New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added Compatibility with new Allowed Indicator Module in CTIX 3.6 #33159
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…3062) I also ran all of the pre-commit hooks and resolved all of those issues.
content-bot
added
Contribution
Thank you! Contributions are always welcome!
ready-for-instance-test
In contribution PRs, this label will cause a trigger of a build with a modified pack from the PR.
Contribution Form Filled
Whether contribution form filled or not.
Community
Partner Support Level
Indicates that the contribution is for Partner supported pack
Internal PR
Partner-Approved
TIM Review
labels
Mar 3, 2024
jbabazadeh
approved these changes
Mar 4, 2024
maimorag
added a commit
that referenced
this pull request
Mar 6, 2024
…within XSOAR. (#32681) * test * Bump pack from version CortexXDR to 6.1.12. * Bump pack from version CortexXDR to 6.1.13. * rl fix * rl fix * url fix * fix test * fix * fix * Bump pack from version CortexXDR to 6.1.17. * Bump pack from version CortexXDR to 6.1.18. * review * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs_test.py Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs_test.py Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> * Update Packs/CortexXDR/ReleaseNotes/6_1_18.md Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> * cr note * changes * adding log * demo notes * try * pre commit * fixing name * Bump pack from version CortexXDR to 6.1.19. * Update Docker Image To demisto/auth-utils (#33194) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * Update Docker Image To demisto/opnsense (#33196) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/ippysocks-py3 (#33176) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/tesseract (#33177) * Updated Metadata Of Pack ImageOCR * Added release notes to pack ImageOCR * Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml Docker image update * update domaintools dependency (#33114) (#33183) Co-authored-by: Wesley Agena <wesleya@users.noreply.github.com> * [ASM] EXPANDR-8305: SO Bug fix (#33181) * [ASM] EXPANDR-8305: SO Bug fix (#33085) * plays * RN * Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_30.md --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: merit-maita <49760643+merit-maita@users.noreply.github.com> * poetry files (#33171) Co-authored-by: Content Bot <bot@demisto.com> * fixing rl * Update Docker Image To demisto/python3 (#33184) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SymantecCloudSecureWebGateway * Added release notes to pack SymantecCloudSecureWebGateway * Packs/SymantecCloudSecureWebGateway/Integrations/SymantecCloudSecureWebGatewayEventCollector/SymantecCloudSecureWebGatewayEventCollector.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack Lumu * Added release notes to pack Lumu * Packs/Lumu/Integrations/Lumu/Lumu.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack Fortimail * Added release notes to pack Fortimail * Packs/Fortimail/Integrations/Fortimail/Fortimail.yml Docker image update * Updated Metadata Of Pack Wiz * Added release notes to pack Wiz * Packs/Wiz/Integrations/Wiz/Wiz.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack Zimperium * Added release notes to pack Zimperium * Packs/Zimperium/Integrations/ZimperiumV2/ZimperiumV2.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackEndpointStandardEventCollector/CarbonBlackEndpointStandardEventCollector.yml Docker image update * Updated Metadata Of Pack SpyCloudEnterpriseProtection * Added release notes to pack SpyCloudEnterpriseProtection * Packs/SpyCloudEnterpriseProtection/Integrations/SpyCloudEnterpriseProtectionEnrichment/SpyCloudEnterpriseProtectionEnrichment.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack SalesforceFusion * Added release notes to pack SalesforceFusion * Packs/SalesforceFusion/Integrations/SalesforceFusionIAM/SalesforceFusionIAM.yml Docker image update * Updated Metadata Of Pack RecordedFuture * Added release notes to pack RecordedFuture * Packs/RecordedFuture/Integrations/RecordedFuture/RecordedFuture.yml Docker image update * Packs/RecordedFuture/Integrations/RecordedFutureLists/RecordedFutureLists.yml Docker image update * Packs/RecordedFuture/Integrations/RecordedFutureEventCollector/RecordedFutureEventCollector.yml Docker image update * Packs/RecordedFuture/Integrations/RecordedFuturePlaybookAlerts/RecordedFuturePlaybookAlerts.yml Docker image update * Updated Metadata Of Pack AppNovi * Added release notes to pack AppNovi * Packs/AppNovi/Integrations/appNovi/appNovi.yml Docker image update * Updated Metadata Of Pack Ataya * Added release notes to pack Ataya * Packs/Ataya/Integrations/Ataya/Ataya.yml Docker image update * Updated Metadata Of Pack FireMonSecurityManager * Added release notes to pack FireMonSecurityManager * Packs/FireMonSecurityManager/Integrations/FireMonSecurityManager/FireMonSecurityManager.yml Docker image update * Updated Metadata Of Pack AHA * Added release notes to pack AHA * Packs/AHA/Integrations/AHA/AHA.yml Docker image update * Updated Metadata Of Pack ForcepointDLP * Added release notes to pack ForcepointDLP * Packs/ForcepointDLP/Integrations/ForcepointEventCollector/ForcepointEventCollector.yml Docker image update * Updated Metadata Of Pack AzureStorageFileShare * Added release notes to pack AzureStorageFileShare * Packs/AzureStorageFileShare/Integrations/AzureStorageFileShare/AzureStorageFileShare.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack AMP * Added release notes to pack AMP * Packs/AMP/Integrations/AMPv2/AMPv2.yml Docker image update * Packs/AMP/Integrations/CiscoAMPEventCollector/CiscoAMPEventCollector.yml Docker image update * Updated Metadata Of Pack IronPort * Added release notes to pack IronPort * Packs/IronPort/Integrations/CiscoEmailSecurityApplianceIronPortV2/CiscoEmailSecurityApplianceIronPortV2.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Updated Metadata Of Pack VaronisSaaS * Added release notes to pack VaronisSaaS * Packs/VaronisSaaS/Integrations/VaronisSaaS/VaronisSaaS.yml Docker image update * Updated Metadata Of Pack HYASProtect * Added release notes to pack HYASProtect * Packs/HYASProtect/Integrations/HYASProtect/HYASProtect.yml Docker image update * Updated Metadata Of Pack epo * Added release notes to pack epo * Packs/epo/Integrations/epoV2/epoV2.yml Docker image update * Updated Metadata Of Pack CiscoStealthwatch * Added release notes to pack CiscoStealthwatch * Packs/CiscoStealthwatch/Integrations/CiscoStealthwatch/CiscoStealthwatch.yml Docker image update * Updated Metadata Of Pack ThreatConnect * Added release notes to pack ThreatConnect * Packs/ThreatConnect/Integrations/ThreatConnectV3/ThreatConnectV3.yml Docker image update * Updated Metadata Of Pack RiskIQDigitalFootprint * Added release notes to pack RiskIQDigitalFootprint * Packs/RiskIQDigitalFootprint/Integrations/RiskIQDigitalFootprint/RiskIQDigitalFootprint.yml Docker image update * Updated Metadata Of Pack BmcHelixRemedyForce * Added release notes to pack BmcHelixRemedyForce * Packs/BmcHelixRemedyForce/Integrations/BmcHelixRemedyForce/BmcHelixRemedyForce.yml Docker image update --------- Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> * Update `demisto/python3` 50-100 coverage rate (#33020) * upgrade images + RN * Bump pack from version PrismaCloudCompute to 1.6.2. * Bump pack from version SplunkPy to 3.1.21. --------- Co-authored-by: Content Bot <bot@demisto.com> * Uploadfile with using argument (#33202) * added the using to uploadfile automation * fix test * release notes pre commit * ruff changes * bump candidate (#33170) * bump candidate * bump 8.6 * [ServiceNow v2] Fixed issue in fetch incidents (#33058) * [ServiceNow v2] Fixed issue in Fetches incidents * Fix the RN * Fix the RN * Fix the fetch in case of use_display_value * Add DocStrings * Update Packs/ServiceNow/Integrations/ServiceNowv2/ServiceNowv2.py Co-authored-by: Binat Ziser <89336697+bziser@users.noreply.github.com> * Update the docker image --------- Co-authored-by: Binat Ziser <89336697+bziser@users.noreply.github.com> * [ConvertFile] Bump Docker version (#33141) * Update Docker version * Bump version * ruff * Bump pack from version CommonScripts to 1.14.4. * Bump Docker version * Bump pack from version CommonScripts to 1.14.5. * Bump pack from version CommonScripts to 1.14.6. --------- Co-authored-by: Content Bot <bot@demisto.com> * Added Compatibility with new Allowed Indicator Module in CTIX 3.6 (#33062) (#33159) I also ran all of the pre-commit hooks and resolved all of those issues. Co-authored-by: Corey Bodendein <corey.bodendein@cyware.com> * Fix/[XSUP-33795]/Logo does not shown in data collection form (#33154) * change default to true * add s flag * add UT * RN * pre-commit * mocker * fix default key * revert * EWS v2: added arg to the command (#33096) * added arg to the command * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix validate --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * pre * support xsoar 8 * add unit test * docker * docker --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: Wesley Agena <wesleya@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: merit-maita <49760643+merit-maita@users.noreply.github.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Judah Schwartz <JudahSchwartz@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: Binat Ziser <89336697+bziser@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: Corey Bodendein <corey.bodendein@cyware.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
MosheEichler
added a commit
that referenced
this pull request
Mar 21, 2024
…ation (#33155) * fix default key * rn * docker * docs review * [ConvertFile] Bump Docker version (#33141) * Update Docker version * Bump version * ruff * Bump pack from version CommonScripts to 1.14.4. * Bump Docker version * Bump pack from version CommonScripts to 1.14.5. * Bump pack from version CommonScripts to 1.14.6. --------- Co-authored-by: Content Bot <bot@demisto.com> * Added Compatibility with new Allowed Indicator Module in CTIX 3.6 (#33062) (#33159) I also ran all of the pre-commit hooks and resolved all of those issues. Co-authored-by: Corey Bodendein <corey.bodendein@cyware.com> * Fix/[XSUP-33795]/Logo does not shown in data collection form (#33154) * change default to true * add s flag * add UT * RN * pre-commit * mocker * fix default key * revert * EWS v2: added arg to the command (#33096) * added arg to the command * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix validate --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Rasterize Latest Poppler (#32997) * Teams generate url command bug (#33164) * fixed a bug in generate url command * added rn * added rn * edit * added bc rn * edits * fixed unit test * updated do * Enhancement | InfoBlox - add list host and network info, modify get IP cmds (#32619) * added host records * handle no comma,equal sign in extattrs * wip: added network,to/from_ip args to get_ip_cmd * added validation for invalid input args to get-ip moved request params into client * added max_results to list host cmd * added network info cmd * modified get-ip command to return a list added rns * format/validation fixes * fixed context output for host records cmd * fixed output table for net info cmd * added additional return fields to list host args parsed extattrs into dict for context * updated integration docs added command examples fixed context key in net info command added types to context outputs for list host and net cmds * fixed netview context key in net uts * changed context output types for get-ip added bc mentions for get-ip context output keys * fixed hardcoded default values in args description add breaking changes in md * mv test_files test_data * mv test_files test_data * converted integration readme from html to markdown pr review: empty dict evaluates to false, no need to cast to bool * strip whitespace from get-ip context path in readme * add unique to ipv4address status client params instantiated with _return_as_object=1 add capture stderr ignore pr review: use any() instead of sum() == 0 * pr review: rm endpoint suffixes from client pr review: rm max_results from list host commandres title pr review: add default val for max results to bc * pr review: rm ip,netmask input validation rm max_results and added mode/val in title for get-ip-cmd * mv request params into client methods * rm transform_return_fields * simplified raw to context mapping * raise exception when extattrs input is invalid * updated docker image rm max results from hr for net info cmd added todos for checking unexpected invalid extattrs rm exception var * fixed issue with additional return fields * fix flake8 errs * rm todos fixed issue with too many args supplied to ip command * revert changes to too many args handle in ip cmd * fixed titles for get-ip, get host info, get network info * added rn comment about get-ip mod outputs * fix rn comment about get-ip mod outputs * fix cmd outputs assertions in uts * added args to get-ip in integration doc * update docker image * fix docs * revert poetry * fix docs * Update README.md (#33211) edited description of cron argument, per Dudu B. * download and move images to content repo (#33204) * download and move images to content repo * commit test * revert changes for gitlab_slack_notifier * Update Docker Image To demisto/chromium (#33175) * Updated Metadata Of Pack rasterize * Added release notes to pack rasterize * Packs/rasterize/Integrations/rasterize/rasterize.yml Docker image update * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update * Bump pack from version ExpanseV2 to 1.10.51. * Bump pack from version rasterize to 2.0.2. --------- Co-authored-by: Content Bot <bot@demisto.com> * docker * do not write files when running test-module * RN * ignore error 125 * docker * Fix RN * revert * ignore investigation attachments in test module command --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: Corey Bodendein <corey.bodendein@cyware.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: tkatzir <tkatzir@paloaltonetworks.com> Co-authored-by: merit-maita <49760643+merit-maita@users.noreply.github.com> Co-authored-by: Kobbi Gal <85439776+kgal-pan@users.noreply.github.com> Co-authored-by: Tamar Schanfeld <76044549+tschanfeld@users.noreply.github.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
Community
Contribution Form Filled
Whether contribution form filled or not.
Contribution
Thank you! Contributions are always welcome!
docs-approved
Internal PR
Partner Support Level
Indicates that the contribution is for Partner supported pack
Partner-Approved
ready-for-instance-test
In contribution PRs, this label will cause a trigger of a build with a modified pack from the PR.
TIM Review
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Original External PR
external pull request
Contributor
@coreybodendein-cyware
I also ran all of the pre-commit hooks and resolved all of those issues.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Description
The main goal of this PR is to make the
ctix-allowed-iocs
andctix-get-allowed-iocs
compatible with CTIX 3.6 as the endpoint used by those two commands changed in that version. For both commands, we'll make a call to the new endpoint first, and if that returns a 404 (which it will if the user has CTIX < 3.6), make a call to the previous endpoint.The rest of the changes are all done by running the pre-commit hooks.
Must have