE": "Azure Network Misconfiguration"
+        },
+        {
+          "SEARCH_FIELD": "alert_type",
+          "SEARCH_TYPE": "EQ",
+          "SEARCH_VALUE": "Azure SQL Misconfiguration"
+        },
+        {
+          "SEARCH_FIELD": "alert_type",
+          "SEARCH_TYPE": "EQ",
+          "SEARCH_VALUE": "Azure Storage Misconfiguration"
+        },
+        {
+          "SEARCH_FIELD": "alert_type",
+          "SEARCH_TYPE": "EQ",
+          "SEARCH_VALUE": "GCP Compute Engine Misconfiguration"
+        },
+        {
+          "SEARCH_FIELD": "alert_type",
+          "SEARCH_TYPE": "EQ",
+          "SEARCH_VALUE": "GCP Kubernetes Engine Misconfiguration"
+        },
+        {
+          "SEARCH_FIELD": "alert_type",
+          "SEARCH_TYPE": "EQ",
+          "SEARCH_VALUE": "Prisma Cloud - VM Alert Prioritization"
+        },
+        {
+          "SEARCH_FIELD": "alert_type",
+          "SEARCH_TYPE": "EQ",
+          "SEARCH_VALUE": "Prisma Cloud"
+        }
+      ]
+    }
+  },
+  "fromVersion": "6.10.0"
+}