final version 1.1.0

docs/.static/css/custom.css

@@ -0,0 +1,14 @@
+/* increase width */
+.wy-nav-content {
+  max-width: 1500px;
+}
+
+/* fix non wrapping tables */
+.wy-table-responsive table td,
+.wy-table-responsive table th {
+  white-space: normal !important;
+}
+
+.with-border img {
+  border: 1px solid #555;
+}

docs/conf.py

@@ -287,3 +287,6 @@
 
 # If true, do not generate a @detailmenu in the "Top" node's menu.
 #texinfo_no_detailmenu = False
+
+def setup(app):
+    app.add_css_file('css/custom.css')

docs/configuration.rst

@@ -11,12 +11,16 @@ Global configuration
 .. image:: img/config1.png
    :alt: config1.png
    :align: center
+   :width: 1000px
+   :class: with-border
 
-*Addon settings:*
+*Add-on settings:*
 
 .. image:: img/config2.png
    :alt: config2.png
    :align: center
+   :width: 1000px
+   :class: with-border
 
 - **Default MS team channel:**
 
@@ -34,6 +38,16 @@ In a similar fashion, this defines the icon link to be used by default when publ
 
 This setting is optional and  and can be let unset in the global app configuration.
 
+- **URL regex compliancy checker:**
+
+To avoid allowing the target URL to be set to a free value, and prevent data exflitration, you use this option to define a valid regular expression that will be applied automatically when the alert action triggers.
+
+If the regular expression does not match the target URL, the alert action will be refused and the Python backend will not proceed to the Webhook call.
+
+- **SSL certificate validation:**
+
+If the option is checked, the Python backend will require the SSL certificate to be a valid certificate.
+
 Per alert configuration
 =======================
 
@@ -42,6 +56,7 @@ Per alert configuration
 .. image:: img/config3.png
    :alt: config3.png
    :align: center
+   :class: with-border
 
 - **Override default Webhook URL**
 
@@ -80,6 +95,7 @@ For this option to be activated, both of these items need to be configured, note
 .. image:: img/message_example.png
    :alt: message_example.png
    :align: center
+   :class: with-border
 
 - **HttpPOST Action:**
 
@@ -97,6 +113,7 @@ Status dashboard
 .. image:: img/overview.png
    :alt: overview.png
    :align: center
+   :class: with-border
 
 Should there be any failures in publishing messages, the related information and logs are made available easily.
 
@@ -110,6 +127,7 @@ Out the box alert for publishing failures detection
 .. image:: img/alert.png
    :alt: alert.png
    :align: center
+   :class: with-border
 
 Failures for publication can have different causes like network issues, typo or misconfiguration, as always the truth will be in the logs.
 

docs/releasenotes.rst

@@ -6,8 +6,9 @@ Version 1.1.0
 
 **New major release: Migration from AoB framework to splunk-ucc-generator:**
 
+- Enhancement - the migration to splunk-ucc-generator provides a better and modern framework for Add-ons
 - Change - support is dropped for Splunk 7.x, version 1.1.x only supports Splunk 8.x and Python3
-- Refreshed and modern configuration UI
+- Change - JQuery migration for the Overview dashboard
 
 Version 1.0.20
 ==============

globalConfig.json

@@ -171,6 +171,22 @@
                                 }
                             ]
                         },
+                        {
+                            "field": "default_ms_teams_check_url_compliancy",
+                            "label": "URL regex compliancy checker",
+                            "type": "text",
+                            "help": "You can define a regular expression used to verify that URL is compliant with your rules",
+                            "required": false,
+                            "defaultValue": ".*",
+                            "validators": [
+                                {
+                                    "type": "string",
+                                    "minLength": 0,
+                                    "maxLength": 8192,
+                                    "errorMsg": "Max length of text input is 8192"
+                                }
+                            ]
+                        },
                         {
                             "field": "default_ms_teams_ssl_verification",
                             "label": "SSL certificate validation",

output/TA-ms-teams-alert-action/README/ta_ms_teams_alert_action_settings.conf.spec

@@ -13,4 +13,5 @@ loglevel =
 [additional_parameters]
 default_ms_teams_url = 
 default_ms_teams_image_link = 
+default_ms_teams_check_url_compliancy = 
 default_ms_teams_ssl_verification = 

output/TA-ms-teams-alert-action/appserver/static/js/build/globalConfig.json

@@ -171,6 +171,22 @@
                                 }
                             ]
                         },
+                        {
+                            "field": "default_ms_teams_check_url_compliancy",
+                            "label": "URL regex compliancy checker",
+                            "type": "text",
+                            "help": "You can define a regular expression used to verify that URL is compliant with your rules",
+                            "required": false,
+                            "defaultValue": ".*",
+                            "validators": [
+                                {
+                                    "type": "string",
+                                    "minLength": 0,
+                                    "maxLength": 8192,
+                                    "errorMsg": "Max length of text input is 8192"
+                                }
+                            ]
+                        },
                         {
                             "field": "default_ms_teams_ssl_verification",
                             "label": "SSL certificate validation",

output/TA-ms-teams-alert-action/bin/ta_ms_teams_alert_action/modalert_ms_teams_publish_to_channel_helper.py

@@ -22,6 +22,7 @@ def process_event(helper, *args, **kwargs):
     from collections import OrderedDict
     import time
     import uuid
+    import re
 
     import splunk.entity
     import splunk.Intersplunk
@@ -56,6 +57,17 @@ def process_event(helper, *args, **kwargs):
                          "cannot continue. Define a default URL in global addon configuration, or for this alert.")
         return False
 
+    # Verify the URL target compliancy - if the URL does not comply, the call will not be proceeded
+    default_ms_teams_check_url_compliancy = helper.get_global_setting("default_ms_teams_check_url_compliancy")    
+    if default_ms_teams_check_url_compliancy in ("null", "None", None):
+        default_ms_teams_check_url_compliancy = ".*"
+    helper.log_debug("default_ms_teams_check_url_compliancy={}".format(default_ms_teams_check_url_compliancy))
+
+    if not re.match(str(r"%s" % default_ms_teams_check_url_compliancy), active_ms_teams_url):
+        helper.log_error("The provided URL " + str(active_ms_teams_url) + " does not comply with the URL compliancy" \
+            " check setting defined in the global configuration, therefore the operation cannot be proceeded.")
+        return 1
+
     # SSL verification (defaults to true)
     # Version 1.0.15 notes: This param option was added in version 1.0.14, but customers upgrading to prior version
     # would get failing action until a new configuration save is applied

output/TA-ms-teams-alert-action/bin/ta_ms_teams_alert_action_rh_settings.py

@@ -113,6 +113,16 @@
             min_len=0, 
         )
     ), 
+    field.RestField(
+        'default_ms_teams_check_url_compliancy',
+        required=False,
+        encrypted=False,
+        default='.*',
+        validator=validator.String(
+            max_len=8192, 
+            min_len=0, 
+        )
+    ), 
     field.RestField(
         'default_ms_teams_ssl_verification',
         required=False,

output/TA-ms-teams-alert-action/default/app.conf

@@ -6,12 +6,11 @@
 #
 ######################################################
 [install]
-is_configured = true
 state = enabled
-build = 1628185550
+build = 1628189506
 
 [launcher]
-author = Splunk Inc.
+author = Guilhem Marchand
 version = 1.1.0
 description = This addon allows publishing messages to Microsoft Teams channels with markdown formatting.
 

output/TA-ms-teams-alert-action/default/data/ui/views/overview.xml

@@ -1,4 +1,4 @@
-<form stylesheet="table.css" script="table.js" theme="dark" hideEdit="true">
+<form stylesheet="table.css" script="table.js" theme="dark" hideEdit="true" version="1.1">
     <label>Overview - Microsoft Teams messages publication</label>
     <fieldset submitButton="false">
         <input type="time" token="timerange" searchWhenChanged="true">

output/release-sha256.txt

@@ -1 +1 @@
-5c7a5ac9cd36f10abc2e014ccc40ea89962c838b9701a6baa7af5c245dc8dbc9 TA-ms-teams-alert-action_110.tgz
+9bf13d25626fe40ff5b4c9a5c080b3d4e12ca7b9bc0e6bc36dcee5fc786e62ba TA-ms-teams-alert-action_110.tgz

package/bin/ta_ms_teams_alert_action/modalert_ms_teams_publish_to_channel_helper.py

@@ -22,6 +22,7 @@ def process_event(helper, *args, **kwargs):
     from collections import OrderedDict
     import time
     import uuid
+    import re
 
     import splunk.entity
     import splunk.Intersplunk
@@ -56,6 +57,17 @@ def process_event(helper, *args, **kwargs):
                          "cannot continue. Define a default URL in global addon configuration, or for this alert.")
         return False
 
+    # Verify the URL target compliancy - if the URL does not comply, the call will not be proceeded
+    default_ms_teams_check_url_compliancy = helper.get_global_setting("default_ms_teams_check_url_compliancy")    
+    if default_ms_teams_check_url_compliancy in ("null", "None", None):
+        default_ms_teams_check_url_compliancy = ".*"
+    helper.log_debug("default_ms_teams_check_url_compliancy={}".format(default_ms_teams_check_url_compliancy))
+
+    if not re.match(str(r"%s" % default_ms_teams_check_url_compliancy), active_ms_teams_url):
+        helper.log_error("The provided URL " + str(active_ms_teams_url) + " does not comply with the URL compliancy" \
+            " check setting defined in the global configuration, therefore the operation cannot be proceeded.")
+        return 1
+
     # SSL verification (defaults to true)
     # Version 1.0.15 notes: This param option was added in version 1.0.14, but customers upgrading to prior version
     # would get failing action until a new configuration save is applied

package/default/app.conf

@@ -0,0 +1,27 @@
+######################################################
+#
+# ${package.name}
+#
+# ${copyright}
+#
+######################################################
+[install]
+state = enabled
+build = 1628188247
+
+[launcher]
+author = Guilhem Marchand
+version = 1.1.0
+description = This addon allows publishing messages to Microsoft Teams channels with markdown formatting.
+
+[ui]
+is_visible = true
+label = MS Teams alert action
+docs_section_override = AddOns:released
+
+[package]
+id = TA-ms-teams-alert-action
+
+[id]
+version = 1.1.0
+

package/default/data/ui/views/overview.xml

@@ -1,4 +1,4 @@
-<form stylesheet="table.css" script="table.js" theme="dark" hideEdit="true">
+<form stylesheet="table.css" script="table.js" theme="dark" hideEdit="true" version="1.1">
     <label>Overview - Microsoft Teams messages publication</label>
     <fieldset submitButton="false">
         <input type="time" token="timerange" searchWhenChanged="true">