Update master #29
Merged
Update master #29
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Creating integration- ExtrahopRevealXEventCollector - Event Collector for ExtraHop Reveal (X)
…emisto#39600) * add Anomali Security Analysis Alerts Pack and add fetch & update alerts commmands * add doc * change README file * change metadata and yml files, delete whitespace * change command names * rename pack name and file name, change yml file format * change yml file * change yml file and add new test cases * change timezone * update yml file and description, update command names * remove unused function * add README file to packs * combine alert commands and add offset and fetch_size params * remove blank space * add unit test for udpating alerts and change description * change none string params * add author image and change unit test * add dot to the description * change logo and command name * change README file * change logo size * add default value for source * change README file * add dafault value * update description and remove traceback * use signle quotes * change unit test and remove fields from context * change README file * update README file * change data in ip address --------- Co-authored-by: mhai <43636622+kjhmh2@users.noreply.github.com> Co-authored-by: Sapir Shuker <49246861+sapirshuker@users.noreply.github.com>
* Add timeout_in_seconds as argument to xdr-xql-generic-query command * Address ruff errors * Update docker image * RN * Apply suggestions from code review Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> * Address CR * Address CR --------- Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com>
* small fix to regex * Bump pack from version CommonTypes to 3.8.9. --------- Co-authored-by: Content Bot <bot@demisto.com>
* update parser for check_ipv4 and check_ipv6 * update xif * update releasenotes * Update 2_2_26.md * update rn * update rn * update rn * update rn * update rn --------- Co-authored-by: OBavly <156690479+OBavly@users.noreply.github.com>
* updating parsing rules, modeling rules, read me,metadata and release notes. * Update Packs/CiscoISR/README.md * Update Packs/CiscoISR/ReleaseNotes/1_0_7.md --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
* update readme, modeling rules, metadata
* AnsibleCiscoIOS: Apply ruff Format * GitHub: Apply ruff Format * Troubleshoot: Apply ruff Format * FeedSpamhaus: Apply ruff Format * CyberArkIdentity: Apply ruff Format * GoogleCloudLogging: Apply ruff Format * FeedPlainText: Apply ruff Format * FeedBambenekConsulting: Apply ruff Format * AlibabaActionTrail: Apply ruff Format * FeedFastly: Apply ruff Format * Okta: Apply ruff Format * MicrosoftGraphSecurity: Apply ruff Format * FeedGCPWhitelist: Apply ruff Format * AWS-ACM: Apply ruff Format * GsuiteAuditor: Apply ruff Format * AWS-SNS: Apply ruff Format * MicrosoftGraphAPI: Apply ruff Format * FeedBlocklist_de: Apply ruff Format * Active_Directory_Query: Apply ruff Format * AzureWAF: Apply ruff Format * FeedGitHub: Apply ruff Format * CrowdStrikeIntel: Apply ruff Format * AWS-SecurityLake: Apply ruff Format * MicrosoftTeams: Apply ruff Format * MicrosoftGraphIdentityandAccess: Apply ruff Format * Box: Apply ruff Format * AzureNetworkSecurityGroups: Apply ruff Format * Oracle_IAM: Apply ruff Format * FeedCSV: Apply ruff Format * FeedMajesticMillion: Apply ruff Format * MicrosoftGraphTeams: Apply ruff Format * GSuiteAdmin: Apply ruff Format * CrowdStrikeOpenAPI: Apply ruff Format * AzureDevOps: Apply ruff Format * Base: Apply ruff Format * AzureFirewall: Apply ruff Format * AzureSecurityCenter: Apply ruff Format * AWS-SQS: Apply ruff Format * MicrosoftGraphMail: Apply ruff Format * ServiceNow: Apply ruff Format * AnsibleMicrosoftWindows: Apply ruff Format * Attlasian: Apply ruff Format * AWS-GuardDuty: Apply ruff Format * AzureStorageFileShare: Apply ruff Format * AWS-IAM: Apply ruff Format * AnsibleVMware: Apply ruff Format * FeedFeodoTracker: Apply ruff Format * MicrosoftDefenderAdvancedThreatProtection: Apply ruff Format * ctf01: Apply ruff Format * ExportIndicators: Apply ruff Format * SAP_IAM: Apply ruff Format * MicrosoftGraphApplications: Apply ruff Format * HelloIAMWorld: Apply ruff Format * BitcoinAbuse: Apply ruff Format * TAXIIServer: Apply ruff Format * MicrosoftGraphFiles: Apply ruff Format * MicrosoftGraphDeviceManagement: Apply ruff Format * AWS-Organizations: Apply ruff Format * FeedCloudflare: Apply ruff Format * AzureStorageTable: Apply ruff Format * AWS-Athena: Apply ruff Format * Aws-SecretsManager: Apply ruff Format * PrismaCloud: Apply ruff Format * AzureStorageContainer: Apply ruff Format * SalesforceFusion: Apply ruff Format * FeedMitreAttackv2: Apply ruff Format * AWS-IAMIdentityCenter: Apply ruff Format * FeedTAXII: Apply ruff Format * FeedMalwareDomainList: Apply ruff Format * FeedUnit42v2: Apply ruff Format * FeedURLhaus: Apply ruff Format * AWS-CloudWatchLogs: Apply ruff Format * GoogleCalendar: Apply ruff Format * Microsoft365Defender: Apply ruff Format * AnsibleLinux: Apply ruff Format * MicrosoftGraphSearch: Apply ruff Format * AWS-AccessAnalyzer: Apply ruff Format * Campaign: Apply ruff Format * EDL: Apply ruff Format * CommonScripts: Apply ruff Format * AzureCompute: Apply ruff Format * AzureSQLManagement: Apply ruff Format * AzureKeyVault: Apply ruff Format * AnsibleCiscoNXOS: Apply ruff Format * AzureStorageQueue: Apply ruff Format * FeedAWS: Apply ruff Format * AzureActiveDirectory: Apply ruff Format * AWS_WAF: Apply ruff Format * FeedJSON: Apply ruff Format * ExceedLMS: Apply ruff Format * pre-commit * fixed rn * fixed rn * fixed rn * Bump pack from version Base to 1.39.26. * Bump pack from version CommonScripts to 1.19.40. * Bump pack from version CommonScripts to 1.19.41. * Bump pack from version CommonScripts to 1.19.42. * Bump pack from version MicrosoftTeams to 1.5.23. * reverted adding rn entries with no code changes * Bump pack from version CommonScripts to 1.19.43. * reverted adding rn entries with no code changes * reverted adding rn entries with no code changes * reverted adding rn entries with no code changes * added feedshield * added rn * Bump pack from version FeedDShield to 1.1.37. * added rn * added rn --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: merit-maita <meretmaayta@gmail.com> Co-authored-by: merit-maita <49760643+merit-maita@users.noreply.github.com>
* Update README.md Added a note under Authentication set up * pre-commit fix --------- Co-authored-by: meichler <meichler@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…emisto#39590) * bug - incomplete categories whe running the command get_url_category * revert import * filed test * solution * solution * fix test * fix test * add one more category * remove one form the list * empty commit
* updated the hash_object func * added rn * updated docker image * Bump pack from version CommonScripts to 1.19.46. --------- Co-authored-by: Content Bot <bot@demisto.com>
* Replace XSOAR 8 Example in READM * Update Packs/GenericWebhook/Integrations/GenericWebhook/README.md Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> * docker and RN * port no required and credentials are required * fixed test-conf * change to mp * only on - prem * Add TLS limitation * format fixes * add description file * fixes * add ignore * chagne --------- Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: meichler <meichler@paloaltonetworks.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com>
* Update Incydr SDK version (demisto#39586) * Update Incydr SDK version * release notes * add section key * fix UT --------- Co-authored-by: Cecilia Stevens <63068179+ceciliastevens@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: meichler <meichler@paloaltonetworks.com>
* logo update * readme update Co-authored-by: suraj-metron <87964764+suraj-metron@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com>
Line 96, Changed/Corrected "Settings > Integrations > Servers & Services" to "Settings > Integrations > Instances". This tripped up one of my new customers. Co-authored-by: unpanw01 <80787658+unpanw01@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com>
* Fixed context for quick-actions * release notes
* Added casting for ScStatus field and updated its type in the schema file * Added RN
…to#39639) * Skip integration README from check large files hook * add new line * udpate * test * revert * add scripts * revert
* Add exception handling * Add test * CR issues
Co-authored-by: Content Bot <bot@demisto.com>
* Add the get-incidents command * . * Add Test * Add Look Back mechanism * add test * Add RN * . * . * . * . * CR issues
* fix exception parsing * Added rn * Reverted a feature added by mistake * Bump pack from version Core to 3.2.35. --------- Co-authored-by: Content Bot <bot@demisto.com>
* update supported modules * CortexResponseAndRemediation-Triggers * Microsoft365Defender * G Suite Admin * update supported modules in core packs list * CR changes * CR changes * define CommonPlaybook as core in C3 X0 * define rasterize as core in C3 X0
Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com>
* fix status code 401 * bump RN * update docker add sections * add test_get_actors_names_request_regenerate_token and test_fetch_no_indicators_regenerate_token * add missing section to params
* Dataminr Release 1.0.14 (demisto#39604) * Dataminr Release 1.0.14 * Added section order in integration --------- Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> * udpate description --------- Co-authored-by: Crest Data <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: meichler <meichler@paloaltonetworks.com>
* Lansweeper Release 1.0.12 (demisto#39742) Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> * Add section order --------- Co-authored-by: Crest Data <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: meichler <meichler@paloaltonetworks.com>
* update netutil docker * Bump pack from version CommonScripts to 1.19.44. * Bump pack from version CommonScripts to 1.19.45. * after merge master * Bump pack from version CommonScripts to 1.19.47. * Bump pack from version CommonScripts to 1.19.48. * Bump pack from version CommonScripts to 1.19.49. * Bump pack from version CommonScripts to 1.19.50. * merge masetr --------- Co-authored-by: Content Bot <bot@demisto.com>
* update docker tag * update docker tag * revert some packs
* CTM360 Pack Update - Fetch Evidence (demisto#39550) * Add new main playbook version (v3) * Add new playbook to be used as subplaybook * Update incident type to use new playbook version * Update README & integration to support screenshots * Add tests and test data for new addition * Update pack minor version and release notes * Update .pack-ignore * Update .pack-ignore again * Update Packs/CTM360-CyberBlindspot/ReleaseNotes/2_2_0.md Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Run `demisto-sdk format` on new playbooks * Fix bug causing setting to always be set to True * Update new command's output context * Fix timestamp not showing in markdown table * No duplicate fetching and early return * Ran format against config and regen. docs after --------- Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Fix RN * ignore 440 --------- Co-authored-by: S. AlQasim D. <136978057+edx-sayed-salem@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: meichler <meichler@paloaltonetworks.com>
* CTM360 Pack Update - Fetch Evidence (demisto#39550) * Add new main playbook version (v3) * Add new playbook to be used as subplaybook * Update incident type to use new playbook version * Update README & integration to support screenshots * Add tests and test data for new addition * Update pack minor version and release notes * Update .pack-ignore * Update .pack-ignore again * Update Packs/CTM360-CyberBlindspot/ReleaseNotes/2_2_0.md Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Run `demisto-sdk format` on new playbooks * Fix bug causing setting to always be set to True * Update new command's output context * Fix timestamp not showing in markdown table * No duplicate fetching and early return * Ran format against config and regen. docs after --------- Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Fix RN * ignore 440 --------- Co-authored-by: S. AlQasim D. <136978057+edx-sayed-salem@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: meichler <meichler@paloaltonetworks.com>
* fix playbook conditions * RN * silent fix * fix type in 3 playbooks
…itaniumCloudv2/ReversingLabsTitaniumCloudv2.yml Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com>
…itaniumCloudv2/ReversingLabsTitaniumCloudv2.yml Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com>
…itaniumCloudv2/ReversingLabsTitaniumCloudv2.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com>
Ti cloud v2.7.0
Update NVDv2 to Support CVSS version 4.0 - most updated version of the Common Vulnerability Scoring System standard. Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com> --------- Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com>
Update tests
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
35 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: link to the issue
Description
A few sentences describing the overall goals of the pull request's commits.
Must have