Digital guardian Bug #34920

merit-maita · 2024-06-18T17:39:22Z

Status

In Progress
Ready
In Hold - (Reason for hold)

Related Issues

fixes: https://jira-dc.paloaltonetworks.com/browse/XSUP-38319

Description

fixed an issue where fetch events failed when some fields from the api were empty

Must have

Tests
Documentation

github-actions · 2024-06-18T17:40:40Z

Your contributed DigitalGuardian pack has been modified on files:

Packs/DigitalGuardian/ReleaseNotes/1_1_5.md
Packs/DigitalGuardian/Integrations/DigitalGuardianARCEventCollector/DigitalGuardianARCEventCollector.py
Packs/DigitalGuardian/Integrations/DigitalGuardian/DigitalGuardian.py
Packs/DigitalGuardian/pack_metadata.json
Please review the changes here

@MattHulse

github-actions · 2024-06-18T17:42:53Z

Coverage Report

File	Stmts	Miss	Cover	Missing
Packs/DigitalGuardian/Integrations/DigitalGuardian
DigitalGuardian.py	269	197	26%	44, 55, 57–58, 67–74, 76, 78–79, 81, 88–95, 97, 99–100, 102, 114–115, 117–118, 120–122, 124–129, 131, 138–139, 141–142, 144–149, 151–152, 155, 160, 169–172, 174–179, 181–184, 186, 188–189, 192, 200–203, 205–209, 211–212, 215, 225–228, 230–233, 235–236, 238, 249–252, 254, 256–257, 260, 268–276, 278–279, 282, 291–292, 294, 296–297, 299–301, 303–304, 306–311, 313, 315–317, 319–322, 324–337, 339, 342, 385, 397, 406–407, 460–469, 471–487, 495–500, 530, 538–539
Packs/DigitalGuardian/Integrations/DigitalGuardianARCEventCollector
DigitalGuardianARCEventCollector.py	113	33	70%	35–40, 42–46, 52–53, 57–58, 61–63, 66, 71, 86–88, 94–96, 98–99, 117–118, 146, 175, 177
TOTAL	382	230	39%

Tests	Skipped	Failures	Errors	Time
5	0 💤	0 ❌	0 🔥	1.518s ⏱️

thefrieddan1 · 2024-06-19T10:32:51Z

Packs/DigitalGuardian/Integrations/DigitalGuardian/DigitalGuardian.py

@@ -180,8 +180,8 @@ def check_componentlist_entry():

        if 200 <= r.status_code <= 299:
            for jText in json_text:
-                if str(jText['content_value']).lower() == componentlist_entry.lower():
-                    componentlist = jText['content_value']
+                if str(jText.get('content_value')).lower() == componentlist_entry.lower():


perhaps return a default empty string jText.get('content_value', '')
because we are doing lower on that and it will throw exception if returns None

thefrieddan1 · 2024-06-19T10:33:26Z

Packs/DigitalGuardian/Integrations/DigitalGuardian/DigitalGuardian.py

@@ -125,8 +125,8 @@ def get_watchlist_entry_id(watchlist_name: str, watchlist_entry: str) -> str:
        if r.status_code != requests.codes.ok:
            return_error('Unable to retrieve watchlist entries')
        for jText in json_text:
-            if str(jText['value_name']).lower() == watchlist_entry.lower():
-                watchlist_entry_id = jText['value_id']
+            if str(jText.get('value_name')).lower() == watchlist_entry.lower():


same here:
jText.get('content_value', '')

thefrieddan1 · 2024-06-19T10:34:11Z

Packs/DigitalGuardian/Integrations/DigitalGuardian/DigitalGuardian.py


        DEBUG("cef: " + json.dumps(cef))
        for artifact_key, artifact_tuple in specific_alert_mapping.get(CATEGORY).items():  # type: ignore
            if alert.get(artifact_tuple[0]):
                cef[artifact_key] = alert[artifact_tuple[0]]
                cef_types[artifact_key] = artifact_tuple[1]
        if cef:
-            comm = alert['dg_alarm_name'].find(',')
+            comm = alert.get('dg_alarm_name').find(',')


same here:
alert.get('dg_alarm_name', '')

thefrieddan1 · 2024-06-19T10:35:49Z

...alGuardian/Integrations/DigitalGuardianARCEventCollector/DigitalGuardianARCEventCollector.py

        result = dict(zip(outcome, event))
        event_list.append(result)
-    event_list.sort(key=lambda item: (item["inc_mtime"], item["dg_guid"]))
+    event_list.sort(key=lambda item: (item.get("inc_mtime"), item.get("dg_guid")))


Add a unit test that tests this method were item does not have inc_mtime and dg_guid and see that it is working.

Packs/DigitalGuardian/ReleaseNotes/1_1_5.md

ShirleyDenkberg · 2024-06-19T10:44:07Z

@thefrieddan1 Doc review completed.

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

…lGuardian_bug

* fixed parsing events from api * fix * added rn * fix * fix * fixes * fixes * added rn * updated do * pre-commit edits * Update Packs/DigitalGuardian/ReleaseNotes/1_1_5.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/DigitalGuardian/ReleaseNotes/1_1_5.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fixes * made a change for the unit test * edit * added fixes for unittests * fixed do --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

merit-maita added 9 commits June 12, 2024 22:30

fixed parsing events from api

3f3678f

fix

c126098

added rn

47fabb8

fix

58c7717

fix

e24b700

Merge branch 'master' into digitalGuardian_bug

eee3588

fixes

6ce0078

fixes

2bcbdcf

Merge branch 'master' into digitalGuardian_bug

64049c5

merit-maita requested a review from thefrieddan1 June 18, 2024 17:40

merit-maita added 3 commits June 18, 2024 20:50

added rn

1253041

updated do

192f9c7

pre-commit edits

48a47da

thefrieddan1 assigned merit-maita Jun 19, 2024

thefrieddan1 requested a review from ShirleyDenkberg June 19, 2024 10:17

thefrieddan1 reviewed Jun 19, 2024

View reviewed changes

ShirleyDenkberg self-assigned this Jun 19, 2024

ShirleyDenkberg reviewed Jun 19, 2024

View reviewed changes

Packs/DigitalGuardian/ReleaseNotes/1_1_5.md Outdated Show resolved Hide resolved

Packs/DigitalGuardian/ReleaseNotes/1_1_5.md Outdated Show resolved Hide resolved

ShirleyDenkberg added the docs-approved label Jun 19, 2024

merit-maita and others added 8 commits June 19, 2024 15:03

Merge branch 'master' into digitalGuardian_bug

5287119

Update Packs/DigitalGuardian/ReleaseNotes/1_1_5.md

f1bb2d3

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

Update Packs/DigitalGuardian/ReleaseNotes/1_1_5.md

bbb80b8

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

Merge remote-tracking branch 'origin/digitalGuardian_bug' into digita…

582a2a9

…lGuardian_bug

fixes

37fdc2c

made a change for the unit test

b131345

edit

0c5cc84

added fixes for unittests

7d4d640

thefrieddan1 approved these changes Jun 19, 2024

View reviewed changes

merit-maita added 2 commits June 19, 2024 16:51

fixed do

995e223

Merge branch 'master' into digitalGuardian_bug

0defdf8

merit-maita merged commit 043480d into master Jun 19, 2024
18 checks passed

merit-maita deleted the digitalGuardian_bug branch June 19, 2024 15:12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Digital guardian Bug #34920

Digital guardian Bug #34920

merit-maita commented Jun 18, 2024 •

edited

github-actions bot commented Jun 18, 2024

github-actions bot commented Jun 18, 2024 •

edited

thefrieddan1 Jun 19, 2024

thefrieddan1 Jun 19, 2024

thefrieddan1 Jun 19, 2024

thefrieddan1 Jun 19, 2024

ShirleyDenkberg commented Jun 19, 2024

Digital guardian Bug #34920

Digital guardian Bug #34920

Conversation

merit-maita commented Jun 18, 2024 • edited

Status

Related Issues

Description

Must have

github-actions bot commented Jun 18, 2024

Your contributed DigitalGuardian pack has been modified on files:

github-actions bot commented Jun 18, 2024 • edited

thefrieddan1 Jun 19, 2024

Choose a reason for hiding this comment

thefrieddan1 Jun 19, 2024

Choose a reason for hiding this comment

thefrieddan1 Jun 19, 2024

Choose a reason for hiding this comment

thefrieddan1 Jun 19, 2024

Choose a reason for hiding this comment

ShirleyDenkberg commented Jun 19, 2024

merit-maita commented Jun 18, 2024 •

edited

github-actions bot commented Jun 18, 2024 •

edited