Update incident occurred time #31404
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
content-bot
added
Contribution
content-bot
changed the base branch from
master
to
contrib/wolyslager_update-incident-occurred-time
|
Thank you for your contribution. Your generosity and caring are unrivaled! Make sure to register your contribution by filling the Contribution Registration form, so our content wizard @adi88d will know the proposed changes are ready to be reviewed. |
4 tasks
adi88d
requested changes
Dec 14, 2023
There was a problem hiding this comment.
Great Job!
Thanks a lot for this contribution, It is highly appreciated.
- Please update the currentVersion value in
pack_metadata.json - update the docker image by running:
demisto-sdk format -ud -i Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml - fix the tests that failed in
AbnormalSecurity_test.py - update lines 752 and 762 inside
AbnormalSecurity.py- Line is too long
| incidents = [] | ||
| for threat in threats: | ||
| threat_details = client.get_details_of_a_threat_request(threat["threatId"]) | ||
| incident = { | ||
| "dbotMirrorId": str(threat["threatId"]), | ||
| "name": "Threat", | ||
| "occurred": current_iso_format_time, | ||
| "occurred": threat_details["messages"][0]["receivedTime"], |
There was a problem hiding this comment.
Suggested change
| "occurred": threat_details["messages"][0]["receivedTime"], | |
| "occurred": threat_details["messages"][0].get("receivedTime"), |
| incidents = [] | ||
| for campaign in campaigns: | ||
| campaign_details = client.get_details_of_an_abuse_mailbox_campaign_request(campaign["campaignId"]) | ||
| incident = {"dbotMirrorId": str(campaign["campaignId"]), "name": "Abuse Campaign", "occurred": current_iso_format_time, | ||
| incident = {"dbotMirrorId": str(campaign["campaignId"]), "name": "Abuse Campaign", "occurred": campaign_details["firstReported"], |
There was a problem hiding this comment.
Suggested change
| incident = {"dbotMirrorId": str(campaign["campaignId"]), "name": "Abuse Campaign", "occurred": campaign_details["firstReported"], | |
| incident = {"dbotMirrorId": str(campaign["campaignId"]), "name": "Abuse Campaign", "occurred": campaign_details.get("firstReported"), |
| incidents = [] | ||
| for case in cases: | ||
| case_details = client.get_details_of_an_abnormal_case_request(case["caseId"]) | ||
| incident = {"dbotMirrorId": str(case["caseId"]), "name": "Account Takeover Case", "occurred": current_iso_format_time, | ||
| incident = {"dbotMirrorId": str(case["caseId"]), "name": "Account Takeover Case", "occurred": case_details["firstObserved"], |
There was a problem hiding this comment.
Suggested change
| incident = {"dbotMirrorId": str(case["caseId"]), "name": "Account Takeover Case", "occurred": case_details["firstObserved"], | |
| incident = {"dbotMirrorId": str(case["caseId"]), "name": "Account Takeover Case", "occurred": case_details.get("firstObserved"), |
adi88d
added
pending-contributor
content-bot
added
Contribution Form Filled
…update-incident-occurred-time
wolyslager
requested review from
yucohen,
michal-dagan,
michalgold and
idovandijk
as code owners
|
|
adi88d
force-pushed
the
update-incident-occurred-time
branch
from
9a3d1a2
to
7b13be4
Compare
…update-incident-occurred-time
…update-incident-occurred-time
adi88d
merged commit 353ed1d
into
demisto:contrib/wolyslager_update-incident-occurred-time
12 of 21 checks passed
5 tasks
adi88d
added a commit
that referenced
this pull request
Dec 17, 2023
* Update incident occurred time (#31404) * updating occurred time for incidents * release notes * validation fixes * nit * fix formatting * update RN --------- Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: adi88d <adaud@paloaltonetworks.com> * add new line * update RN * remove whitespace from blank line --------- Co-authored-by: William Olyslager <wolyslager@abnormalsecurity.com> Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: adi88d <adaud@paloaltonetworks.com>
sapirshuker
pushed a commit
that referenced
this pull request
Dec 21, 2023
* Update incident occurred time (#31404) * updating occurred time for incidents * release notes * validation fixes * nit * fix formatting * update RN --------- Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: adi88d <adaud@paloaltonetworks.com> * add new line * update RN * remove whitespace from blank line --------- Co-authored-by: William Olyslager <wolyslager@abnormalsecurity.com> Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: adi88d <adaud@paloaltonetworks.com>
maimorag
pushed a commit
that referenced
this pull request
Dec 31, 2023
* Update incident occurred time (#31404) * updating occurred time for incidents * release notes * validation fixes * nit * fix formatting * update RN --------- Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: adi88d <adaud@paloaltonetworks.com> * add new line * update RN * remove whitespace from blank line --------- Co-authored-by: William Olyslager <wolyslager@abnormalsecurity.com> Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: adi88d <adaud@paloaltonetworks.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: link to the issue
Description
Updating the "occurred time" field for incidents created. Previously this was just using the fetch time for the incident - but now we have incident details available (added in a previous pr) so we can accurately display the correct occurred time.
Must have