-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Digital guardian Bug #34920
Digital guardian Bug #34920
Conversation
Your contributed DigitalGuardian pack has been modified on files:Packs/DigitalGuardian/ReleaseNotes/1_1_5.md |
Coverage Report
|
@@ -180,8 +180,8 @@ def check_componentlist_entry(): | |||
|
|||
if 200 <= r.status_code <= 299: | |||
for jText in json_text: | |||
if str(jText['content_value']).lower() == componentlist_entry.lower(): | |||
componentlist = jText['content_value'] | |||
if str(jText.get('content_value')).lower() == componentlist_entry.lower(): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
perhaps return a default empty string jText.get('content_value', '')
because we are doing lower on that and it will throw exception if returns None
@@ -125,8 +125,8 @@ def get_watchlist_entry_id(watchlist_name: str, watchlist_entry: str) -> str: | |||
if r.status_code != requests.codes.ok: | |||
return_error('Unable to retrieve watchlist entries') | |||
for jText in json_text: | |||
if str(jText['value_name']).lower() == watchlist_entry.lower(): | |||
watchlist_entry_id = jText['value_id'] | |||
if str(jText.get('value_name')).lower() == watchlist_entry.lower(): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same here:
jText.get('content_value', '')
|
||
DEBUG("cef: " + json.dumps(cef)) | ||
for artifact_key, artifact_tuple in specific_alert_mapping.get(CATEGORY).items(): # type: ignore | ||
if alert.get(artifact_tuple[0]): | ||
cef[artifact_key] = alert[artifact_tuple[0]] | ||
cef_types[artifact_key] = artifact_tuple[1] | ||
if cef: | ||
comm = alert['dg_alarm_name'].find(',') | ||
comm = alert.get('dg_alarm_name').find(',') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same here:
alert.get('dg_alarm_name', '')
result = dict(zip(outcome, event)) | ||
event_list.append(result) | ||
event_list.sort(key=lambda item: (item["inc_mtime"], item["dg_guid"])) | ||
event_list.sort(key=lambda item: (item.get("inc_mtime"), item.get("dg_guid"))) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add a unit test that tests this method were item does not have inc_mtime and dg_guid and see that it is working.
@thefrieddan1 Doc review completed. |
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
* fixed parsing events from api * fix * added rn * fix * fix * fixes * fixes * added rn * updated do * pre-commit edits * Update Packs/DigitalGuardian/ReleaseNotes/1_1_5.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/DigitalGuardian/ReleaseNotes/1_1_5.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fixes * made a change for the unit test * edit * added fixes for unittests * fixed do --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Status
Related Issues
fixes: https://jira-dc.paloaltonetworks.com/browse/XSUP-38319
Description
fixed an issue where fetch events failed when some fields from the api were empty
Must have