[Google Threat Intelligence] IoC Stream Feed integration #116
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…misto#36010) * playbook without format * playbook formatted + readme * playbook formatted + readme * fixed autoextract in tasks * fixed autoextract in task * fixed autoextract in task * Bump pack from version CommonPlaybooks to 2.6.39. * Updated the playbook description to explain encrypted files are not supported, and updated pb readme * Update Packs/CommonPlaybooks/ReleaseNotes/2_6_39.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: scnx-knathani <[email protected]>
* add fix * update docker and reomve get_attack_id_and_value_from_name tests * update docker api module * fix tests * add function * add RN, fix function, fix tests * Update 1_0_56.md * add tests taxii2apimodule * add fix * add RN * Update 1_15_50.md * add sub report and main report distinction * add RN * fixes, add test docstrings * remove the skip relationship for report type * update docker, add test, update RN to correct docker resolve conflicts * save BC * code improvments * fixes * fixes * add new line at the end of FeedUnit42v2_test.py file * update RN * Bump pack from version CommonScripts to 1.15.54. * CR review * RN * fix tests * format get_report_object function * delete get_report_object duplicated function * delete duplicates from feed_data * fix CR review - TAXII2ApiModule_tests, TAXII2ApiModule and is_atom42_sub_report method * Bump pack from version FeedDHS to 2.0.42. * Bump pack from version FeedGitHub to 1.0.9. * fix CR review - get_attack_id_and_value_from_name, get_relationships_from_sub_reports * fix get_attack_id_and_value_from_name * add empty line * get_attack_id_and_value_from_name BC save * get_attack_id_and_value_from_name BC save * Bump pack from version CommonScripts to 1.15.55. * add fix to get_relationships_from_sub_reports * add test * Bump pack from version CommonScripts to 1.15.56. * Bump pack from version FeedMitreAttackv2 to 1.1.41. * Bump pack from version CommonScripts to 1.15.57. * change docstring and function name * add strip to the get_mitre_attack_id_and_value_from_name function * Bump pack from version CommonScripts to 1.15.58. --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: israelpoli <[email protected]>
…misto#36158) * Fixed bug for IP Indicator Custom Fields where it was references URL.ASOwner in context as opposed to IP.ASOwner * Fixed an issue where the ASOwner field was incorrectly mapped to URL.ASOwner instead of IP.ASOwner in context. * Update CONTRIBUTORS.json * Version bump. * Update Packs/CommonTypes/ReleaseNotes/3_5_15.md --------- Co-authored-by: Tim Roberts <[email protected]> Co-authored-by: troberts <[email protected]> Co-authored-by: Danny Fried <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>
* fix * format * RN and UD * ruff * typo
* description * Update EnrichExcludeButton.yml * Update EnrichExcludeButton.yml * Update Packs/CommonScripts/Scripts/EnrichExcludeButton/EnrichExcludeButton.yml Co-authored-by: ShirleyDenkberg <[email protected]> * RN * rn --------- Co-authored-by: ShirleyDenkberg <[email protected]>
* init modeling rules * add parsing rules * add parsing rules * add modeling rules * add XDRC filebeat template * add xdrc support for linux * update pack metadata * update README.md * fix XDRC template directory structure * modeling fine tunning * fine tune XDRC templates * fix xdm.network.rule and xdm.event.outcome_reason * update README.md * update release notes * update release notes * Update Packs/HashiCorp-Vault/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/HashiCorp-Vault/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/HashiCorp-Vault/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/HashiCorp-Vault/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/HashiCorp-Vault/ReleaseNotes/1_1_24.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/HashiCorp-Vault/ReleaseNotes/1_1_24.md Co-authored-by: ShirleyDenkberg <[email protected]> * remove reduntant spaces from response error message * add filebeat template image * move image to doc_file * update template image for filebeat * Add template selection image to README.md * Update filebeat template image URL * update picture URL to commit based * update URL to a raw link * update README image URL * update README image URL --------- Co-authored-by: ShirleyDenkberg <[email protected]>
* changes * ReleaseNotes * Bump pack from version PrismaCloud to 4.3.10. * Apply suggestions from code review Co-authored-by: yuvalbenshalom <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: yuvalbenshalom <[email protected]>
* init * RN + docker * fix UTs * fix UTs * CR changes
* fixed the file upload command in CoreRestAPI * RN * Docs review
* MetaDefender Sandbox v2.0.0 (demisto#36123) * Handle no_threat verdict * Add release notes * update currentVersion in metadata * remove url from testfile, add proper release notes * update demisto docker version * update docker --------- Co-authored-by: Aniko Bartos <[email protected]> Co-authored-by: ipolishuk <[email protected]>
* Get updates from pt1 * Replace created file path with a temp file * Replace created file path with a temp file * Remove teardown and setup functions for TestCreateFile * Add RN * Add RN
* fix * fix v2 * fix + RN * ruff changes * return the payload in case of error * Update Packs/MailListener/ReleaseNotes/1_0_57.md Co-authored-by: ShirleyDenkberg <[email protected]> * fix problem * fix problem * fix validation * revert ruff change * remove unused code + ignore ruff --------- Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: Content Bot <[email protected]>
* fix * update rn * update docker * trigger build - update secrets * Update Packs/ApiModules/Scripts/AWSApiModule/AWSApiModule.yml revert update docker * Bump pack from version AWS-EC2 to 1.4.13. * fix TPBs * update docker --------- Co-authored-by: Content Bot <[email protected]>
* misspell * fromversion to fromVersion
…36152) * created_timestamp update * unit tests fix * fixed ruff errors * updated unit tests * rn
* Initial commit of Hoxhunt integration * Add contributors * Fixing pre-commit issues * Adding Author image * Fixed whitespaces * Fixing whitespaces vol2 * Fixed image and yml file issues. * Fixed .py related issues * pre-commit changes. yml format changes. * Adding integration README * Add API version to README * Fixing typo in contributor name * Initial commit of Hudsonrock Intergration to content * Fixing API key assigned but not used * Fixed requested items * Added . to the end of the main description of the pack yml --------- Co-authored-by: Hruuttila <[email protected]> Co-authored-by: Danny_Fried <[email protected]>
…capital letter (demisto#36193) * fix * update * added test * update
* Add BA127 to content validtion_config * Add BA127 to content validtion_config * Add BA127 to content validtion_config
…date (demisto#36209) * [Marketplace Contribution] Community Common Scripts - Content Pack Update (demisto#36167) * "contribution update to pack 'Community Common Scripts'" * Update GenerateRandomJSON.py * Update GenerateRandomJSON.py * Update GenerateRandomJSON.yml --------- Co-authored-by: Adi Daud <[email protected]> * update .secrets-ignore * bump RN --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: adi88d <[email protected]>
* Deprecate hey script (demisto#35901) * deprecate hey * bump RN * create pack * add info to yml * add command * add test * add fetch * add _time * add description * add UT * add UT * update docker image * update docker image * update docker image * add ut * add ut * add ut * update description * UTC * ignore native * doc string * fix fetch * add gif * add readme * fix fetch * add readme pack * add Set up the Third Party System * add hr * Remove eventCollector from integration name * doc review * fix debug log * fix after cr * update docstring * run build * Moving the git file to content-assets * update docker image * added modeling rule * changes to the modeling rule, updated tags in the metadata and the READMe. * updated log schema * Remove ModelingRules * rerun --------- Co-authored-by: Sharon Fish <[email protected]>
* Adding 'canvas' tab to system indicators * reverting 'canvas' tab for xsoar 6 layouts. * system incidents' canvas tab * revert redundant changes * Release notes * Bump pack from version Core to 3.0.56. * Bump pack from version Core to 3.0.57. * Bump pack from version Core to 3.0.58. * Bump pack from version CommonTypes to 3.5.15. * Bump pack from version Core to 3.0.59. * Bump pack from version Core to 3.0.60. * Bump pack from version CommonTypes to 3.5.16. * Bump pack from version PrismaCloud to 4.3.11. * empty commit * empty commit * ignore lo107 * empty commit --------- Co-authored-by: Content Bot <[email protected]>
…#36240) * fixes * added rn
* wallix bastion: enable requests timeout configuration * wallix bastion: refactor WAB_test.py * wallixbastion: 2.1.0 * wallixbastion: increase code coverage * wallixbastion: add unit tests for login methods * wallixbastion: add unit tests for command test-module * wallixbastion: make sure all commands are covered by unit tests * wallixbastion: add contributors.json * wallixbastion: return readable text for commands without response * wallixbastion: fix typo in outputs description * wallixbastion: add new commands arguments to the release notes * wallixbastion: add outputs_key_field to command results where possible * wallixbastion: use tableToMarkdown to display commands outputs * wallixbastion: update release notes * wallixbastion: fix error in timeout configuration * wallixbastion: remove command wab-edit-mappings-of-user-group * wallixbastion: fix unit tests * wallixbastion: remove command wab-generate-remote-application-token * wallixbastion: regen README and update docker version * wallixbastion: reformat README Co-authored-by: yoennb <[email protected]>
* Documentation fix * release notes * more links * Update more links and supported version
* update docker * update TPB * update docker * FIX * update
…date (demisto#36161) (demisto#36251) * "contribution update to pack 'Community Common Scripts'" * Update Packs/CommunityCommonScripts/Scripts/DateTimeToLDAPTime/DateTimeToLDAPTime.py * Update Packs/CommunityCommonScripts/Scripts/DateTimeToLDAPTime/DateTimeToLDAPTime.py * Update Packs/CommunityCommonScripts/Scripts/DateTimeToLDAPTime/DateTimeToLDAPTime.py * Update Packs/CommunityCommonScripts/Scripts/DateTimeToLDAPTime/DateTimeToLDAPTime.py * Update Packs/CommunityCommonScripts/Scripts/DateTimeToLDAPTime/DateTimeToLDAPTime.py * pre commit * Update Packs/CommunityCommonScripts/Scripts/DateTimeToLDAPTime/README.md * add Lizz Boice to CONTRIBUTORS.json --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Lizz <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: rshunim <[email protected]>
* checking description * fix
* Add sekoia xdr pack without mirroring * Change docker version * Delete some yml configurations * Change yaml files * Apply linter Co-authored-by: TOUFIKI Zakarya <[email protected]>
* replace GH username to PANW usename for oncall * commit
* adding integrations a-c * rn
* exclude unknown values and fix mac address * update release notes
* applied a fix * added status code * added rn * coverage * fix after unit test fail * pre-commit issue * edit
* update * update * update * update
…#35770) * add `native_nightly_packs` * sk_conf_native * added more packs * fix packs name>path * Apply suggestions from code review
* mypy in docker * --non-interactive --install-types * --implicit-optional * comment all * --follow-imports=silent comment * types-all * -non-interactive * --cache-dir * del `ignore-missing-imports` * PIP_NO_CACHE_DIR: "off" * PIP_ROOT: "/tmp/mypy_types" * mypy in docker * env * # PIP_ROOT: /tmp/mypy_types * mypy_requirements * add more libs * docker image modes * revert * uncomment * order * comments * test * comments * skip: true * Update mypy-requirements.txt Co-authored-by: dorschw <[email protected]> * Update .pre-commit-config_template.yaml --------- Co-authored-by: dorschw <[email protected]>
* fix * fix * fix * fix
pabloperezj
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: link to the issue
Description
A few sentences describing the overall goals of the pull request's commits.
Must have