[Marketplace Contribution] PAN-OS by Palo Alto Networks - Content Pack Update #31239
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* added the ability to add resolution when closing issue * RN * RN * add in yml * revert non-relevant * Update Packs/Jira/ReleaseNotes/3_1_5.md Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> * Update Packs/Jira/Integrations/JiraV2/JiraV2.yml Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> --------- Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com>
* Reco: get user context by email address (demisto#30720) * Reco: get user context by email address Signed-off-by: Gal Nakash <gal@recolabs.ai> * Update Packs/Reco/Integrations/Reco/Reco_test.py Co-authored-by: Sapir Shuker <49246861+sapirshuker@users.noreply.github.com> * Reco: fix error handling Signed-off-by: Gal Nakash <gal@recolabs.ai> * Reco: fix readme.md Signed-off-by: Gal Nakash <gal@recolabs.ai> * Reco: get user context by email address Signed-off-by: Gal Nakash <gal@recolabs.ai> --------- Signed-off-by: Gal Nakash <gal@recolabs.ai> Co-authored-by: Sapir Shuker <49246861+sapirshuker@users.noreply.github.com> * Update .secrets-ignore * Update README.md * update docker --------- Signed-off-by: Gal Nakash <gal@recolabs.ai> Co-authored-by: GalNakash-RecoLabs <71227802+GalNakash-RecoLabs@users.noreply.github.com> Co-authored-by: Sapir Shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: sapirshuker <sshuker@paloaltonetworks.com>
…uts (demisto#30784) * Added playbook, formatted, and added README * RN * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_14.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Bump pack from version CommonPlaybooks to 2.4.15. * Bump pack from version CommonPlaybooks to 2.4.16. * Bump pack from version CommonPlaybooks to 2.4.17. * Bump pack from version CommonPlaybooks to 2.4.18. * Bump pack from version CommonPlaybooks to 2.4.19. * Bump pack from version CommonPlaybooks to 2.4.20. * Bump pack from version CommonPlaybooks to 2.4.21. * Bump pack from version CommonPlaybooks to 2.4.22. * Bump pack from version CommonPlaybooks to 2.4.23. * Bump pack from version CommonPlaybooks to 2.4.24. * Bump pack from version CommonPlaybooks to 2.4.25. --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com>
* changed path for test playbook in xsoar * changed path for test playbook in xsoar * changed path for test playbook in xsoar * changed keyword for testing --------- Co-authored-by: JudithB <132264628+jbabazadeh@users.noreply.github.com>
Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: JudithB <132264628+jbabazadeh@users.noreply.github.com>
* Beyond Trust new pack - CIAC-8670 * Update Packs/BeyondTrustRemoteSupport/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fixes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…30968) * Small fixes to pack names * Update pack_metadata.json
* Adding new Playbook input grouping * adding new Playbook input grouping * updating pack pack_metadata * update ReleaseNotes * Update Packs/Phishing/ReleaseNotes/3_6_1.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com>
* added explanation about command in the documentation * rn * update docker * Update Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/README.md Co-authored-by: Sapir Shuker <49246861+sapirshuker@users.noreply.github.com> --------- Co-authored-by: Sapir Shuker <49246861+sapirshuker@users.noreply.github.com>
* fix sync validation * fix prod-us
…ils (demisto#30961) * Add corrupt email object handling; Add debug logs * Update docker image * Update release notes * Remove additional debug logs * Fix double printing of message id in debug log * Add UT
* playbook fix * added release notes * Added to ignore pack Inteval and InternetAccess * Deleted unused input: Interval * Added release notes * deleted from ignore input * Update Packs/JoeSecurity/ReleaseNotes/1_1_16.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/JoeSecurity/ReleaseNotes/1_1_16.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * added error message to the playbook outputs. added new task for checking if the file type is supported * release notes added * Update Packs/JoeSecurity/Playbooks/playbook-Detonate_File_-_JoeSecurity_V2_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/SecneurXAnalysis/Playbooks/Detonate_File_-_SecneurX_Analysis_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Fixes for the pre-commit process * Added new images for Joesecurity and SecneurXAnalysis playbooks. Grammer fix for the release notes * Added ignore case for task of the supported types * Fixes for the release notes * added file types * fixes for release ReleaseNotes removed input of interval --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
* added missing outputs and removed unneeded playbook outputs * Re-added the test playbook and marketplaces configs * RN * Bump pack from version CommonPlaybooks to 2.4.21. * Bump pack from version CommonPlaybooks to 2.4.22. * Bump pack from version CommonPlaybooks to 2.4.23. * Bump pack from version CommonPlaybooks to 2.4.24. * Bump pack from version CommonPlaybooks to 2.4.25. * Bump pack from version CommonPlaybooks to 2.4.26. --------- Co-authored-by: Content Bot <bot@demisto.com>
* add-microsoft-defender-modeling * fix-readme-instruction-number-1-to-5 * event_type_minor_fix * fix-duration-typo * fix-minor-issues * fix-target-file-path * add-process_id-type-safety
* added icons * added icons * added icons * reverted changes * added more icons
* Wiz 1.2.14 (demisto#30951) * initial commit - better error management for empty issues fetch * update testing to correspond with changed error catching * RNs * Update Wiz.py * Docker Image --------- Co-authored-by: solalraveh <solal.raveh@gmail.com> Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com> Co-authored-by: MLainer1 <mlainer@paloaltonetworks.com>
* Added filter to the parsing rule of manage engine * Added release note. * Removed capture group from the parsing rule filter * Modified the parsing rule.
* Fixes for 'Detonate URL - Generic v1.5' playbook * RN * Bump pack from version CommonPlaybooks to 2.4.17. * Bump pack from version CommonPlaybooks to 2.4.18. * Bump pack from version CommonPlaybooks to 2.4.19. * Bump pack from version CommonPlaybooks to 2.4.20. * Bump pack from version CommonPlaybooks to 2.4.21. * Bump pack from version CommonPlaybooks to 2.4.22. * added 'unique' transformer to 'url' input within all sub-playbooks and tasks. * Bump pack from version CommonPlaybooks to 2.4.23. * Bump pack from version CommonPlaybooks to 2.4.24. * Bump pack from version CommonPlaybooks to 2.4.25. * Bump pack from version CommonPlaybooks to 2.4.26. * Bump pack from version CommonPlaybooks to 2.4.27. * replaced the command used within task number 19 - replaced 'OPSWAT Filescan|||opswat-filescan-scan-url' command with 'opswat-filescan-scan-url' command. --------- Co-authored-by: Content Bot <bot@demisto.com>
* fix * update docker
* updated the outputs description * updated the outputs description - RN * updated the outputs description - RN pack meta date * Bump pack from version CommonPlaybooks to 2.4.26. * updated the outputs types - Boolean * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Bump pack from version CommonPlaybooks to 2.4.27. * Bump pack from version CommonPlaybooks to 2.4.28. --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
* Detonate_URL_-_ThreatStream * RN * RN * RN
* set to false field Threat Name Co-authored-by: franciscojavierfernandezjim <127735202+franciscojavierfernandezjim@users.noreply.github.com>
* Fixed the modeling rule and the schema file, in reference to the boolean fields. * Fixed the modeling rule and the schema file, in reference to the boolean fields. * Added release notes. * Fixed the schema file
…t entity alerts by MITRE tactics (demisto#30874) * Added playbook, new pb readme and new pb image * RN * Bump pack from version CommonPlaybooks to 2.4.18. * Bump pack from version CommonPlaybooks to 2.4.19. * Bump pack from version CommonPlaybooks to 2.4.20. * Bump pack from version CommonPlaybooks to 2.4.21. * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_21.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Bump pack from version CommonPlaybooks to 2.4.22. * Bump pack from version CommonPlaybooks to 2.4.23. * Bump pack from version CommonPlaybooks to 2.4.24. * Bump pack from version CommonPlaybooks to 2.4.25. * Bump pack from version CommonPlaybooks to 2.4.26. * Fixed issue in get entity alerts playbook and in firewall search. Updated RN. * Fixed version * Updated playbook with fixes from review * Updated playbook with fixes from review * Bump pack from version CommonPlaybooks to 2.4.27. * Updated playbook with fixes from review * Bump pack from version CommonPlaybooks to 2.4.28. * Bump pack from version CommonPlaybooks to 2.4.29. --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
* first commit * commit * commit * first commit * update pack_metadata file * extract_logs_from_response changes * get_events_command changes * commit * commit * add logs * commit * commit * commit * commit * commit * commit * commit * commit * commit * commit * commit * commit * commit * Fixed the memory load on Docker * commit * first commit for rewrite * commit * commit * add UT and finish implementation * design * Change pack name * add-modeling-rules * add-parsing-rules * siem-content-minor-fixes * add UT and docstring * add-siem-documentation * update-siem-documentation * update-siem-documentation * commit * Change readme file * fix UT and add description to pack_metadata * commit * fix mypy flake8 * add UT * refactor-siem-content * Apply suggestions from code review Comment corrections Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * comment corrections * comment corrections and add UT for it * comment correction * mypy * update Docker * comment corrections * comment corrections * update docker * fix UT and pre-commit * commit * commit * fix pre commit * commit --------- Co-authored-by: Chanan Welt <cwelt@paloaltonetworks.com> Co-authored-by: cweltPA <129675344+cweltPA@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
* Fixed date parsing * format and tests * fixed date parsing from and to the api * fixed tests * fixed invalid date order * fetch in asc order * fetch in asc order * fix unitesing * fix potential formatting issue * change first_run * change first_run * Fix RN * Fix lint * Fix lint * added unitests * added unitests * CR fixes * CR fixes
MLainer1
requested changes
Dec 10, 2023
MLainer1
added
pending-demo
|
Hi @MLainer1. I will make the suggested changes. Just give me a couple of days. It’s a busy week with the customers. |
Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com>
Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com>
|
Hi @MLainer1 I have committed the suggested changes. Please let me know when you want to have a quick meeting for the demo. Thank you. Please feel free to reach out to me on slack. |
MLainer1
added
pending-demo
| file_name_arg = args.get("filename") | ||
| target = args.get("target") | ||
| if file_name_arg != 'running_config': | ||
| file_name = target + '_' + file_name_arg + '_running_config' |
There was a problem hiding this comment.
Let's use the filename as we receive it from the user without changing it.
There was a problem hiding this comment.
Hi @jlevypaloalto We will have to append at least the target name to the filename argument because it will save all the config files to all the hostnames with the same filename which will be confusing.
| @@ -5033,6 +5033,9 @@ script: | |||
| - arguments: | |||
| - description: The serial number of the device. | |||
| name: target | |||
| - defaultValue: running_config | |||
| description: Name of the file to save the config to. Default is "running_config" | |||
There was a problem hiding this comment.
The default values are added to the README when it's generated, let's remove it from the yml
There was a problem hiding this comment.
I addressed this in my new PR that I created.
tkatzir
force-pushed
the
contrib/xsoar-contrib_amkoppad-contrib-PAN-OS
branch
from
10bf8d8
to
66ceee9
Compare
xsoar-bot
requested review from
ilaner,
dansterenson,
dorschw and
Ni-Knight
as code owners
|
Hi @amkoppad, Your contribution was impacted by changes in the git history of the content repo, and you see many file changes that are not related to your PR. Our team is currently working on a solution, and we hope that it will be resolved soon. |
|
Hi @amkoppad , Last Thursday, December 20th, there was an update in the content repo. This is why your PR looks like there were a lot of commits and files changed. Thank you very much for your contribution and your understanding of the situation. |
MLainer1
removed request for
GuyAfik,
ilaner,
dansterenson,
dorschw and
Ni-Knight
3 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Status
Contributor
@amkoppad
Notes
Added the filename argument to the two commands.
!pan-os-platform-get-device-state
!pan-os-get-running-config
If the filename argument is not provided then it uses the current logic to name the files.
If the filename argument is provided then it appends the provided value to the hostname/target and then saves the file.
This is very useful for the running-config command because that downloads all the files with the same name which makes it very difficult to identify which target the running config belongs to.
Video Link
Short demo video of the Pack usage. Speeds up the review. Optional but recommended. Use a video sharing service such as Google Drive or YouTube.