[Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph #32121
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@ShirleyDenkberg please doc review when you get a chance. |
BigEasyJ
changed the title
| id: Azure Resource Graph | ||
| version: -1 | ||
| configuration: | ||
| - display: Host URL (e.g. https://management.azure.com) |
There was a problem hiding this comment.
Suggested change
| - display: Host URL (e.g. https://management.azure.com) | |
| - display: Host URL (e.g., https://management.azure.com) |
| defaultvalue: https://management.azure.com | ||
| type: 0 | ||
| required: true | ||
| - display: ID (received from the admin consent - see Detailed Instructions (?) |
There was a problem hiding this comment.
Shouldn't this information appear in the description file? It is not clear there. This info seems to be in the README from what I can tell.
Same comment for each of these parameters.
| - After authorizing the XSOAR App or the Self-Deployed Application, you will get an ID, Token, and Key, which should be inserted in the integration instance configuration's corresponding fields. After giving consent, the application has to have a role assigned so it can access the relevant resources per subscription. | ||
| - In order to assign a role to the application after consent was given: | ||
| - Go to the Azure Portal UI. | ||
| - Go to Subscriptions, and then Access Control (IAM). |
There was a problem hiding this comment.
Suggested change
| - Go to Subscriptions, and then Access Control (IAM). | |
| - Go to **Subscriptions**, and then **Access Control (IAM)**. |
|
@shmuel44 Doc review completed. |
|
Hi @BigEasyJ, |
JasBeilin
reviewed
Jun 25, 2024
Comment on lines
244
to
245
| commands_with_args_and_params: Dict[Any, Any] = { | ||
| } |
There was a problem hiding this comment.
Suggested change
| commands_with_args_and_params: Dict[Any, Any] = { | |
| } |
Removing as we usually do not pass the params but saves in the client what might be needed.
JasBeilin
reviewed
Jun 25, 2024
Comment on lines
272
to
273
| elif command in commands_with_args_and_params: | ||
| return_results(commands_with_args_and_params[command](client, args, params)) |
There was a problem hiding this comment.
Suggested change
| elif command in commands_with_args_and_params: | |
| return_results(commands_with_args_and_params[command](client, args, params)) |
JasBeilin
requested changes
Jun 25, 2024
| id: Azure Resource Graph | ||
| version: -1 | ||
| configuration: | ||
| - display: Host URL (e.g., https://management.azure.com) |
There was a problem hiding this comment.
Suggested change
| - display: Host URL (e.g., https://management.azure.com) | |
| - display: Server URL (e.g., https://management.azure.com) |
Comment on lines
15
to
20
| - display: ID (Client ID) | ||
| name: auth_id | ||
| type: 4 | ||
| required: false | ||
| section: Connect | ||
| hidden: true |
There was a problem hiding this comment.
Suggested change
| - display: ID (Client ID) | |
| name: auth_id | |
| type: 4 | |
| required: false | |
| section: Connect | |
| hidden: true |
Removing as it is old param that could not be removed due to BC but no need for it here.
Comment on lines
21
to
26
| - display: Token (Tenant ID) | ||
| name: tenant_id | ||
| type: 4 | ||
| required: false | ||
| section: Connect | ||
| hidden: true |
There was a problem hiding this comment.
Suggested change
| - display: Token (Tenant ID) | |
| name: tenant_id | |
| type: 4 | |
| required: false | |
| section: Connect | |
| hidden: true |
Removing as it is old param that could not be removed due to BC but no need for it here.
Comment on lines
46
to
51
| - display: "" | ||
| displaypassword: Token (received from the admin consent - see Detailed Instructions (?) section) | ||
| name: cred_token | ||
| type: 9 | ||
| required: false | ||
| hiddenusername: true |
There was a problem hiding this comment.
Suggested change
| - display: "" | |
| displaypassword: Token (received from the admin consent - see Detailed Instructions (?) section) | |
| name: cred_token | |
| type: 9 | |
| required: false | |
| hiddenusername: true | |
| - displaypassword: Token / Tenant ID | |
| name: cred_token | |
| type: 9 | |
| required: false | |
| hiddenusername: true | |
| display: "" | |
| section: connect | |
Comment on lines
27
to
32
| - display: Key (Client Secret) | ||
| name: enc_key | ||
| type: 4 | ||
| required: false | ||
| section: Connect | ||
| hidden: false |
There was a problem hiding this comment.
Suggested change
| - display: Key (Client Secret) | |
| name: enc_key | |
| type: 4 | |
| required: false | |
| section: Connect | |
| hidden: false |
Removing as it is old param that could not be removed due to BC but no need for it here.
| type: 9 | ||
| required: false | ||
| hiddenusername: true | ||
| additionalinfo: Used for certificate authentication. As appears in the "Certificates & secrets" page of the app. |
There was a problem hiding this comment.
Suggested change
| additionalinfo: Used for certificate authentication. As appears in the "Certificates & secrets" page of the app. | |
| additionalinfo: Used for certificate authentication. As appears in the "Certificates & secrets" page of the app. | |
| section: connect |
| name: private_key | ||
| type: 14 | ||
| required: false | ||
| additionalinfo: Used for certificate authentication. The private key of the registered certificate. |
There was a problem hiding this comment.
Suggested change
| additionalinfo: Used for certificate authentication. The private key of the registered certificate. | |
| additionalinfo: Used for certificate authentication. The private key of the registered certificate. | |
| section: connect |
Comment on lines
6
to
23
| ## Authorize Cortex XSOAR for Azure Resource Graph - Self-Deployed Configuration | ||
| To use a self-configured Azure application, you need to add a new Azure App Registration in the Azure Portal. To add the registration, go to the [Microsoft article](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app). | ||
|
|
||
| --- | ||
|
|
||
| In the self-deployed mode, you can authenticate by using Client Credentials flow | ||
|
|
||
|
|
||
| ### Client Credentials Flow | ||
|
|
||
| --- | ||
| Follow these steps for client-credentials configuration. | ||
|
|
||
| 1. In the instance configuration under **Advanced Settings**, select the **Use a self-deployed Azure application** checkbox. | ||
| 2. Enter your Client ID in the **ID / Client ID** parameter. | ||
| 3. Enter your Client Secret in the **Key / Client Secret** parameter. | ||
| 4. Enter your Tenant ID in the **Tenant ID** parameter. | ||
| 5. Click **Test** to validate the URLs, token, and connection. |
There was a problem hiding this comment.
Suggested change
| ## Authorize Cortex XSOAR for Azure Resource Graph - Self-Deployed Configuration | |
| To use a self-configured Azure application, you need to add a new Azure App Registration in the Azure Portal. To add the registration, go to the [Microsoft article](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app). | |
| --- | |
| In the self-deployed mode, you can authenticate by using Client Credentials flow | |
| ### Client Credentials Flow | |
| --- | |
| Follow these steps for client-credentials configuration. | |
| 1. In the instance configuration under **Advanced Settings**, select the **Use a self-deployed Azure application** checkbox. | |
| 2. Enter your Client ID in the **ID / Client ID** parameter. | |
| 3. Enter your Client Secret in the **Key / Client Secret** parameter. | |
| 4. Enter your Tenant ID in the **Tenant ID** parameter. | |
| 5. Click **Test** to validate the URLs, token, and connection. | |
| There are two application authentication methods available. | |
| Follow your prefered method's guide on how to use the admin consnt flow in order to recieve your authentication information: | |
| * [Cortex XSOAR Application](https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication#cortex-xsoar-application) | |
| * [Self-Deployed Application](https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication#self-deployed-application) | |
| For more details about the authentication used in this integration, see [Microsoft Integrations - Authentication](https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication). | |
| To use a self-configured Azure application, you need to add a new Azure App Registration in the Azure Portal. To add the registration, see the [Microsoft article](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app). | ||
|
|
||
| ## Authentication | ||
| For more details about the authentication used in this integration, see [Microsoft Integrations - Authentication](https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication). |
There was a problem hiding this comment.
Suggested change
| For more details about the authentication used in this integration, see [Microsoft Integrations - Authentication](https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication). | |
| There are two application authentication methods available: | |
| Follow your preferred method's guide on how to use the admin consent flow in order to receive your authentication information: | |
| * [Cortex XSOAR Application](https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication#cortex-xsoar-application) | |
| * [Self-Deployed Application](https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication#self-deployed-application) | |
| For more details about the authentication used in this integration, see [Microsoft Integrations - Authentication](https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication). | |
- Subscription ID is not used during configuration - Fixed usage of wrong variable in query command
- The default values are not necessary and would make the conditionals for limits and paging more complex
JasBeilin
added
the
ready-for-instance-test
JasBeilin
approved these changes
Jul 8, 2024
JasBeilin
merged commit eae6336
into
demisto:contrib/PaloAltoNetworks_EXPANDR-7038
15 checks passed
|
Thank you for your contribution. Your external PR has been merged and the changes are now included in an internal PR for further review. The internal PR will be merged to the master branch within 3 business days. |
JasBeilin
added a commit
that referenced
this pull request
Jul 11, 2024
) * [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (#32121) * Add Pack ReadMe * Add integration * Add integration description, image, and secrets ignore file * Add metadata file and pack ignore * Add test files and tests first * Add Integration ReadMe * Update marketplaces * Update commands descriptions and output * Update secrets ignore * Resize image * Update integration yml commands * Update integration readme * Resize image * Address doc review and some design review comments * Update client credential flow section of ReadMe * Update list_operations_command to support a limit argument * Update azure-rg-list-operations in ReadMe * Update azure-rg-list-operations to support paging * Update azure-rg-query to support paging * Update tests * Remove Comments * Update integration configuration yml settings * Add management_groups & subscriptions parameters for query command * Add suggested changes from second review * Update Readme and Description from code review * Update integration files with code review suggestions * Update defaultValue key in YAML and docker version * Update section titles in YAML * Remove subscription_id from client and format - Subscription ID is not used during configuration - Fixed usage of wrong variable in query command * Remove DefaultValues - The default values are not necessary and would make the conditionals for limits and paging more complex * Update ReadMe * Formatting * Remove subscription_id from client in test file * Update tests and fix mypy errors * Update address mypy errors * Update README.md * Apply suggestions from code review * Update README.md --------- Co-authored-by: John <[email protected]> Co-authored-by: Jasmine Beilin <[email protected]>
maimorag
pushed a commit
that referenced
this pull request
Jul 16, 2024
) * [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (#32121) * Add Pack ReadMe * Add integration * Add integration description, image, and secrets ignore file * Add metadata file and pack ignore * Add test files and tests first * Add Integration ReadMe * Update marketplaces * Update commands descriptions and output * Update secrets ignore * Resize image * Update integration yml commands * Update integration readme * Resize image * Address doc review and some design review comments * Update client credential flow section of ReadMe * Update list_operations_command to support a limit argument * Update azure-rg-list-operations in ReadMe * Update azure-rg-list-operations to support paging * Update azure-rg-query to support paging * Update tests * Remove Comments * Update integration configuration yml settings * Add management_groups & subscriptions parameters for query command * Add suggested changes from second review * Update Readme and Description from code review * Update integration files with code review suggestions * Update defaultValue key in YAML and docker version * Update section titles in YAML * Remove subscription_id from client and format - Subscription ID is not used during configuration - Fixed usage of wrong variable in query command * Remove DefaultValues - The default values are not necessary and would make the conditionals for limits and paging more complex * Update ReadMe * Formatting * Remove subscription_id from client in test file * Update tests and fix mypy errors * Update address mypy errors * Update README.md * Apply suggestions from code review * Update README.md --------- Co-authored-by: John <[email protected]> Co-authored-by: Jasmine Beilin <[email protected]>
maimorag
added a commit
that referenced
this pull request
Jul 17, 2024
* change path to relative md files integrations A-D * fix docker * fix docker * fix docker * fix DS108 * ignore rm112 * fix ds108 * type annotation fix (#35317) * type annotation fix * RN * revert pack version bump * BmcITSM- fix duplicate incidents (#35192) * adding logs * adding a fix to the last ticket create time * adding unit test to demonstrate the bug * adding the fix+precommit_rn * adding reason * docker fix * add to known words * Update Packs/BmcITSM/ReleaseNotes/1_0_23.md Co-authored-by: Dan Tavori <[email protected]> * cr fix * cr note * cr note --------- Co-authored-by: Dan Tavori <[email protected]> * [CortexXpanse] Option to add tags to assets (#35111) (#35316) * change content * RN * update play * fix val error * Apply suggestions from code review * Apply suggestions from code review * John feedback * sasha recommendations * bump ver * removed (s) in survey title * update screenshot --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Anomali bug (#35060) * updated the authentication process, due to api changes * added rn * updated unit test * removed comment * updated do * Aws waf regions (#35276) * added more regions to the region param * added rn * added regions as args as well * updated docker image * Fix Fetch-Alerts Microsoft Defender for Cloud Apps (#35083) * fix the fetches issue * fix the fetches issue * RN * Update Packs/MicrosoftCloudAppSecurity/ReleaseNotes/2_2_1.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Bump google-cloud-compute from 1.19.0 to 1.19.1 (#35314) Bumps [google-cloud-compute](https://github.com/googleapis/google-cloud-python) from 1.19.0 to 1.19.1. - [Release notes](https://github.com/googleapis/google-cloud-python/releases) - [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md) - [Commits](googleapis/google-cloud-python@google-cloud-compute-v1.19.0...google-cloud-compute-v1.19.1) --- updated-dependencies: - dependency-name: google-cloud-compute dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Skip python2 not support csp test (#35328) * Skip python2 not supported test * [ASM] EXPANDR-9733 Cortex ASM Patching files (#35114) (#35332) * Patching ASM files * read me fix * add description * fixes * fixes * fixes * updated version * updated version * core pack dependency * added misc suggestions * added misc suggestions Co-authored-by: Chait A <[email protected]> * fix-ews-get-attachment (#35315) * fix-ews-get-attachment * add RN * rn * Fix for XSOAR automation insights dashboard (#35292) * added the relevant script to the metrics * added rn * fix * pre commit * fix * updated RN after revert * Update Packs/CommonDashboards/ReleaseNotes/1_7_4.md Co-authored-by: Sasha Sokolovich <[email protected]> --------- Co-authored-by: Sasha Sokolovich <[email protected]> * Fix modify edl playbook (#35338) * fix modify edl playbook * added rn * fixes * add type to set incident * fixes * Update Packs/EDL/Playbooks/Modify_EDL.yml * Update Packs/EDL/Playbooks/Modify_EDL.yml * fix * fix * fix * fix * fix * fix * Zimperuim_v2_playbook (#35259) * support for zimperium v2 * RN * update mapper * rn conflict * update docker ver * Fix misslocated images (#35339) * moved doc files * relocate * relocate * update readme * update dockers * added rn * fixes * update contribution team members. (#35330) * Update 1_34_26.md (#35343) * ipv6 regex fix (#35279) * ipv6 fix * docker * RN * RN * Bump pack from version CommonScripts to 1.15.23. * Bump pack from version CommonScripts to 1.15.24. * tests playbook * Update Packs/CommonScripts/ReleaseNotes/1_15_24.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CommonTypes/ReleaseNotes/3_5_7.md Co-authored-by: ShirleyDenkberg <[email protected]> * pb fix * Bump pack from version CommonScripts to 1.15.25. --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_5 (#35344) * Updated docker image to demisto/ansible-runner:1.0.0.102086. PR batch #1/1 (#35324) * Updated docker image to demisto/chromium:126.0.6478.102778. PR batch #1/1 (#35325) * Update release notes * [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_10 (#35346) * demisto/powershell:7.4.0.80528 | 0-100 | PR batch #1/1 (#35333) * Updated docker image to demisto/powershell:7.4.0.80528. PR batch #1/1 * fixes --------- Co-authored-by: [email protected] <[email protected]> * demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #2/2 (#35335) * Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #2/2 * fixes --------- Co-authored-by: [email protected] <[email protected]> * demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #1/2 (#35334) * Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #1/2 * fixes * fix * fix --------- Co-authored-by: [email protected] <[email protected]> * Updated docker image to demisto/python3-deb:3.11.9.102626. PR batch #1/1 (#35336) * Update release notes --------- Co-authored-by: [email protected] <[email protected]> * Tenable fetch bug (#35327) * fixed an issue with 404 error status code * added rn * Update Packs/Tenable_io/ReleaseNotes/2_2_5.md * Ciac 9706 (#34564) * Test for CIAC 10315 * Test for CIAC 10315 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * [CoreRESTApi] Fix httpMultipart loop (#35265) * init * bump version * [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_11 (#35352) * Replace PopularNews docker image to demisto/bs4-py3 * Update RN * increased the memo for EWS Public Folders Test (#35320) * CIAC-10305 Fortinet Fortigate XDM Modeling Enhancement (#35311) * sort xdm fields * sort schema fields * enrich modeling rules * update release notes * fix release notes * fix schema * update schema * fixes and refactoring * fix schema * remove source application mapping * update release-notes * update release-notes * update README.md * reformat fields on release notes * concise release note * fix schema * Rewrite Whois (#35050) * first commit * add yaml config * create test playbook, update docs, add ReleaseNotes * fix doc-review issues * demo issues * Change instance name for old test playbooks * update test playbook * cr issues * add abuse felid * Doc review * Akamai waf event collector missing and duplicated events issue (#35350) * fixes * added rn * fixes * test fixes * Update Packs/Akamai_SIEM/ReleaseNotes/1_1_5.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (#35326) * [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (#32121) * Add Pack ReadMe * Add integration * Add integration description, image, and secrets ignore file * Add metadata file and pack ignore * Add test files and tests first * Add Integration ReadMe * Update marketplaces * Update commands descriptions and output * Update secrets ignore * Resize image * Update integration yml commands * Update integration readme * Resize image * Address doc review and some design review comments * Update client credential flow section of ReadMe * Update list_operations_command to support a limit argument * Update azure-rg-list-operations in ReadMe * Update azure-rg-list-operations to support paging * Update azure-rg-query to support paging * Update tests * Remove Comments * Update integration configuration yml settings * Add management_groups & subscriptions parameters for query command * Add suggested changes from second review * Update Readme and Description from code review * Update integration files with code review suggestions * Update defaultValue key in YAML and docker version * Update section titles in YAML * Remove subscription_id from client and format - Subscription ID is not used during configuration - Fixed usage of wrong variable in query command * Remove DefaultValues - The default values are not necessary and would make the conditionals for limits and paging more complex * Update ReadMe * Formatting * Remove subscription_id from client in test file * Update tests and fix mypy errors * Update address mypy errors * Update README.md * Apply suggestions from code review * Update README.md --------- Co-authored-by: John <[email protected]> Co-authored-by: Jasmine Beilin <[email protected]> * DisplyHTMLWIthImages: fix embeded images (#35135) * potential fix * update RN * Bump pack from version CommonScripts to 1.15.20. * Bump pack from version CommonScripts to 1.15.21. * Bump pack from version CommonScripts to 1.15.22. * Bump pack from version CommonScripts to 1.15.23. * Bump pack from version CommonScripts to 1.15.24. * Bump pack from version CommonScripts to 1.15.25. * fix * pre commit fix * Bump pack from version CommonScripts to 1.15.26. * cr changes * CR changes --------- Co-authored-by: Content Bot <[email protected]> * Update docker ml (#35081) * updated docker * added the rest * devdemisto/ml:1.0.0.100486 * fix tpb * return on no incidents * remove runonce * remove space * fixed * fix create incidents script * new docker * revert: fix create incidents script * add outputs to DBotFindSimilarIncidents * new tpb DBotFindSimilarIncidents-test * new docker * bump transformers * Empty-Commit * fix conf.json * more fixes * more fixes * new docker * RN * new docker * revert dockers * more stuff * redirect stderr * docker * format * format * RN * more stuff * build fixes * build fixes * fix unit-tests * more docker changes * more docker changes * build fixes * suppress logger * build fixes * build fixes * Fix ruff in CofenseTriage (#35373) * fix ruff in CofenseTriage * test with infra * revert infra test * revert infra test * Raise armis event collector default limit (#35371) * raise limit * update rn * Update Packs/Armis/Integrations/ArmisEventCollector/ArmisEventCollector_description.md Co-authored-by: Judah Schwartz <[email protected]> * fixes * fixes * fixes * update docker --------- Co-authored-by: Judah Schwartz <[email protected]> * Fix for 'Search For Hash In Sandbox - Generic' playbook (#35354) * Fix for 'Search For Hash In Sandbox - Generic' playbook * revert unnecessary changes made by 'generate-docs' command * Update playbook-Search_For_Hash_In_Sandbox_-_Generic.yml revert unnecessary changes made by 'format' command * Update playbook-Search_For_Hash_In_Sandbox_-_Generic.yml revert unnecessary changes made by 'format' command * RN * changed the context path checked in task number 45 * CrowdStrike Falcon - Raptor release (#34805) * configuration changes * rn * deprecation * readme deprecation * resolve-identity-detection * test * fix conflict * cs-falcon-search-detection * unit test * !cs-falcon-resolve-detection * cs-falcon-list-detection-summaries * fix the filter * fix * fix tests * fixes * fix * add CrowdStrike.Detections.behaviors.behavior_id * fix outputs of list-detection-summaries * finally outputs for cs-falcon-list-detection-summaries * test * fetch * mirroring * existing fetch * new fetch * add tests * revert unnecessary changes in the mapper * fix the query * fix * fis tests * last mapper * fix mapper * mirroring of new type * fixes from cr * fix * remove the raptor from the tests * fix tests * fixes * fix old mapper * legacy * RN * rn * metadata * pre commit * build fixes * build fixes #2 * Apply suggestions from code review Shirley fixes Co-authored-by: ShirleyDenkberg <[email protected]> * More from Shirley Co-authored-by: ShirleyDenkberg <[email protected]> * cr * cr * format * adding testing the parameters * Bump pack from version CommonTypes to 3.5.8. * fix test * cr * logs * fix a mistake * pre commit * RN * fix rn * fix rn * fix validate errors * fix test playbook * pre commit * format * RN * change output * fix test playbook --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Content Bot <[email protected]> * [Google Threat Intelligence] Add curated collections commands and improve polling commands (#35376) * [Google Threat Intelligence] Add curated collections commands and improve polling commands (#35348) * [GoogleThreatIntelligence] Add GTI assessment to polling commands * Lint * Add curated collections commands * Add test * Lint * Lint * Update release note * Add Feed Integration * Lint * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.py Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.yml Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds_description.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md Co-authored-by: Daniel Pascual <[email protected]> * Include feed type in table * Incremental feed * Delete feed integration * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: Daniel Pascual <[email protected]> * Update yml * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: israelpoli <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py Co-authored-by: israelpoli <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py Co-authored-by: israelpoli <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py Co-authored-by: israelpoli <[email protected]> --------- Co-authored-by: Daniel Pascual <[email protected]> Co-authored-by: israelpoli <[email protected]> * add docs for commands --------- Co-authored-by: Pablo Pérez <[email protected]> Co-authored-by: Daniel Pascual <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: ipolishuk <[email protected]> * Fix SNOW files mirroring issue (#35298) * fix XSUP-37069 * fix XSUP-37069 * fix * CR fix * remove prints * docker update * XSUP-38544/DisplayHtmlWithImages/fix_text_color (#35367) * Updated the html text color to black * updated release notes * ruff on test file * Update Packs/CommonScripts/ReleaseNotes/1_15_26.md Co-authored-by: Binat Ziser <[email protected]> * fixed cr notes * fix conflicts * updated RN * updated RN * updated RN * updated RN --------- Co-authored-by: Binat Ziser <[email protected]> * remove IN150 from validation_config.toml (#35378) * remove IN150 and IN161 from validation_config.toml * bring IN161 back * Update docker mlurlphishing (#35272) * init * new docker * add tpb * update docker * update RN * Bump pack from version CommonScripts to 1.15.28. --------- Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: Content Bot <[email protected]> * Ciac 10278 pat enhancement (#35345) * Fix fields * Add docs * Revert docs * Update README.md * Address pre-commit * Address validations * Remove redundant field * Address pre-commit * Fix imports * Fix imports * Ignore ruff * [Demisto Lock] add `polling_interval` to `demisto-lock-get` command (#35374) * Add new polling_interval * Update RN * Add Wizard for Prisma Compliance usecase (#35296) * Add Wizard for Prisma Compliance usecase * Update wizard name * Add second playbook * Update wizard json * Remove sandbox section * Update min_required dependency * Update supporting integrations * Update release notes * Update fetching integration name * Fix integration name in description * Add support for [Get/Export/Release]-QuarantineMessage to EWSO PS v3 (#35267) (#35387) * Add support for [Get/Export/Release]-QuarantineMessage to EWSO PS v3 * Remove unused params from EwsExtensionEXOPowershellV3 * Convert true/false values to boolean for *-QuarantineMessage commands in EWSOv3 * Streamline outputs of *-QuarantineMessage for EwsExtensionEXOPowershellV3 * Update EWSOv3 README.md * Disallow PSObjects to return $null * Fix context path in README.md * Fix table in README.md * Standardise quotes in EwsExtensionEXOPowershellV3.yml * Update EWSOv3 README.md * Update documentation * Exit ExoReleaseQuarantineMessage when identity or identities not present * Update content pack to 1.4.0 * Fix integration name in 1_4_0.md Co-authored-by: Aster Bandis <[email protected]> * PrismaCloud V2 dashboard update (#35106) (#35369) * prismaCloud dashboard update adding sourcebrand for prismacloud v2 to the dashboard to include incidents from that integration. * Update 4_3_7.md updating to catch the syntax issues in release notes * Update 4_3_7.md updated release notes * Update 4_3_7.md release notes update * Update Packs/PrismaCloud/ReleaseNotes/4_3_7.md --------- Co-authored-by: epartington <[email protected]> Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: samuelFain <[email protected]> * Ciac 5471 exabeam fetch users (#34900) * add section to yml * add command fetch_notable_users * fix referenced before assignment * format * fix fetch_notable_users * fix set_integration_context * clear TODO * add reset-notable-users-cached and classifier * add Exabeam Notable User to IncidentFields * add incident layout mapper and type * add limit to context * pre commit * rename pack & integration * add incidentType to mapping * update layout * rename incident field * add UT * update dockerimage * update layout & release note * Merge branch 'master' of github.com:demisto/content into ciac-5471-exabeam-fetch-users * add checkbox fetch_user_duplicates * replace name parameter Fetch user duplicates * release notes * fix name of filed * fix incidentfield * ReleaseNotes * IncidentFields * peck metadata * ReleaseNotes * rename incident fide in mapper * return name incident fide * mapping * ReleaseNotes * add filed to mapping * add Multi Select type fetch * fix UT * save in last run instead of context * - dev * fix layout * try to fix GR103 * fix in ReleaseNotes * ReleaseNotes * document review * Bump pack from version CommonTypes to 3.5.7. * document review * remove command reset-notable-users-cached * update readme about the fetch * Fix from CR * Add validation for interval * update docker * Updated Docker image in ReleaseNotes * Bump pack from version CommonTypes to 3.5.8. * add test to test_module * Bump pack from version CommonTypes to 3.5.9. * fix time_period --------- Co-authored-by: Content Bot <[email protected]> * [Marketplace Contribution] Common Scripts - Content Pack Update (#35178) * [Marketplace Contribution] Common Scripts - Content Pack Update (#35115) * "contribution update to pack 'Common Scripts'" * pack resubmitted --------- Co-authored-by: Jacob Levy <[email protected]> * add typing * add typing * more fixes * more fixes * more fixes * more fixes * more stuff * build fixes * build fixes * UTs complete * docs * marketplace selection * RN * docker * Bump pack from version CommonScripts to 1.15.29. --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: jlevypaloalto <[email protected]> Co-authored-by: Content Bot <[email protected]> * Xsup 39381 joesecurity file value (#35408) * Changed indicator to be sha256 * fixed ut * added rn * Bumped docker * Bumped RN * Bumped dicker * Update Packs/JoeSecurity/ReleaseNotes/1_1_23.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Fix CS Falcon Reopen Statuses parameter doesn't have any value (#35366) * allow empty reopen status list * RN * fixed a test * Update Packs/CrowdStrikeFalcon/ReleaseNotes/1_13_14.md Co-authored-by: Shelly Tzohar <[email protected]> --------- Co-authored-by: Shelly Tzohar <[email protected]> * Revert "checking ignore rm108 (#35291)" (#35318) This reverts commit 238b27d. * poetry files (#35419) Co-authored-by: Content Bot <[email protected]> * remove /n in html (#35381) * fix * rn_pa * reply fix * fix rn * Bump pack from version MicrosoftExchangeOnline to 1.4.1. * docker-image * rn --------- Co-authored-by: Content Bot <[email protected]> * [Marketplace Contribution] Common Scripts - Content Pack Update (#35407) * [Marketplace Contribution] Common Scripts - Content Pack Update (#35297) * "contribution update to pack 'Common Scripts'" * resolved rebase conflicts --------- Co-authored-by: israelpoli <[email protected]> * add TPB * resolve conflicts * add TPB to conf.json and yml file * Bump pack from version CommonScripts to 1.15.30. * commit * remove new tpb from conf json --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: ipolishuk <[email protected]> Co-authored-by: Content Bot <[email protected]> * SplunkPy: fix bug in drilldown enrichemnt (#35368) * fix + RN * fix pre commit * Apply suggestions from code review Co-authored-by: Shachar Kidor <[email protected]> --------- Co-authored-by: Shachar Kidor <[email protected]> * Cisco ASA CRTX-121323 Invert Peer Direction Roles on relevant Teardown Events (#35380) * apply network peers direction swap on teardown * minor-fixes * update release-notes * update release-notes * reformat README.md * Update Packs/CiscoASA/ReleaseNotes/1_1_7.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Un-skip the ruff hook for autoupdate docker PRs (#35413) * Un-skipped the ruff hook for autoupdate docker PRs * Un-skipped the pytest-network-in-docker hook for autoupdate docker prs * added to pack ignore the validation MR108 for Tenable_io.yml (#35415) * added to pack ignore the validation MR108 for Tenable_io.yml --------- Co-authored-by: noy <nodavidi.paloaltonetworks.com> * update feed-performance-test docker (#35423) * update feed-performance-test docker * fix DS108 * Lookup CSV output fix (#35418) * Added the outputs LookupCSV.Result * Added release notes * Updated readme file * Fixed validation * CR Fix * Bump pack from version CommonScripts to 1.15.31. * CR Fix --------- Co-authored-by: Content Bot <[email protected]> * Ewso365 bug (#35351) * fixed an issue where re-registering a header failed * added rn * edited the unittest * Bump pack from version MicrosoftExchangeOnline to 1.4.1. * fixed conflict in rn --------- Co-authored-by: Content Bot <[email protected]> * CIAC-9928 - OpenLDAP ad-entries-search (#35165) * started implementing ad-entries-search * yml and finished implemntation * finished implementing ad-entries-search * finished implementing ad-entries-search * and for provided filters * updated yml * readme * pr comments * pr comments * pr comments * pr comments * pr comments * unitests * readme * Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * added doc string to tests --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> * Update ml dockers (#35422) * update ml dockers * bump RN * fix_azure_sc_tpb (#35428) * fixed the tpb * fixed the names * sdk format * bug - MD EC added debug logs (#35425) * bug - MD EC added debug logs * fix pre-commit * more logs * fix logs * Update MicrosoftDefenderEventCollector.py --------- Co-authored-by: rshunim <[email protected]> Co-authored-by: rshunim <[email protected]> * Yc/carbon black/ciac 9132 (#35202) * Existing commands migration to the new endpoints * cbd-find-processes polling command added * added cbd-find-observation-details polling command * new version all existing commands including polling commands * added validations for required args, and cleaning * device commands added * added docs string in client functions * added docs string to all comands * description file added * mapper updated to the new response format * docs and type ignore * update and set policy commands added * done * readme file added for all commands * Migration notes added * removed -dev * test file with all commands tests * fixed build * added RN and tests * pre-commit * pre commit * format * added release note and updated docker image * rewrite * handle priority_level in CamelCase arg * docs review * docs review * deleted unneeded duplicates * Update Packs/CarbonBlackDefense/ReleaseNotes/4_0_0.md Co-authored-by: JudithB <[email protected]> * format fixed --------- Co-authored-by: JudithB <[email protected]> * add ThreatCrowd to skipped (#35433) * Update logo to align to common prisma cloud logo (#35322) * Update logo to align to common prisma cloud logo (#35113) Updated logo to align to common prisma cloud logo * bump docker version. * RN change. * Bump pack from version PrismaCloud to 4.3.8. --------- Co-authored-by: epartington <[email protected]> Co-authored-by: Danny_Fried <[email protected]> Co-authored-by: Content Bot <[email protected]> * Impartner community pack (#35430) * [ThreatConnectV3] Support Python 3.11 (#35432) * fix * RN * Adding a command to add VM to cleanroom recovery group and changing the integration name (#35229) (#35411) * Changes * Add VM to cleanroom recovery group Adding command to add VM to cleanroom recovery group * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Update pack_metadata.json * remove commented code Co-authored-by: Cv-securityIQ <[email protected]> * Add new parameters for Sophos Central API (#35357) (#35412) * Add new parameters for Sophos Central API * Add contributors file * Increase version and add release notes * Update docker image * Optimize ip address parameter routine * Use argToList function * Update release notes to represent changes * Use argToBoolean for boolean parameter * Set default value for argToBoolean Co-authored-by: Nik Stuckenbrock <[email protected]> * Fix dynammo tpb (#35406) * fix-tpb * delete-from-skipped-tests * delete hard coded * Update Packs/AWS_DynamoDB/TestPlaybooks/playbook-AWS-DynamoDB-Test.yml Co-authored-by: tkatzir <[email protected]> --------- Co-authored-by: tkatzir <[email protected]> * CIAC-10816-Bitwarden-Password-Manager-Event-Collector (#35191) * init * stash * auth, fetch events * wip * wip * add fetch, and get with start and end * update yml file * add comment * fix main function * Update Packs/BitwardenPasswordManager/pack_metadata.json Co-authored-by: Dan Tavori <[email protected]> * wip * wip * Update Packs/BitwardenPasswordManager/pack_metadata.json Co-authored-by: Dan Tavori <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml Co-authored-by: Dan Tavori <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml Co-authored-by: Dan Tavori <[email protected]> * add readme and description * remove end date, update category * combine get_events to fetch_events * wip * remove logs * update readme * add image * fixing readability * use last fetch as start time * add end time to params * add end time to params * fix start+end time * remove event collector naming * add get_unique_events * fix types * wip * wip * wip * pr fixes * wip * add docstring to fetch_events * add pack readme * update readme * add unit tests * fix defaults dates format * pre commit changes * ignore IN150 validation * upgrade docker image * add nmock api url to secret ignore * ran format * add debug command * pre-commit changes * remove debug command * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: Dan Tavori <[email protected]> * change category * fix pack readme --------- Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * fix fetch-incidents returns duplicates bug (#35424) * fix bug and testing and readme * readme * release notes * change argument name * pre commit * code review fixes * more code review fixes * limit+1 * shirly fixes and changed sort field * remove the dev * run pre commit * last fixes * typo fixes * rename splunk host display name (#35431) * rename splunk host display name * update code and readme * test * bug - ansible dockerimage revert (#35442) * bug - ansible dockerimage revert * format * Update 1_0_7.md * fix (#35414) Co-authored-by: Yuval Hayun <[email protected]> * [ASM] - EXPANDER - 10154 Service Ownership Playbook ASM ServiceOwners and Ranking Score Fix (#35388) * [ASM] - EXPANDER - 10154 Service Ownership Playbook ASM ServiceOwners and Ranking Score Fix (#35091) * Update RankServiceOwners task to check that "accounttype" does not exist for service owners * Update release notes * Update RankServiceOwners task owners argument * Update Ranking Score key in asmserviceowner field * Update ReadMe * Update ReadMe * Update release notes * Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md Co-authored-by: ShirleyDenkberg <[email protected]> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update release notes * Update Release Version --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * RN add desc under Incident Fields --------- Co-authored-by: John <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Danny_Fried <[email protected]> * Cyberark Endpoint bug (#35275) * added logs * edit * added support to platform url * removed test integration * fixed applying the update * edited unittests --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: barryyosi-panw <[email protected]> Co-authored-by: darbel <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chait A <[email protected]> Co-authored-by: Tal Carmeli <[email protected]> Co-authored-by: Karina Fishman <[email protected]> Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: OmriItzhak <[email protected]> Co-authored-by: Danny Fried <[email protected]> Co-authored-by: Dror Avrahami <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: samuelFain <[email protected]> Co-authored-by: [email protected] <[email protected]> Co-authored-by: Edi Katsenelson <[email protected]> Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: cweltPA <[email protected]> Co-authored-by: azonenfeld <[email protected]> Co-authored-by: John <[email protected]> Co-authored-by: Jasmine Beilin <[email protected]> Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: Judah Schwartz <[email protected]> Co-authored-by: TalNos <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: Pablo Pérez <[email protected]> Co-authored-by: Daniel Pascual <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: ipolishuk <[email protected]> Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: Binat Ziser <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: Tal Zichlinsky <[email protected]> Co-authored-by: Erez FelmanDar <[email protected]> Co-authored-by: Aster Bandis <[email protected]> Co-authored-by: epartington <[email protected]> Co-authored-by: YairGlik <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: jlevypaloalto <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: RotemAmit <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]> Co-authored-by: Shachar Kidor <[email protected]> Co-authored-by: noydavidi <[email protected]> Co-authored-by: Maya Goldman <[email protected]> Co-authored-by: MLainer1 <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: yedidyacohenpalo <[email protected]> Co-authored-by: JudithB <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: Cv-securityIQ <[email protected]> Co-authored-by: Nik Stuckenbrock <[email protected]> Co-authored-by: tkatzir <[email protected]> Co-authored-by: ilaredo <[email protected]> Co-authored-by: Yael Shamai <[email protected]>
xsoar-bot
pushed a commit
to xsoar-contrib/content
that referenced
this pull request
Sep 10, 2024
…isto#35326) * [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (demisto#32121) * Add Pack ReadMe * Add integration * Add integration description, image, and secrets ignore file * Add metadata file and pack ignore * Add test files and tests first * Add Integration ReadMe * Update marketplaces * Update commands descriptions and output * Update secrets ignore * Resize image * Update integration yml commands * Update integration readme * Resize image * Address doc review and some design review comments * Update client credential flow section of ReadMe * Update list_operations_command to support a limit argument * Update azure-rg-list-operations in ReadMe * Update azure-rg-list-operations to support paging * Update azure-rg-query to support paging * Update tests * Remove Comments * Update integration configuration yml settings * Add management_groups & subscriptions parameters for query command * Add suggested changes from second review * Update Readme and Description from code review * Update integration files with code review suggestions * Update defaultValue key in YAML and docker version * Update section titles in YAML * Remove subscription_id from client and format - Subscription ID is not used during configuration - Fixed usage of wrong variable in query command * Remove DefaultValues - The default values are not necessary and would make the conditionals for limits and paging more complex * Update ReadMe * Formatting * Remove subscription_id from client in test file * Update tests and fix mypy errors * Update address mypy errors * Update README.md * Apply suggestions from code review * Update README.md --------- Co-authored-by: John <[email protected]> Co-authored-by: Jasmine Beilin <[email protected]>
xsoar-bot
added a commit
to xsoar-contrib/content
that referenced
this pull request
Sep 10, 2024
* change path to relative md files integrations A-D * fix docker * fix docker * fix docker * fix DS108 * ignore rm112 * fix ds108 * type annotation fix (demisto#35317) * type annotation fix * RN * revert pack version bump * BmcITSM- fix duplicate incidents (demisto#35192) * adding logs * adding a fix to the last ticket create time * adding unit test to demonstrate the bug * adding the fix+precommit_rn * adding reason * docker fix * add to known words * Update Packs/BmcITSM/ReleaseNotes/1_0_23.md Co-authored-by: Dan Tavori <[email protected]> * cr fix * cr note * cr note --------- Co-authored-by: Dan Tavori <[email protected]> * [CortexXpanse] Option to add tags to assets (demisto#35111) (demisto#35316) * change content * RN * update play * fix val error * Apply suggestions from code review * Apply suggestions from code review * John feedback * sasha recommendations * bump ver * removed (s) in survey title * update screenshot --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Anomali bug (demisto#35060) * updated the authentication process, due to api changes * added rn * updated unit test * removed comment * updated do * Aws waf regions (demisto#35276) * added more regions to the region param * added rn * added regions as args as well * updated docker image * Fix Fetch-Alerts Microsoft Defender for Cloud Apps (demisto#35083) * fix the fetches issue * fix the fetches issue * RN * Update Packs/MicrosoftCloudAppSecurity/ReleaseNotes/2_2_1.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Bump google-cloud-compute from 1.19.0 to 1.19.1 (demisto#35314) Bumps [google-cloud-compute](https://github.com/googleapis/google-cloud-python) from 1.19.0 to 1.19.1. - [Release notes](https://github.com/googleapis/google-cloud-python/releases) - [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md) - [Commits](googleapis/google-cloud-python@google-cloud-compute-v1.19.0...google-cloud-compute-v1.19.1) --- updated-dependencies: - dependency-name: google-cloud-compute dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Skip python2 not support csp test (demisto#35328) * Skip python2 not supported test * [ASM] EXPANDR-9733 Cortex ASM Patching files (demisto#35114) (demisto#35332) * Patching ASM files * read me fix * add description * fixes * fixes * fixes * updated version * updated version * core pack dependency * added misc suggestions * added misc suggestions Co-authored-by: Chait A <[email protected]> * fix-ews-get-attachment (demisto#35315) * fix-ews-get-attachment * add RN * rn * Fix for XSOAR automation insights dashboard (demisto#35292) * added the relevant script to the metrics * added rn * fix * pre commit * fix * updated RN after revert * Update Packs/CommonDashboards/ReleaseNotes/1_7_4.md Co-authored-by: Sasha Sokolovich <[email protected]> --------- Co-authored-by: Sasha Sokolovich <[email protected]> * Fix modify edl playbook (demisto#35338) * fix modify edl playbook * added rn * fixes * add type to set incident * fixes * Update Packs/EDL/Playbooks/Modify_EDL.yml * Update Packs/EDL/Playbooks/Modify_EDL.yml * fix * fix * fix * fix * fix * fix * Zimperuim_v2_playbook (demisto#35259) * support for zimperium v2 * RN * update mapper * rn conflict * update docker ver * Fix misslocated images (demisto#35339) * moved doc files * relocate * relocate * update readme * update dockers * added rn * fixes * update contribution team members. (demisto#35330) * Update 1_34_26.md (demisto#35343) * ipv6 regex fix (demisto#35279) * ipv6 fix * docker * RN * RN * Bump pack from version CommonScripts to 1.15.23. * Bump pack from version CommonScripts to 1.15.24. * tests playbook * Update Packs/CommonScripts/ReleaseNotes/1_15_24.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CommonTypes/ReleaseNotes/3_5_7.md Co-authored-by: ShirleyDenkberg <[email protected]> * pb fix * Bump pack from version CommonScripts to 1.15.25. --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_5 (demisto#35344) * Updated docker image to demisto/ansible-runner:1.0.0.102086. PR batch #1/1 (demisto#35324) * Updated docker image to demisto/chromium:126.0.6478.102778. PR batch #1/1 (demisto#35325) * Update release notes * [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_10 (demisto#35346) * demisto/powershell:7.4.0.80528 | 0-100 | PR batch #1/1 (demisto#35333) * Updated docker image to demisto/powershell:7.4.0.80528. PR batch #1/1 * fixes --------- Co-authored-by: [email protected] <[email protected]> * demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #2/2 (demisto#35335) * Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #2/2 * fixes --------- Co-authored-by: [email protected] <[email protected]> * demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #1/2 (demisto#35334) * Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #1/2 * fixes * fix * fix --------- Co-authored-by: [email protected] <[email protected]> * Updated docker image to demisto/python3-deb:3.11.9.102626. PR batch #1/1 (demisto#35336) * Update release notes --------- Co-authored-by: [email protected] <[email protected]> * Tenable fetch bug (demisto#35327) * fixed an issue with 404 error status code * added rn * Update Packs/Tenable_io/ReleaseNotes/2_2_5.md * Ciac 9706 (demisto#34564) * Test for CIAC 10315 * Test for CIAC 10315 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * [CoreRESTApi] Fix httpMultipart loop (demisto#35265) * init * bump version * [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_11 (demisto#35352) * Replace PopularNews docker image to demisto/bs4-py3 * Update RN * increased the memo for EWS Public Folders Test (demisto#35320) * CIAC-10305 Fortinet Fortigate XDM Modeling Enhancement (demisto#35311) * sort xdm fields * sort schema fields * enrich modeling rules * update release notes * fix release notes * fix schema * update schema * fixes and refactoring * fix schema * remove source application mapping * update release-notes * update release-notes * update README.md * reformat fields on release notes * concise release note * fix schema * Rewrite Whois (demisto#35050) * first commit * add yaml config * create test playbook, update docs, add ReleaseNotes * fix doc-review issues * demo issues * Change instance name for old test playbooks * update test playbook * cr issues * add abuse felid * Doc review * Akamai waf event collector missing and duplicated events issue (demisto#35350) * fixes * added rn * fixes * test fixes * Update Packs/Akamai_SIEM/ReleaseNotes/1_1_5.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (demisto#35326) * [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (demisto#32121) * Add Pack ReadMe * Add integration * Add integration description, image, and secrets ignore file * Add metadata file and pack ignore * Add test files and tests first * Add Integration ReadMe * Update marketplaces * Update commands descriptions and output * Update secrets ignore * Resize image * Update integration yml commands * Update integration readme * Resize image * Address doc review and some design review comments * Update client credential flow section of ReadMe * Update list_operations_command to support a limit argument * Update azure-rg-list-operations in ReadMe * Update azure-rg-list-operations to support paging * Update azure-rg-query to support paging * Update tests * Remove Comments * Update integration configuration yml settings * Add management_groups & subscriptions parameters for query command * Add suggested changes from second review * Update Readme and Description from code review * Update integration files with code review suggestions * Update defaultValue key in YAML and docker version * Update section titles in YAML * Remove subscription_id from client and format - Subscription ID is not used during configuration - Fixed usage of wrong variable in query command * Remove DefaultValues - The default values are not necessary and would make the conditionals for limits and paging more complex * Update ReadMe * Formatting * Remove subscription_id from client in test file * Update tests and fix mypy errors * Update address mypy errors * Update README.md * Apply suggestions from code review * Update README.md --------- Co-authored-by: John <[email protected]> Co-authored-by: Jasmine Beilin <[email protected]> * DisplyHTMLWIthImages: fix embeded images (demisto#35135) * potential fix * update RN * Bump pack from version CommonScripts to 1.15.20. * Bump pack from version CommonScripts to 1.15.21. * Bump pack from version CommonScripts to 1.15.22. * Bump pack from version CommonScripts to 1.15.23. * Bump pack from version CommonScripts to 1.15.24. * Bump pack from version CommonScripts to 1.15.25. * fix * pre commit fix * Bump pack from version CommonScripts to 1.15.26. * cr changes * CR changes --------- Co-authored-by: Content Bot <[email protected]> * Update docker ml (demisto#35081) * updated docker * added the rest * devdemisto/ml:1.0.0.100486 * fix tpb * return on no incidents * remove runonce * remove space * fixed * fix create incidents script * new docker * revert: fix create incidents script * add outputs to DBotFindSimilarIncidents * new tpb DBotFindSimilarIncidents-test * new docker * bump transformers * Empty-Commit * fix conf.json * more fixes * more fixes * new docker * RN * new docker * revert dockers * more stuff * redirect stderr * docker * format * format * RN * more stuff * build fixes * build fixes * fix unit-tests * more docker changes * more docker changes * build fixes * suppress logger * build fixes * build fixes * Fix ruff in CofenseTriage (demisto#35373) * fix ruff in CofenseTriage * test with infra * revert infra test * revert infra test * Raise armis event collector default limit (demisto#35371) * raise limit * update rn * Update Packs/Armis/Integrations/ArmisEventCollector/ArmisEventCollector_description.md Co-authored-by: Judah Schwartz <[email protected]> * fixes * fixes * fixes * update docker --------- Co-authored-by: Judah Schwartz <[email protected]> * Fix for 'Search For Hash In Sandbox - Generic' playbook (demisto#35354) * Fix for 'Search For Hash In Sandbox - Generic' playbook * revert unnecessary changes made by 'generate-docs' command * Update playbook-Search_For_Hash_In_Sandbox_-_Generic.yml revert unnecessary changes made by 'format' command * Update playbook-Search_For_Hash_In_Sandbox_-_Generic.yml revert unnecessary changes made by 'format' command * RN * changed the context path checked in task number 45 * CrowdStrike Falcon - Raptor release (demisto#34805) * configuration changes * rn * deprecation * readme deprecation * resolve-identity-detection * test * fix conflict * cs-falcon-search-detection * unit test * !cs-falcon-resolve-detection * cs-falcon-list-detection-summaries * fix the filter * fix * fix tests * fixes * fix * add CrowdStrike.Detections.behaviors.behavior_id * fix outputs of list-detection-summaries * finally outputs for cs-falcon-list-detection-summaries * test * fetch * mirroring * existing fetch * new fetch * add tests * revert unnecessary changes in the mapper * fix the query * fix * fis tests * last mapper * fix mapper * mirroring of new type * fixes from cr * fix * remove the raptor from the tests * fix tests * fixes * fix old mapper * legacy * RN * rn * metadata * pre commit * build fixes * build fixes #2 * Apply suggestions from code review Shirley fixes Co-authored-by: ShirleyDenkberg <[email protected]> * More from Shirley Co-authored-by: ShirleyDenkberg <[email protected]> * cr * cr * format * adding testing the parameters * Bump pack from version CommonTypes to 3.5.8. * fix test * cr * logs * fix a mistake * pre commit * RN * fix rn * fix rn * fix validate errors * fix test playbook * pre commit * format * RN * change output * fix test playbook --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Content Bot <[email protected]> * [Google Threat Intelligence] Add curated collections commands and improve polling commands (demisto#35376) * [Google Threat Intelligence] Add curated collections commands and improve polling commands (demisto#35348) * [GoogleThreatIntelligence] Add GTI assessment to polling commands * Lint * Add curated collections commands * Add test * Lint * Lint * Update release note * Add Feed Integration * Lint * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.py Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.yml Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds_description.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md Co-authored-by: Daniel Pascual <[email protected]> * Include feed type in table * Incremental feed * Delete feed integration * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: Daniel Pascual <[email protected]> * Update yml * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: israelpoli <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py Co-authored-by: israelpoli <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py Co-authored-by: israelpoli <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py Co-authored-by: israelpoli <[email protected]> --------- Co-authored-by: Daniel Pascual <[email protected]> Co-authored-by: israelpoli <[email protected]> * add docs for commands --------- Co-authored-by: Pablo Pérez <[email protected]> Co-authored-by: Daniel Pascual <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: ipolishuk <[email protected]> * Fix SNOW files mirroring issue (demisto#35298) * fix XSUP-37069 * fix XSUP-37069 * fix * CR fix * remove prints * docker update * XSUP-38544/DisplayHtmlWithImages/fix_text_color (demisto#35367) * Updated the html text color to black * updated release notes * ruff on test file * Update Packs/CommonScripts/ReleaseNotes/1_15_26.md Co-authored-by: Binat Ziser <[email protected]> * fixed cr notes * fix conflicts * updated RN * updated RN * updated RN * updated RN --------- Co-authored-by: Binat Ziser <[email protected]> * remove IN150 from validation_config.toml (demisto#35378) * remove IN150 and IN161 from validation_config.toml * bring IN161 back * Update docker mlurlphishing (demisto#35272) * init * new docker * add tpb * update docker * update RN * Bump pack from version CommonScripts to 1.15.28. --------- Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: Content Bot <[email protected]> * Ciac 10278 pat enhancement (demisto#35345) * Fix fields * Add docs * Revert docs * Update README.md * Address pre-commit * Address validations * Remove redundant field * Address pre-commit * Fix imports * Fix imports * Ignore ruff * [Demisto Lock] add `polling_interval` to `demisto-lock-get` command (demisto#35374) * Add new polling_interval * Update RN * Add Wizard for Prisma Compliance usecase (demisto#35296) * Add Wizard for Prisma Compliance usecase * Update wizard name * Add second playbook * Update wizard json * Remove sandbox section * Update min_required dependency * Update supporting integrations * Update release notes * Update fetching integration name * Fix integration name in description * Add support for [Get/Export/Release]-QuarantineMessage to EWSO PS v3 (demisto#35267) (demisto#35387) * Add support for [Get/Export/Release]-QuarantineMessage to EWSO PS v3 * Remove unused params from EwsExtensionEXOPowershellV3 * Convert true/false values to boolean for *-QuarantineMessage commands in EWSOv3 * Streamline outputs of *-QuarantineMessage for EwsExtensionEXOPowershellV3 * Update EWSOv3 README.md * Disallow PSObjects to return $null * Fix context path in README.md * Fix table in README.md * Standardise quotes in EwsExtensionEXOPowershellV3.yml * Update EWSOv3 README.md * Update documentation * Exit ExoReleaseQuarantineMessage when identity or identities not present * Update content pack to 1.4.0 * Fix integration name in 1_4_0.md Co-authored-by: Aster Bandis <[email protected]> * PrismaCloud V2 dashboard update (demisto#35106) (demisto#35369) * prismaCloud dashboard update adding sourcebrand for prismacloud v2 to the dashboard to include incidents from that integration. * Update 4_3_7.md updating to catch the syntax issues in release notes * Update 4_3_7.md updated release notes * Update 4_3_7.md release notes update * Update Packs/PrismaCloud/ReleaseNotes/4_3_7.md --------- Co-authored-by: epartington <[email protected]> Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: samuelFain <[email protected]> * Ciac 5471 exabeam fetch users (demisto#34900) * add section to yml * add command fetch_notable_users * fix referenced before assignment * format * fix fetch_notable_users * fix set_integration_context * clear TODO * add reset-notable-users-cached and classifier * add Exabeam Notable User to IncidentFields * add incident layout mapper and type * add limit to context * pre commit * rename pack & integration * add incidentType to mapping * update layout * rename incident field * add UT * update dockerimage * update layout & release note * Merge branch 'master' of github.com:demisto/content into ciac-5471-exabeam-fetch-users * add checkbox fetch_user_duplicates * replace name parameter Fetch user duplicates * release notes * fix name of filed * fix incidentfield * ReleaseNotes * IncidentFields * peck metadata * ReleaseNotes * rename incident fide in mapper * return name incident fide * mapping * ReleaseNotes * add filed to mapping * add Multi Select type fetch * fix UT * save in last run instead of context * - dev * fix layout * try to fix GR103 * fix in ReleaseNotes * ReleaseNotes * document review * Bump pack from version CommonTypes to 3.5.7. * document review * remove command reset-notable-users-cached * update readme about the fetch * Fix from CR * Add validation for interval * update docker * Updated Docker image in ReleaseNotes * Bump pack from version CommonTypes to 3.5.8. * add test to test_module * Bump pack from version CommonTypes to 3.5.9. * fix time_period --------- Co-authored-by: Content Bot <[email protected]> * [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35178) * [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35115) * "contribution update to pack 'Common Scripts'" * pack resubmitted --------- Co-authored-by: Jacob Levy <[email protected]> * add typing * add typing * more fixes * more fixes * more fixes * more fixes * more stuff * build fixes * build fixes * UTs complete * docs * marketplace selection * RN * docker * Bump pack from version CommonScripts to 1.15.29. --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: jlevypaloalto <[email protected]> Co-authored-by: Content Bot <[email protected]> * Xsup 39381 joesecurity file value (demisto#35408) * Changed indicator to be sha256 * fixed ut * added rn * Bumped docker * Bumped RN * Bumped dicker * Update Packs/JoeSecurity/ReleaseNotes/1_1_23.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Fix CS Falcon Reopen Statuses parameter doesn't have any value (demisto#35366) * allow empty reopen status list * RN * fixed a test * Update Packs/CrowdStrikeFalcon/ReleaseNotes/1_13_14.md Co-authored-by: Shelly Tzohar <[email protected]> --------- Co-authored-by: Shelly Tzohar <[email protected]> * Revert "checking ignore rm108 (demisto#35291)" (demisto#35318) This reverts commit 238b27d. * poetry files (demisto#35419) Co-authored-by: Content Bot <[email protected]> * remove /n in html (demisto#35381) * fix * rn_pa * reply fix * fix rn * Bump pack from version MicrosoftExchangeOnline to 1.4.1. * docker-image * rn --------- Co-authored-by: Content Bot <[email protected]> * [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35407) * [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35297) * "contribution update to pack 'Common Scripts'" * resolved rebase conflicts --------- Co-authored-by: israelpoli <[email protected]> * add TPB * resolve conflicts * add TPB to conf.json and yml file * Bump pack from version CommonScripts to 1.15.30. * commit * remove new tpb from conf json --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: ipolishuk <[email protected]> Co-authored-by: Content Bot <[email protected]> * SplunkPy: fix bug in drilldown enrichemnt (demisto#35368) * fix + RN * fix pre commit * Apply suggestions from code review Co-authored-by: Shachar Kidor <[email protected]> --------- Co-authored-by: Shachar Kidor <[email protected]> * Cisco ASA CRTX-121323 Invert Peer Direction Roles on relevant Teardown Events (demisto#35380) * apply network peers direction swap on teardown * minor-fixes * update release-notes * update release-notes * reformat README.md * Update Packs/CiscoASA/ReleaseNotes/1_1_7.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Un-skip the ruff hook for autoupdate docker PRs (demisto#35413) * Un-skipped the ruff hook for autoupdate docker PRs * Un-skipped the pytest-network-in-docker hook for autoupdate docker prs * added to pack ignore the validation MR108 for Tenable_io.yml (demisto#35415) * added to pack ignore the validation MR108 for Tenable_io.yml --------- Co-authored-by: noy <nodavidi.paloaltonetworks.com> * update feed-performance-test docker (demisto#35423) * update feed-performance-test docker * fix DS108 * Lookup CSV output fix (demisto#35418) * Added the outputs LookupCSV.Result * Added release notes * Updated readme file * Fixed validation * CR Fix * Bump pack from version CommonScripts to 1.15.31. * CR Fix --------- Co-authored-by: Content Bot <[email protected]> * Ewso365 bug (demisto#35351) * fixed an issue where re-registering a header failed * added rn * edited the unittest * Bump pack from version MicrosoftExchangeOnline to 1.4.1. * fixed conflict in rn --------- Co-authored-by: Content Bot <[email protected]> * CIAC-9928 - OpenLDAP ad-entries-search (demisto#35165) * started implementing ad-entries-search * yml and finished implemntation * finished implementing ad-entries-search * finished implementing ad-entries-search * and for provided filters * updated yml * readme * pr comments * pr comments * pr comments * pr comments * pr comments * unitests * readme * Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * added doc string to tests --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> * Update ml dockers (demisto#35422) * update ml dockers * bump RN * fix_azure_sc_tpb (demisto#35428) * fixed the tpb * fixed the names * sdk format * bug - MD EC added debug logs (demisto#35425) * bug - MD EC added debug logs * fix pre-commit * more logs * fix logs * Update MicrosoftDefenderEventCollector.py --------- Co-authored-by: rshunim <[email protected]> Co-authored-by: rshunim <[email protected]> * Yc/carbon black/ciac 9132 (demisto#35202) * Existing commands migration to the new endpoints * cbd-find-processes polling command added * added cbd-find-observation-details polling command * new version all existing commands including polling commands * added validations for required args, and cleaning * device commands added * added docs string in client functions * added docs string to all comands * description file added * mapper updated to the new response format * docs and type ignore * update and set policy commands added * done * readme file added for all commands * Migration notes added * removed -dev * test file with all commands tests * fixed build * added RN and tests * pre-commit * pre commit * format * added release note and updated docker image * rewrite * handle priority_level in CamelCase arg * docs review * docs review * deleted unneeded duplicates * Update Packs/CarbonBlackDefense/ReleaseNotes/4_0_0.md Co-authored-by: JudithB <[email protected]> * format fixed --------- Co-authored-by: JudithB <[email protected]> * add ThreatCrowd to skipped (demisto#35433) * Update logo to align to common prisma cloud logo (demisto#35322) * Update logo to align to common prisma cloud logo (demisto#35113) Updated logo to align to common prisma cloud logo * bump docker version. * RN change. * Bump pack from version PrismaCloud to 4.3.8. --------- Co-authored-by: epartington <[email protected]> Co-authored-by: Danny_Fried <[email protected]> Co-authored-by: Content Bot <[email protected]> * Impartner community pack (demisto#35430) * [ThreatConnectV3] Support Python 3.11 (demisto#35432) * fix * RN * Adding a command to add VM to cleanroom recovery group and changing the integration name (demisto#35229) (demisto#35411) * Changes * Add VM to cleanroom recovery group Adding command to add VM to cleanroom recovery group * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Update pack_metadata.json * remove commented code Co-authored-by: Cv-securityIQ <[email protected]> * Add new parameters for Sophos Central API (demisto#35357) (demisto#35412) * Add new parameters for Sophos Central API * Add contributors file * Increase version and add release notes * Update docker image * Optimize ip address parameter routine * Use argToList function * Update release notes to represent changes * Use argToBoolean for boolean parameter * Set default value for argToBoolean Co-authored-by: Nik Stuckenbrock <[email protected]> * Fix dynammo tpb (demisto#35406) * fix-tpb * delete-from-skipped-tests * delete hard coded * Update Packs/AWS_DynamoDB/TestPlaybooks/playbook-AWS-DynamoDB-Test.yml Co-authored-by: tkatzir <[email protected]> --------- Co-authored-by: tkatzir <[email protected]> * CIAC-10816-Bitwarden-Password-Manager-Event-Collector (demisto#35191) * init * stash * auth, fetch events * wip * wip * add fetch, and get with start and end * update yml file * add comment * fix main function * Update Packs/BitwardenPasswordManager/pack_metadata.json Co-authored-by: Dan Tavori <[email protected]> * wip * wip * Update Packs/BitwardenPasswordManager/pack_metadata.json Co-authored-by: Dan Tavori <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml Co-authored-by: Dan Tavori <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml Co-authored-by: Dan Tavori <[email protected]> * add readme and description * remove end date, update category * combine get_events to fetch_events * wip * remove logs * update readme * add image * fixing readability * use last fetch as start time * add end time to params * add end time to params * fix start+end time * remove event collector naming * add get_unique_events * fix types * wip * wip * wip * pr fixes * wip * add docstring to fetch_events * add pack readme * update readme * add unit tests * fix defaults dates format * pre commit changes * ignore IN150 validation * upgrade docker image * add nmock api url to secret ignore * ran format * add debug command * pre-commit changes * remove debug command * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: Dan Tavori <[email protected]> * change category * fix pack readme --------- Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * fix fetch-incidents returns duplicates bug (demisto#35424) * fix bug and testing and readme * readme * release notes * change argument name * pre commit * code review fixes * more code review fixes * limit+1 * shirly fixes and changed sort field * remove the dev * run pre commit * last fixes * typo fixes * rename splunk host display name (demisto#35431) * rename splunk host display name * update code and readme * test * bug - ansible dockerimage revert (demisto#35442) * bug - ansible dockerimage revert * format * Update 1_0_7.md * fix (demisto#35414) Co-authored-by: Yuval Hayun <[email protected]> * [ASM] - EXPANDER - 10154 Service Ownership Playbook ASM ServiceOwners and Ranking Score Fix (demisto#35388) * [ASM] - EXPANDER - 10154 Service Ownership Playbook ASM ServiceOwners and Ranking Score Fix (demisto#35091) * Update RankServiceOwners task to check that "accounttype" does not exist for service owners * Update release notes * Update RankServiceOwners task owners argument * Update Ranking Score key in asmserviceowner field * Update ReadMe * Update ReadMe * Update release notes * Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md Co-authored-by: ShirleyDenkberg <[email protected]> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update release notes * Update Release Version --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * RN add desc under Incident Fields --------- Co-authored-by: John <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Danny_Fried <[email protected]> * Cyberark Endpoint bug (demisto#35275) * added logs * edit * added support to platform url * removed test integration * fixed applying the update * edited unittests --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: barryyosi-panw <[email protected]> Co-authored-by: darbel <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chait A <[email protected]> Co-authored-by: Tal Carmeli <[email protected]> Co-authored-by: Karina Fishman <[email protected]> Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: OmriItzhak <[email protected]> Co-authored-by: Danny Fried <[email protected]> Co-authored-by: Dror Avrahami <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: samuelFain <[email protected]> Co-authored-by: [email protected] <[email protected]> Co-authored-by: Edi Katsenelson <[email protected]> Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: cweltPA <[email protected]> Co-authored-by: azonenfeld <[email protected]> Co-authored-by: John <[email protected]> Co-authored-by: Jasmine Beilin <[email protected]> Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: Judah Schwartz <[email protected]> Co-authored-by: TalNos <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: Pablo Pérez <[email protected]> Co-authored-by: Daniel Pascual <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: ipolishuk <[email protected]> Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: Binat Ziser <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: Tal Zichlinsky <[email protected]> Co-authored-by: Erez FelmanDar <[email protected]> Co-authored-by: Aster Bandis <[email protected]> Co-authored-by: epartington <[email protected]> Co-authored-by: YairGlik <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: jlevypaloalto <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: RotemAmit <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]> Co-authored-by: Shachar Kidor <[email protected]> Co-authored-by: noydavidi <[email protected]> Co-authored-by: Maya Goldman <[email protected]> Co-authored-by: MLainer1 <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: yedidyacohenpalo <[email protected]> Co-authored-by: JudithB <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: Cv-securityIQ <[email protected]> Co-authored-by: Nik Stuckenbrock <[email protected]> Co-authored-by: tkatzir <[email protected]> Co-authored-by: ilaredo <[email protected]> Co-authored-by: Yael Shamai <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Open Questions
Remaining Items:
Status
Related Issues
EXPANDR-7038
CIAC-9474
Description
This is a new pack to help support enrichment needs for Azure resources. It is difficult and time consuming today to loop through existing Azure APIs for resource information and Azure Resource Graph can do that in a fraction of time and pull together much information in a single query.
Must have