Recordedfuture v2.5.1 (demisto#29961)

* Recordedfuture v2.5.1 (demisto#29905) * Add AI insights field * Fix mapper * Bump RecordedFuture app version * Add release notes * Update docker image --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Bump Docker version --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com>
wolyslager · Oct 2, 2023 · 02424c1 · 02424c1
1 parent 943c60a
commit 02424c1
Show file tree

Hide file tree

Showing 7 changed files with 78 additions and 5 deletions.
diff --git a/Packs/RecordedFuture/Classifiers/classifier-Recorded_Future_Incoming_Mapper.json b/Packs/RecordedFuture/Classifiers/classifier-Recorded_Future_Incoming_Mapper.json
@@ -26,6 +26,9 @@
                 },
                 "occurred": {
                     "simple": "triggered"
+                },
+                "Recorded Future AI Insights": {
+                    "simple": "ai_insights"
                 }
             }
         },

diff --git a/Packs/RecordedFuture/IncidentFields/incidentfield-Recorded_Future_Alert_Ai_insights.json b/Packs/RecordedFuture/IncidentFields/incidentfield-Recorded_Future_Alert_Ai_insights.json
@@ -0,0 +1,34 @@
+{
+    "id": "incident_recordedfutureaiinsights",
+    "version": -1,
+    "modified": "2023-09-14T14:11:12.590942262Z",
+    "name": "Recorded Future AI Insights",
+    "ownerOnly": false,
+    "cliName": "recordedfutureaiinsights",
+    "type": "longText",
+    "closeForm": false,
+    "editForm": true,
+    "required": false,
+    "neverSetAsRequired": false,
+    "isReadOnly": false,
+    "useAsKpi": false,
+    "locked": false,
+    "system": false,
+    "content": true,
+    "group": 0,
+    "hidden": false,
+    "openEnded": false,
+    "associatedTypes": [
+        "Recorded Future Alert",
+        "Recorded Future Leaked Credential Monitoring",
+        "Recorded Future Potential Typosquat",
+        "Recorded Future New Critical or Pre NVD Vulnerabilities"
+    ],
+    "associatedToAll": false,
+    "unmapped": false,
+    "unsearchable": true,
+    "caseInsensitive": true,
+    "sla": 0,
+    "threshold": 72,
+    "fromVersion": "6.5.0"
+}
diff --git a/Packs/RecordedFuture/Integrations/RecordedFuture/RecordedFuture.py b/Packs/RecordedFuture/Integrations/RecordedFuture/RecordedFuture.py
@@ -13,7 +13,7 @@
 # disable insecure warnings
 requests.packages.urllib3.disable_warnings()  # type: ignore
 
-__version__ = '2.5.0'
+__version__ = '2.5.1'
 
 
 # === === === === === === === === === === === === === === ===

diff --git a/Packs/RecordedFuture/Integrations/RecordedFuture/RecordedFuture.yml b/Packs/RecordedFuture/Integrations/RecordedFuture/RecordedFuture.yml
@@ -147,7 +147,7 @@ script:
   script: '-'
   type: python
   subtype: python3
-  dockerimage: demisto/python3:3.10.13.73190
+  dockerimage: demisto/python3:3.10.13.75921
   commands:
   - name: domain
     description: Gets a quick indicator of the risk associated with a domain.
@@ -2863,7 +2863,7 @@ script:
       description: Recorded Future threat actor links by type.
       type: string
   - name: recordedfuture-threat-links
-    description: Search links
+    description: Search links.
     arguments:
     - name: entity_type
       required: false
@@ -3008,7 +3008,7 @@ script:
       description: Recorded Future Detection rules file_name.
       type: String
   - name: recordedfuture-collective-insight
-    description: Post detection to collective insight
+    description: Post detection to collective insight.
     arguments:
     - name: entity_type
       required: true

diff --git a/Packs/RecordedFuture/Layouts/layoutscontainer-Recorded_Future_Incident.json b/Packs/RecordedFuture/Layouts/layoutscontainer-Recorded_Future_Incident.json
@@ -370,6 +370,15 @@
                                 "index": 5,
                                 "sectionItemType": "field",
                                 "startCol": 0
+                            },
+                            {
+                                "endCol": 2,
+                                "fieldId": "recordedfutureaiinsights",
+                                "height": 22,
+                                "id": "incident_recordedfutureaiinsights",
+                                "index": 6,
+                                "sectionItemType": "field",
+                                "startCol": 0
                             }
                         ],
                         "maxW": 3,

diff --git a/Packs/RecordedFuture/ReleaseNotes/1_7_2.md b/Packs/RecordedFuture/ReleaseNotes/1_7_2.md
@@ -0,0 +1,27 @@
+
+#### Integrations
+
+##### Recorded Future v2
+- Updated the Docker image to: *demisto/python3:3.10.13.75921*.
+- Display Recorded Future AI Insights in incident layout
+- Add Recorded Future AI Insights to alerts and intelligence commands results
+
+
+#### Layouts
+
+##### Recorded Future Incident
+
+- Add Recorded Future AI Insights field to incident layout
+
+
+#### Incident Fields
+
+- New: **Recorded Future AI Insights**
+
+
+#### Mappers
+
+##### Recorded Future - Incoming Mapper
+
+- Create a mapper for Recorded Future AI Insights
+
diff --git a/Packs/RecordedFuture/pack_metadata.json b/Packs/RecordedFuture/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Recorded Future Intelligence",
     "description": "Recorded Future App, this pack is previously known as 'RecordedFuture v2'",
     "support": "partner",
-    "currentVersion": "1.7.1",
+    "currentVersion": "1.7.2",
     "author": "Recorded Future",
     "url": "https://www.recordedfuture.com/support/demisto-integration/",
     "email": "support@recordedfuture.com",