Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inputs groups core playbooks improvement xsiam #32125

Merged
merged 45 commits into from Jan 21, 2024
Merged

Inputs groups core playbooks improvement xsiam #32125

merged 45 commits into from Jan 21, 2024

Conversation

OmriItzhak
Copy link
Contributor

@OmriItzhak OmriItzhak commented Jan 11, 2024
edited

Status

  • In Progress
  • Ready
  • In Hold - (Reason for hold)

Related Issues

fixes: link to the issue

Description

  • Add input groups to the XSIAM core playbooks.
  • Updated the default value of 'IAMUserDomain' used by the "Containment Plan" sub-playbook to '' instead of '@demisto.com'.
  • 'Block Indicators - Generic v3' playbook - bug fix: Updated the tasks 'Set indicators to block - Auto' and 'Set indicators to block - Manual' to remove empty values from the key IndicatorsToBlock.
  • 'Containment Plan - Block Indicators' playbook - bug fix: Added a conditional task to check if there are any indicators that are blocked before setting those indicators in the incident context.
  • 'NGFW Internal Scan' playbook - bug fix: Added a conditional task to check if the input SOCEmailAddress is not empty before notifying the SOC via email.

Must have

  • Tests
  • Documentation

@OmriItzhak
Merge branch 'master' of github.com:demisto/content into Inputs_group…
132a9b0 
…s_core_playbooks_improvement_xsiam

� Conflicts:
�	Packs/Core/pack_metadata.json
@OmriItzhak
resolve conflicts pack metadate
84da344
@ShirleyDenkberg
Copy link
Contributor

@altmannyarden Doc review completed.

@OmriItzhak @ShirleyDenkberg
Apply suggestions from code review
93f35c8 
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • Core pack version was bumped to 3.0.10.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

OmriItzhak and others added 8 commits January 14, 2024 11:27
@OmriItzhak
Merge branch 'master' into Inputs_groups_core_playbooks_improvement_x…
f5e7d9f 
…siam
@OmriItzhak
fixes after review
1f3aecc
@OmriItzhak
Merge remote-tracking branch 'origin/Inputs_groups_core_playbooks_imp…
5406469 
…rovement_xsiam' into Inputs_groups_core_playbooks_improvement_xsiam
@OmriItzhak
bug fix :soc mail
915c52e 
for NGFW scan playbook
@OmriItzhak
bug fix :soc mail
a8bb0eb 
for NGFW scan playbook
@OmriItzhak
bug fix :SetIfEmpty (applyIfEmpty changed to: false)
88d59a1 
for block indicators v3
@OmriItzhak
bug fix :added conditional task to check if there are any indicators …
7da9c98 
…that are blocked before set incident parent key.

for containment plan - block indicators
@OmriItzhak
RN after fixes
27721f8
@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • Core pack version was bumped to 3.0.11.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • Core pack version was bumped to 3.0.12.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CommonPlaybooks pack version was bumped to 2.6.2.
  • Core pack version was bumped to 3.0.13.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CommonPlaybooks pack version was bumped to 2.6.3.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

OmriItzhak and others added 5 commits January 21, 2024 09:32
@OmriItzhak
fix test playbook
199c4eb
@OmriItzhak
Merge branch 'master' of github.com:demisto/content into Inputs_group…
7a22169 
…s_core_playbooks_improvement_xsiam

� Conflicts:
�	Packs/CommonPlaybooks/ReleaseNotes/2_6_2.md
@OmriItzhak
Merge remote-tracking branch 'origin/Inputs_groups_core_playbooks_imp…
a61c455 
…rovement_xsiam' into Inputs_groups_core_playbooks_improvement_xsiam
Merged master into current branch.
e425e2b
Bump pack from version Core to 3.0.14.
5ed7795
@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • Core pack version was bumped to 3.0.14.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@OmriItzhak OmriItzhak merged commit 389433e into master Jan 21, 2024
15 of 16 checks passed
@OmriItzhak OmriItzhak deleted the Inputs_groups_core_playbooks_improvement_xsiam branch January 21, 2024 16:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ShirleyDenkberg ShirleyDenkberg ShirleyDenkberg left review comments

@altmannyarden altmannyarden altmannyarden approved these changes

@michalgold michalgold Awaiting requested review from michalgold

@idovandijk idovandijk Awaiting requested review from idovandijk idovandijk is a code owner

Assignees

@ShirleyDenkberg ShirleyDenkberg

Labels
docs-approved
Projects
None yet
Milestone
No milestone
4 participants
@OmriItzhak @ShirleyDenkberg @content-bot @altmannyarden