You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Demisto Content Release Notes for version 19.3.1 (19965)
Published on 19 March 2019
Integrations
New Integrations
DUO Admin
Manage administrative functionality of DUO Security's two-factor authentication platform.
11 Improved Integrations
Active Directory Query v2
Added the context-output argument to the ad-search command. If the argument is set to no, the command will not output results.
Improved functionality of the size-limit argument in the ad-search command.
ArcSight ESM v2
Added the newparameter parameter, which defines the maximum number of unique case IDs to fetch.
Improved representation of ArcSight fields in the context.
For the as-get-case-event-ids command, added a flag that gets correlated events .
Cybereason
Added the machinename argument to the cybereason-malop-processes command.
Gmail
Improved fetched incidents functionality.
Luminate
Added severity to fetched incidents.
Phish.AI
Added the phish-ai-dispute-url command.
ProtectWise
Fixed a context output issue, which caused inaccessible items to be available in context.
Symantec Advanced Threat Protection
Fixed output for the satp-files command in cases when the file was not previously seen in ATP.
Whois
The integration is now disabled by default.
Palo Alto Networks WildFire
Improved error handling for the wildfire-report command.
Zscaler
Added the Use system proxy settings checkbox to the integration configuration. By default, the checkbox is selected. If you do not want to use system proxy settings, make sure you clear this checkbox.
Scripts
New Script
CheckDockerImageAvailable
Checks if a Docker image is available for performing Docker pull. The script simulates the Docker pull flow, but doesn't actually pull the image.
6 Improved Scripts
ParseEmailFiles
EML files nested within EML files, and MSG files nested within MSG files are now extracted and parsed.
Use the HeadersMap (key-value structure) for output instead of Headers.
Added the parse_only_headers argument (set to true) to parse only headers.
ExtractDomainFromUrlAndEmail
Fixed domain extraction functionality when working with subdomains in an email.
ExtractIndicatorsFromWordFile
Fixed an encoding issue.
Added support for encoding to UTF-8 when displaying the data.
FindSimilarIncidents
Future incidents are now ignored.
ParseCSV
Added support for non-UTF-8 codec.
RegPathReputationBasicLists
Fixed score output.
Deprecated Script
ParseEmailHeaders
Use the ParseEmailFiles script instead. You need to specify parse_only_headers=true.
Playbooks
2 Improved Playbooks
Detonate File - HybridAnalysis
The playbook now checks for an active integration instance enabled.
Process Email - Generic
Improved detection of EML and MSG files as attachments.
Widgets
8 New Widgets
Active Incidents Assigned by User
Active Incidents by Role
Active Incidents - Line chart
Active Incidents - Pie chart
Closed Incidents by Role
Unassigned Active Incidents
Unassigned Closed Incidents
Unassigned Pending Incidents
8 Improved Widgets
Average Incident Duration by Role (Avg)
Improved the query and updated the widget name.
Incidents By Close Reason
Improved the query and updated the widget name.
Incidents Occurred Per Day
Improved the query and updated the widget name.
Incidents by Role
Improved the query and updated the widget name.
Incidents Top Close Analysts
Improved the query and updated the widget name.
MTTR by Type
Improved the query and updated the widget name.
MTTR Occurred by Type
Improved the query and updated the widget name.
Top Active Playbooks
Improved the query and updated the widget name.