Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crowdstrike search endpoints by hash #32405

Merged
merged 29 commits into from Feb 4, 2024
Merged

Crowdstrike search endpoints by hash #32405

merged 29 commits into from Feb 4, 2024

Conversation

karinafishman
Copy link
Contributor

@karinafishman karinafishman commented Jan 24, 2024
edited

Contributing to Cortex XSOAR Content

Make sure to register your contribution by filling the contribution registration form

The Pull Request will be reviewed only after the contribution registration form is filled.

Status

  • In Progress
  • Ready
  • In Hold - (Reason for hold)

Related Issues

fixes: https://jira-dc.paloaltonetworks.com/browse/CIAC-5565

Description

  1. Playbook input only show 'sha256' but can handle all IOC types.
  2. The playbook fails when there is no input and 'sha256' argument is not mandatory.
  3. Added the playbook to "Search Endpoints By Hash - Generic V2" playbook.

Must have

  • Tests
  • Documentation

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CrowdStrikeFalcon pack version was bumped to 1.12.15.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CrowdStrikeFalcon pack version was bumped to 1.12.16.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

karinafishman and others added 12 commits January 31, 2024 12:58
@karinafishman
Merge branch 'master' of github.com:demisto/content into Fix-for-Crow…
61b2864 
…dStrike-Falcon---Search-Endpoints-By-Hash
@karinafishman
Merge branch 'Fix-for-CrowdStrike-Falcon---Search-Endpoints-By-Hash' …
bd277dc 
…of github.com:demisto/content into Fix-for-CrowdStrike-Falcon---Search-Endpoints-By-Hash
@karinafishman
Merge branch 'master' of github.com:demisto/content into Fix-for-Crow…
288bf6f 
…dStrike-Falcon---Search-Endpoints-By-Hash
@karinafishman
Merge branch 'master' of github.com:demisto/content
e9ced55
@karinafishman
RN
e4d364a
@karinafishman
Merge branch 'master' into Fix-for-CrowdStrike-Falcon---Search-Endpoi…
651eed5 
…nts-By-Hash
@karinafishman
task name were changed
0420c08
@karinafishman
Merge branch 'Fix-for-CrowdStrike-Falcon---Search-Endpoints-By-Hash' …
d954984 
…of github.com:demisto/content into Fix-for-CrowdStrike-Falcon---Search-Endpoints-By-Hash
@karinafishman
RN update
64d23fa
@karinafishman
rnrnrn
5123c83
Merged master into current branch.
b899e82
Bump pack from version CrowdStrikeFalcon to 1.12.17.
317bb37
@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • CrowdStrikeFalcon pack version was bumped to 1.12.17.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

ShirleyDenkberg
ShirleyDenkberg reviewed Feb 1, 2024
View reviewed changes
Packs/CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_-_Search_Endpoints_By_Hash.yml Outdated Show resolved Hide resolved
Packs/CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_-_Search_Endpoints_By_Hash.yml Outdated Show resolved Hide resolved
Packs/CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_-_Search_Endpoints_By_Hash.yml Outdated Show resolved Hide resolved
Packs/CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_-_Search_Endpoints_By_Hash.yml Outdated Show resolved Hide resolved
Packs/CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_-_Search_Endpoints_By_Hash.yml Outdated Show resolved Hide resolved
Packs/CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_-_Search_Endpoints_By_Hash.yml Outdated Show resolved Hide resolved
...CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_-_Search_Endpoints_By_Hash_README.md Outdated Show resolved Hide resolved
...CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_-_Search_Endpoints_By_Hash_README.md Outdated Show resolved Hide resolved
Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_17.md Outdated Show resolved Hide resolved
Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_17.md Outdated Show resolved Hide resolved
@ShirleyDenkberg
Copy link
Contributor

@ssokolovich Doc review completed.

karinafishman and others added 3 commits February 4, 2024 09:18
@karinafishman @ShirleyDenkberg
Apply suggestions from code review
fd11a52 
Shirly's fixes

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
@karinafishman
Merge branch 'master' into Fix-for-CrowdStrike-Falcon---Search-Endpoi…
e54cce3 
…nts-By-Hash
@karinafishman
Merge branch 'master' into Fix-for-CrowdStrike-Falcon---Search-Endpoi…
16b52fe 
…nts-By-Hash
@karinafishman karinafishman merged commit 1e46857 into master Feb 4, 2024
14 of 16 checks passed
@karinafishman karinafishman deleted the Fix-for-CrowdStrike-Falcon---Search-Endpoints-By-Hash branch February 4, 2024 10:36
yasta5 pushed a commit that referenced this pull request Feb 4, 2024
@karinafishman @ShirleyDenkberg @yasta5
Crowdstrike search endpoints by hash (#32405)
04bbe71 
* Added support for additional hash types

* RN update

* RN updated

* Bump pack from version CrowdStrikeFalcon to 1.12.15.

* Bump pack from version CrowdStrikeFalcon to 1.12.16.

* RN updated, Added new task to support md5 and sha1, new image

* added outputs

* Merge branch 'master' of github.com:demisto/content

* RN

* task name were changed

* RN update

* rnrnrn

* Bump pack from version CrowdStrikeFalcon to 1.12.17.

* Update playbook-CrowdStrike_Falcon_-_Search_Endpoints_By_Hash.yml

small fix

* Apply suggestions from code review

Shirly's fixes

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

---------

Co-authored-by: Content Bot <bot@demisto.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ShirleyDenkberg ShirleyDenkberg ShirleyDenkberg left review comments

@ssokolovich ssokolovich ssokolovich approved these changes

Assignees

@ShirleyDenkberg ShirleyDenkberg

@karinafishman karinafishman

Labels
docs-approved
Projects
None yet
Milestone
No milestone
4 participants
@karinafishman @content-bot @ShirleyDenkberg @ssokolovich