Fix for playbooks that uses deprecated sub-playbooks #31330
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
karinafishman
changed the title
karinafishman
changed the title
ssokolovich
reviewed
Dec 7, 2023
There was a problem hiding this comment.
- General note for RNs - pls mention the new PB name.
- Pls add the updated PB images to the PR (as you changed some of the tasks' names).
- Just make sure that the outputs of the new playbooks are the same as the old ones so it won't brake up the PB logic + they will be set properly also as the parent PB output.
Packs/CommonPlaybooks/Playbooks/playbook-Detonate_File_-_Generic.yml
Outdated
Show resolved
Hide resolved
Packs/CommonPlaybooks/Playbooks/playbook-Detonate_File_-_Generic.yml
Outdated
Show resolved
Hide resolved
Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml
Outdated
Show resolved
Hide resolved
ssokolovich
reviewed
Dec 11, 2023
Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml
Show resolved
Hide resolved
ssokolovich
approved these changes
Dec 11, 2023
Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml
Outdated
Show resolved
Hide resolved
Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml
Outdated
Show resolved
Hide resolved
Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml
Outdated
Show resolved
Hide resolved
Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml
Outdated
Show resolved
Hide resolved
Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml
Outdated
Show resolved
Hide resolved
Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md
Outdated
Show resolved
Hide resolved
Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md
Outdated
Show resolved
Hide resolved
Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md
Outdated
Show resolved
Hide resolved
|
@ssokolovich Doc review completed. |
…c_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…c_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…c_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…c_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…c_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…ADME.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…ADME.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…ADME.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…c_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…ADME.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
sapirshuker
pushed a commit
that referenced
this pull request
Dec 21, 2023
* The sub-playbook of wildfire detonate file was changed to v2 * Replaced the old version of Cortex XDR - Retrieve File with the new version * Crowdstrike detonate file was changed to a new version * release notes update * release notes update * readme files updated * release note * fix for taskid and task field * fixes for taskid and task not equal value * release notes fix * added new images for the playbooks * Unique value fix * RN updated * fixes for PR * RN fix * fix * fix * RN fix * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> * PN fix and unique fix * fix for error in the build * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/ReleaseNotes/3_0_3.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CortexXDR/ReleaseNotes/6_0_8.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
maimorag
pushed a commit
that referenced
this pull request
Dec 31, 2023
* The sub-playbook of wildfire detonate file was changed to v2 * Replaced the old version of Cortex XDR - Retrieve File with the new version * Crowdstrike detonate file was changed to a new version * release notes update * release notes update * readme files updated * release note * fix for taskid and task field * fixes for taskid and task not equal value * release notes fix * added new images for the playbooks * Unique value fix * RN updated * fixes for PR * RN fix * fix * fix * RN fix * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> * PN fix and unique fix * fix for error in the build * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/ReleaseNotes/3_0_3.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CortexXDR/ReleaseNotes/6_0_8.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: https://jira-dc.paloaltonetworks.com/browse/CIAC-9110
realtes: https://jira-dc.paloaltonetworks.com/browse/CIAC-8740
Description
Updating all the playbooks that use deprecated version of playbooks.
Detonate File - Generic
Ransomware Enrich and Contain
Detonate URL - Generic v1.5
Cortex XDR - Malware Investigation
Must have