Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CIAC-10816-Bitwarden-Password-Manager-Event-Collector #35191

Merged
merged 63 commits into from
Jul 16, 2024

Conversation

ilaredo
Copy link
Contributor

@ilaredo ilaredo commented Jul 2, 2024

Contributing to Cortex XSOAR Content

Make sure to register your contribution by filling the contribution registration form

The Pull Request will be reviewed only after the contribution registration form is filled.

Status

  • In Progress
  • Ready
  • In Hold - (Reason for hold)

Related Issues

fixes: ticket

Description

DoD:

  • bitwarden Event Collector
  • bitwarden Datamodel
  • Add XSIAM to the list of SIEMS under "Reporting" in the bitwarden docs

Must have

  • Tests
  • Documentation

Copy link

github-actions bot commented Jul 2, 2024

Coverage

Coverage Report
FileStmtsMissCoverMissing
Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager
   BitwardenPasswordManager.py114496%90–91, 104, 132
TOTAL114496% 

Tests Skipped Failures Errors Time
33 0 💤 0 ❌ 0 🔥 6.670s ⏱️

@ilaredo ilaredo changed the title init CIAC-10816-Bitwarden-Password-Manager-Event-Collector Jul 7, 2024
@ilaredo ilaredo requested a review from dantavori July 7, 2024 14:58
Copy link
Contributor

@dantavori dantavori left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

overall looks good,
for the demo focus on the functionality (=python script) and visibility/accessibility (e.g. the configuration section, _description.md)

@ShirleyDenkberg
Copy link
Contributor

@dantavori Doc review completed.

Copy link
Contributor

@dantavori dantavori left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

great work!
approving, need to address the notes below before merging

@ilaredo ilaredo merged commit 44fd64d into master Jul 16, 2024
13 checks passed
@ilaredo ilaredo deleted the CIAC-10816-Bitwarden-Password-Manager-Event-Collector branch July 16, 2024 09:56
maimorag pushed a commit that referenced this pull request Jul 16, 2024
* init

* stash

* auth, fetch events

* wip

* wip

* add fetch, and get with start and end

* update yml file

* add comment

* fix main function

* Update Packs/BitwardenPasswordManager/pack_metadata.json

Co-authored-by: Dan Tavori <[email protected]>

* wip

* wip

* Update Packs/BitwardenPasswordManager/pack_metadata.json

Co-authored-by: Dan Tavori <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml

Co-authored-by: Dan Tavori <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml

Co-authored-by: Dan Tavori <[email protected]>

* add readme and description

* remove end date, update category

* combine get_events to fetch_events

* wip

* remove logs

* update readme

* add image

* fixing readability

* use last fetch as start time

* add end time to params

* add end time to params

* fix start+end time

* remove event collector naming

* add get_unique_events

* fix types

* wip

* wip

* wip

* pr fixes

* wip

* add docstring to fetch_events

* add pack readme

* update readme

* add unit tests

* fix defaults dates format

* pre commit changes

* ignore IN150 validation

* upgrade docker image

* add nmock api url to secret ignore

* ran format

* add debug command

* pre-commit changes

* remove debug command

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: Dan Tavori <[email protected]>

* change category

* fix pack readme

---------

Co-authored-by: Dan Tavori <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
maimorag added a commit that referenced this pull request Jul 17, 2024
* change path to relative md files integrations A-D

* fix docker

* fix docker

* fix docker

* fix DS108

* ignore rm112

* fix ds108

* type annotation fix (#35317)

* type annotation fix

* RN

* revert pack version bump

* BmcITSM- fix duplicate incidents (#35192)

* adding logs

* adding a fix to the last ticket create time

* adding unit test to demonstrate the bug

* adding the fix+precommit_rn

* adding reason

* docker fix

* add to known words

* Update Packs/BmcITSM/ReleaseNotes/1_0_23.md

Co-authored-by: Dan Tavori <[email protected]>

* cr fix

* cr note

* cr note

---------

Co-authored-by: Dan Tavori <[email protected]>

* [CortexXpanse] Option to add tags to assets (#35111) (#35316)

* change content

* RN

* update play

* fix val error

* Apply suggestions from code review



* Apply suggestions from code review



* John feedback

* sasha recommendations

* bump ver

* removed (s) in survey title

* update screenshot

---------

Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>

* Anomali bug (#35060)

* updated the authentication process, due to api changes

* added rn

* updated unit test

* removed comment

* updated do

* Aws waf regions (#35276)

* added more regions to the region param

* added rn

* added regions as args as well

* updated docker image

* Fix Fetch-Alerts Microsoft Defender for Cloud Apps (#35083)

* fix the fetches issue

* fix the fetches issue

* RN

* Update Packs/MicrosoftCloudAppSecurity/ReleaseNotes/2_2_1.md

Co-authored-by: ShirleyDenkberg <[email protected]>

---------

Co-authored-by: ShirleyDenkberg <[email protected]>

* Bump google-cloud-compute from 1.19.0 to 1.19.1 (#35314)

Bumps [google-cloud-compute](https://github.com/googleapis/google-cloud-python) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/googleapis/google-cloud-python/releases)
- [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md)
- [Commits](googleapis/google-cloud-python@google-cloud-compute-v1.19.0...google-cloud-compute-v1.19.1)

---
updated-dependencies:
- dependency-name: google-cloud-compute
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Skip python2 not support csp test (#35328)

* Skip python2 not supported test

* [ASM] EXPANDR-9733 Cortex ASM Patching files (#35114) (#35332)

* Patching ASM files

* read me fix

* add description

* fixes

* fixes

* fixes

* updated version

* updated version

* core pack dependency

* added misc suggestions

* added misc suggestions

Co-authored-by: Chait A <[email protected]>

* fix-ews-get-attachment (#35315)

* fix-ews-get-attachment

* add RN

* rn

* Fix for XSOAR automation insights dashboard (#35292)

* added the relevant script to the metrics

* added rn

* fix

* pre commit

* fix

* updated RN after revert

* Update Packs/CommonDashboards/ReleaseNotes/1_7_4.md

Co-authored-by: Sasha Sokolovich <[email protected]>

---------

Co-authored-by: Sasha Sokolovich <[email protected]>

* Fix modify edl playbook (#35338)

* fix modify edl playbook

* added rn

* fixes

* add type to set incident

* fixes

* Update Packs/EDL/Playbooks/Modify_EDL.yml

* Update Packs/EDL/Playbooks/Modify_EDL.yml

* fix

* fix

* fix

* fix

* fix

* fix

* Zimperuim_v2_playbook (#35259)

* support for zimperium v2

* RN

* update mapper

* rn conflict

* update docker ver

* Fix misslocated images (#35339)

* moved doc files

* relocate

* relocate

* update readme

* update dockers

* added rn

* fixes

* update contribution team members. (#35330)

* Update 1_34_26.md (#35343)

* ipv6 regex fix (#35279)

* ipv6 fix

* docker

* RN

* RN

* Bump pack from version CommonScripts to 1.15.23.

* Bump pack from version CommonScripts to 1.15.24.

* tests playbook

* Update Packs/CommonScripts/ReleaseNotes/1_15_24.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CommonTypes/ReleaseNotes/3_5_7.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* pb fix

* Bump pack from version CommonScripts to 1.15.25.

---------

Co-authored-by: Content Bot <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>

* [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_5 (#35344)

* Updated docker image to demisto/ansible-runner:1.0.0.102086. PR batch #1/1 (#35324)

* Updated docker image to demisto/chromium:126.0.6478.102778. PR batch #1/1 (#35325)

* Update release notes

* [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_10 (#35346)

* demisto/powershell:7.4.0.80528 | 0-100 | PR batch #1/1 (#35333)

* Updated docker image to demisto/powershell:7.4.0.80528. PR batch #1/1

* fixes

---------

Co-authored-by: [email protected] <[email protected]>

* demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #2/2 (#35335)

* Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #2/2

* fixes

---------

Co-authored-by: [email protected] <[email protected]>

* demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #1/2 (#35334)

* Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #1/2

* fixes

* fix

* fix

---------

Co-authored-by: [email protected] <[email protected]>

* Updated docker image to demisto/python3-deb:3.11.9.102626. PR batch #1/1 (#35336)

* Update release notes

---------

Co-authored-by: [email protected] <[email protected]>

* Tenable fetch bug (#35327)

* fixed an issue with 404 error status code

* added rn

* Update Packs/Tenable_io/ReleaseNotes/2_2_5.md

* Ciac 9706 (#34564)

* Test for CIAC 10315

* Test for CIAC 10315

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* [CoreRESTApi] Fix httpMultipart loop (#35265)

* init

* bump version

* [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_11 (#35352)

* Replace PopularNews docker image to demisto/bs4-py3

* Update RN

* increased the memo for EWS Public Folders Test (#35320)

* CIAC-10305 Fortinet Fortigate XDM Modeling Enhancement  (#35311)

* sort xdm fields

* sort schema fields

* enrich modeling rules

* update release notes

* fix release notes

* fix schema

* update schema

* fixes and refactoring

* fix schema

* remove source application mapping

* update release-notes

* update release-notes

* update README.md

* reformat fields on release notes

* concise release note

* fix schema

* Rewrite Whois (#35050)

* first commit

* add yaml config

* create test playbook, update docs, add ReleaseNotes

* fix doc-review issues

* demo issues

* Change instance name for old test playbooks

* update test playbook

* cr issues

* add abuse felid

* Doc review

* Akamai waf event collector missing and duplicated events issue (#35350)

* fixes

* added rn

* fixes

* test fixes

* Update Packs/Akamai_SIEM/ReleaseNotes/1_1_5.md

Co-authored-by: Dan Tavori <[email protected]>

---------

Co-authored-by: Dan Tavori <[email protected]>

* [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (#35326)

* [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (#32121)

* Add Pack ReadMe

* Add integration

* Add integration description, image, and secrets ignore file

* Add metadata file and pack ignore

* Add test files and tests first

* Add Integration ReadMe

* Update marketplaces

* Update commands descriptions and output

* Update secrets ignore

* Resize image

* Update integration yml commands

* Update integration readme

* Resize image

* Address doc review and some design review comments

* Update client credential flow section of ReadMe

* Update list_operations_command to support a limit argument

* Update azure-rg-list-operations in ReadMe

* Update azure-rg-list-operations to support paging

* Update azure-rg-query to support paging

* Update tests

* Remove Comments

* Update integration configuration yml settings

* Add management_groups & subscriptions parameters for query command

* Add suggested changes from second review

* Update Readme and Description from code review

* Update integration files with code review suggestions

* Update defaultValue key in YAML and docker version

* Update section titles in YAML

* Remove subscription_id from client and format

- Subscription ID is not used during configuration
- Fixed usage of wrong variable in query command

* Remove DefaultValues

- The default values are not necessary and would make the conditionals for limits and paging more complex

* Update ReadMe

* Formatting

* Remove subscription_id from client in test file

* Update tests and fix mypy errors

* Update address mypy errors

* Update README.md

* Apply suggestions from code review

* Update README.md

---------

Co-authored-by: John <[email protected]>
Co-authored-by: Jasmine Beilin <[email protected]>

* DisplyHTMLWIthImages: fix embeded images (#35135)

* potential fix

* update RN

* Bump pack from version CommonScripts to 1.15.20.

* Bump pack from version CommonScripts to 1.15.21.

* Bump pack from version CommonScripts to 1.15.22.

* Bump pack from version CommonScripts to 1.15.23.

* Bump pack from version CommonScripts to 1.15.24.

* Bump pack from version CommonScripts to 1.15.25.

* fix

* pre commit fix

* Bump pack from version CommonScripts to 1.15.26.

* cr changes

* CR changes

---------

Co-authored-by: Content Bot <[email protected]>

* Update docker ml (#35081)

* updated docker

* added the rest

* devdemisto/ml:1.0.0.100486

* fix tpb

* return on no incidents

* remove runonce

* remove space

* fixed

* fix create incidents script

* new docker

* revert: fix create incidents script

* add outputs to DBotFindSimilarIncidents

* new tpb DBotFindSimilarIncidents-test

* new docker

* bump transformers

* Empty-Commit

* fix conf.json

* more fixes

* more fixes

* new docker

* RN

* new docker

* revert dockers

* more stuff

* redirect stderr

* docker

* format

* format

* RN

* more stuff

* build fixes

* build fixes

* fix unit-tests

* more docker changes

* more docker changes

* build fixes

* suppress logger

* build fixes

* build fixes

* Fix ruff in CofenseTriage (#35373)

* fix ruff in CofenseTriage

* test with infra

* revert infra test

* revert infra test

* Raise armis event collector default limit (#35371)

* raise limit

* update rn

* Update Packs/Armis/Integrations/ArmisEventCollector/ArmisEventCollector_description.md

Co-authored-by: Judah Schwartz <[email protected]>

* fixes

* fixes

* fixes

* update docker

---------

Co-authored-by: Judah Schwartz <[email protected]>

* Fix for 'Search For Hash In Sandbox - Generic' playbook (#35354)

* Fix for 'Search For Hash In Sandbox - Generic' playbook

* revert unnecessary changes made by 'generate-docs' command

* Update playbook-Search_For_Hash_In_Sandbox_-_Generic.yml

revert unnecessary changes made by 'format' command

* Update playbook-Search_For_Hash_In_Sandbox_-_Generic.yml

revert unnecessary changes made by 'format' command

* RN

* changed the context path checked in task number 45

* CrowdStrike Falcon - Raptor release (#34805)

* configuration changes

* rn

* deprecation

* readme deprecation

* resolve-identity-detection

* test

* fix conflict

* cs-falcon-search-detection

* unit test

* !cs-falcon-resolve-detection

* cs-falcon-list-detection-summaries

* fix the filter

* fix

* fix tests

* fixes

* fix

* add CrowdStrike.Detections.behaviors.behavior_id

* fix outputs of list-detection-summaries

* finally outputs for cs-falcon-list-detection-summaries

* test

* fetch

* mirroring

* existing fetch

* new fetch

* add tests

* revert unnecessary changes in the mapper

* fix the query

* fix

* fis tests

* last mapper

* fix mapper

* mirroring of new type

* fixes from cr

* fix

* remove the raptor from the tests

* fix tests

* fixes

* fix old mapper

* legacy

* RN

* rn

* metadata

* pre commit

* build fixes

* build fixes #2

* Apply suggestions from code review

Shirley fixes

Co-authored-by: ShirleyDenkberg <[email protected]>

* More from Shirley

Co-authored-by: ShirleyDenkberg <[email protected]>

* cr

* cr

* format

* adding testing the parameters

* Bump pack from version CommonTypes to 3.5.8.

* fix test

* cr

* logs

* fix a mistake

* pre commit

* RN

* fix rn

* fix rn

* fix validate errors

* fix test playbook

* pre commit

* format

* RN

* change output

* fix test playbook

---------

Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* [Google Threat Intelligence] Add curated collections commands and improve polling commands (#35376)

* [Google Threat Intelligence] Add curated collections commands and improve polling commands (#35348)

* [GoogleThreatIntelligence] Add GTI assessment to polling commands

* Lint

* Add curated collections commands

* Add test

* Lint

* Lint

* Update release note

* Add Feed Integration

* Lint

* Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.py

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.yml

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds_description.md

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md

Co-authored-by: Daniel Pascual <[email protected]>

* Include feed type in table

* Incremental feed

* Delete feed integration

* Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md

Co-authored-by: Daniel Pascual <[email protected]>

* Update yml

* Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md

Co-authored-by: israelpoli <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py

Co-authored-by: israelpoli <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py

Co-authored-by: israelpoli <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py

Co-authored-by: israelpoli <[email protected]>

---------

Co-authored-by: Daniel Pascual <[email protected]>
Co-authored-by: israelpoli <[email protected]>

* add docs for commands

---------

Co-authored-by: Pablo Pérez <[email protected]>
Co-authored-by: Daniel Pascual <[email protected]>
Co-authored-by: israelpoli <[email protected]>
Co-authored-by: ipolishuk <[email protected]>

* Fix SNOW files mirroring issue (#35298)

* fix XSUP-37069

* fix XSUP-37069

* fix

* CR fix

* remove prints

* docker update

* XSUP-38544/DisplayHtmlWithImages/fix_text_color (#35367)

* Updated the html text color to black

* updated release notes

* ruff on test file

* Update Packs/CommonScripts/ReleaseNotes/1_15_26.md

Co-authored-by: Binat Ziser <[email protected]>

* fixed cr notes

* fix conflicts

* updated RN

* updated RN

* updated RN

* updated RN

---------

Co-authored-by: Binat Ziser <[email protected]>

* remove IN150 from validation_config.toml (#35378)

* remove IN150 and IN161 from validation_config.toml

* bring IN161 back

* Update docker mlurlphishing (#35272)

* init

* new docker

* add tpb

* update docker

* update RN

* Bump pack from version CommonScripts to 1.15.28.

---------

Co-authored-by: adi88d <[email protected]>
Co-authored-by: Adi Daud <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* Ciac 10278 pat enhancement (#35345)

* Fix fields

* Add docs

* Revert docs

* Update README.md

* Address pre-commit

* Address validations

* Remove redundant field

* Address pre-commit

* Fix imports

* Fix imports

* Ignore ruff

* [Demisto Lock] add `polling_interval` to `demisto-lock-get` command (#35374)

* Add new polling_interval

* Update RN

* Add Wizard for Prisma Compliance usecase (#35296)

* Add Wizard for Prisma Compliance usecase

* Update wizard name

* Add second playbook

* Update wizard json

* Remove sandbox section

* Update min_required dependency

* Update supporting integrations

* Update release notes

* Update fetching integration name

* Fix integration name in description

* Add support for [Get/Export/Release]-QuarantineMessage to EWSO PS v3 (#35267) (#35387)

* Add support for [Get/Export/Release]-QuarantineMessage to EWSO PS v3

* Remove unused params from EwsExtensionEXOPowershellV3

* Convert true/false values to boolean for *-QuarantineMessage commands in EWSOv3

* Streamline outputs of *-QuarantineMessage for EwsExtensionEXOPowershellV3

* Update EWSOv3 README.md

* Disallow PSObjects to return $null

* Fix context path in README.md

* Fix table in README.md

* Standardise quotes in EwsExtensionEXOPowershellV3.yml

* Update EWSOv3 README.md

* Update documentation

* Exit ExoReleaseQuarantineMessage when identity or identities not present

* Update content pack to 1.4.0

* Fix integration name in 1_4_0.md

Co-authored-by: Aster Bandis <[email protected]>

* PrismaCloud V2 dashboard update (#35106) (#35369)

* prismaCloud dashboard update

adding sourcebrand for prismacloud v2 to the dashboard to include incidents from that integration.

* Update 4_3_7.md

updating to catch the syntax issues in release notes

* Update 4_3_7.md

updated release notes

* Update 4_3_7.md

release notes update

* Update Packs/PrismaCloud/ReleaseNotes/4_3_7.md



---------

Co-authored-by: epartington <[email protected]>
Co-authored-by: Sasha Sokolovich <[email protected]>
Co-authored-by: samuelFain <[email protected]>

* Ciac 5471 exabeam fetch users (#34900)

* add section to yml

* add command fetch_notable_users

* fix referenced before assignment

* format

* fix fetch_notable_users

* fix set_integration_context

* clear TODO

* add reset-notable-users-cached and classifier

* add Exabeam Notable User to IncidentFields

* add incident layout mapper and type

* add limit to context

* pre commit

* rename pack & integration

* add incidentType to mapping

* update layout

* rename incident field

* add UT

* update dockerimage

* update layout & release note

* Merge branch 'master' of github.com:demisto/content into ciac-5471-exabeam-fetch-users

* add checkbox fetch_user_duplicates

* replace name parameter Fetch user duplicates

* release notes

* fix name of filed

* fix incidentfield

* ReleaseNotes

* IncidentFields

* peck metadata

* ReleaseNotes

* rename incident fide in mapper

* return name incident fide

* mapping

* ReleaseNotes

* add filed to mapping

* add Multi Select type fetch

* fix UT

* save in last run instead of context

* - dev

* fix layout

* try to fix GR103

* fix in ReleaseNotes

* ReleaseNotes

* document review

* Bump pack from version CommonTypes to 3.5.7.

* document review

* remove command reset-notable-users-cached

* update readme about the fetch

* Fix from CR

* Add validation for interval

* update docker

* Updated Docker image in ReleaseNotes

* Bump pack from version CommonTypes to 3.5.8.

* add test to test_module

* Bump pack from version CommonTypes to 3.5.9.

* fix time_period

---------

Co-authored-by: Content Bot <[email protected]>

* [Marketplace Contribution] Common Scripts - Content Pack Update (#35178)

* [Marketplace Contribution] Common Scripts - Content Pack Update (#35115)

* "contribution update to pack 'Common Scripts'"

* pack resubmitted

---------

Co-authored-by: Jacob Levy <[email protected]>

* add typing

* add typing

* more fixes

* more fixes

* more fixes

* more fixes

* more stuff

* build fixes

* build fixes

* UTs complete

* docs

* marketplace selection

* RN

* docker

* Bump pack from version CommonScripts to 1.15.29.

---------

Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: Jacob Levy <[email protected]>
Co-authored-by: jlevypaloalto <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* Xsup 39381 joesecurity file value (#35408)

* Changed indicator to be sha256

* fixed ut

* added rn

* Bumped docker

* Bumped RN

* Bumped dicker

* Update Packs/JoeSecurity/ReleaseNotes/1_1_23.md

Co-authored-by: Dan Tavori <[email protected]>

---------

Co-authored-by: Dan Tavori <[email protected]>

* Fix CS Falcon Reopen Statuses parameter doesn't have any value (#35366)

* allow empty reopen status list

* RN

* fixed a test

* Update Packs/CrowdStrikeFalcon/ReleaseNotes/1_13_14.md

Co-authored-by: Shelly Tzohar <[email protected]>

---------

Co-authored-by: Shelly Tzohar <[email protected]>

* Revert "checking ignore rm108 (#35291)" (#35318)

This reverts commit 238b27d.

* poetry files (#35419)

Co-authored-by: Content Bot <[email protected]>

* remove /n in html (#35381)

* fix

* rn_pa

* reply fix

* fix rn

* Bump pack from version MicrosoftExchangeOnline to 1.4.1.

* docker-image

* rn

---------

Co-authored-by: Content Bot <[email protected]>

* [Marketplace Contribution] Common Scripts - Content Pack Update (#35407)

* [Marketplace Contribution] Common Scripts - Content Pack Update (#35297)

* "contribution update to pack 'Common Scripts'"

* resolved rebase conflicts

---------

Co-authored-by: israelpoli <[email protected]>

* add TPB

* resolve conflicts

* add TPB to conf.json and yml file

* Bump pack from version CommonScripts to 1.15.30.

* commit

* remove new tpb from conf json

---------

Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: israelpoli <[email protected]>
Co-authored-by: ipolishuk <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* SplunkPy: fix bug in drilldown enrichemnt (#35368)

* fix + RN

* fix pre commit

* Apply suggestions from code review

Co-authored-by: Shachar Kidor <[email protected]>

---------

Co-authored-by: Shachar Kidor <[email protected]>

* Cisco ASA CRTX-121323 Invert Peer Direction Roles on relevant Teardown Events (#35380)

* apply network peers direction swap on teardown

* minor-fixes

* update release-notes

* update release-notes

* reformat README.md

* Update Packs/CiscoASA/ReleaseNotes/1_1_7.md

Co-authored-by: ShirleyDenkberg <[email protected]>

---------

Co-authored-by: ShirleyDenkberg <[email protected]>

* Un-skip the ruff hook for autoupdate docker PRs (#35413)

* Un-skipped the ruff hook for autoupdate docker PRs

* Un-skipped the pytest-network-in-docker hook for autoupdate docker prs

* added to pack ignore the validation MR108 for Tenable_io.yml (#35415)

* added to pack ignore the validation MR108 for Tenable_io.yml
---------

Co-authored-by: noy <nodavidi.paloaltonetworks.com>

* update feed-performance-test docker (#35423)

* update feed-performance-test docker

* fix DS108

* Lookup CSV output fix (#35418)

* Added the outputs LookupCSV.Result

* Added release notes

* Updated readme file

* Fixed validation

* CR Fix

* Bump pack from version CommonScripts to 1.15.31.

* CR Fix

---------

Co-authored-by: Content Bot <[email protected]>

* Ewso365 bug (#35351)

* fixed an issue where re-registering a header failed

* added rn

* edited the unittest

* Bump pack from version MicrosoftExchangeOnline to 1.4.1.

* fixed conflict in rn

---------

Co-authored-by: Content Bot <[email protected]>

* CIAC-9928 - OpenLDAP ad-entries-search (#35165)

* started implementing ad-entries-search

* yml and finished implemntation

* finished implementing ad-entries-search

* finished implementing ad-entries-search

* and for provided filters

* updated yml

* readme

* pr comments

* pr comments

* pr comments

* pr comments

* pr comments

* unitests

* readme

* Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/OpenLDAP/Integrations/OpenLDAP/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/OpenLDAP/Integrations/OpenLDAP/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* added doc string to tests

---------

Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: omerKarkKatz <[email protected]>

* Update ml dockers (#35422)

* update ml dockers

* bump RN

* fix_azure_sc_tpb (#35428)

* fixed the tpb

* fixed the names

* sdk format

* bug - MD EC added debug logs (#35425)

* bug - MD EC added debug logs

* fix pre-commit

* more logs

* fix logs

* Update MicrosoftDefenderEventCollector.py

---------

Co-authored-by: rshunim <[email protected]>
Co-authored-by: rshunim <[email protected]>

* Yc/carbon black/ciac 9132 (#35202)

* Existing commands migration to the new endpoints

* cbd-find-processes polling command added

* added cbd-find-observation-details polling command

* new version all existing commands including polling commands

* added validations for required args, and cleaning

* device commands added

* added docs string in client functions

* added docs string to all comands

* description file added

* mapper updated to the new response format

* docs and type ignore

* update and set policy commands added

* done

* readme file added for all commands

* Migration notes added

* removed -dev

* test file with all commands tests

* fixed build

* added RN and tests

* pre-commit

* pre commit

* format

* added release note and updated docker image

* rewrite

* handle priority_level in CamelCase arg

* docs review

* docs review

* deleted unneeded duplicates

* Update Packs/CarbonBlackDefense/ReleaseNotes/4_0_0.md

Co-authored-by: JudithB <[email protected]>

* format fixed

---------

Co-authored-by: JudithB <[email protected]>

* add ThreatCrowd to skipped (#35433)

* Update logo to align to common prisma cloud logo (#35322)

* Update logo to align to common prisma cloud logo (#35113)

Updated logo to align to common prisma cloud logo

* bump docker version.

* RN change.

* Bump pack from version PrismaCloud to 4.3.8.

---------

Co-authored-by: epartington <[email protected]>
Co-authored-by: Danny_Fried <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* Impartner community pack (#35430)

* [ThreatConnectV3] Support Python 3.11 (#35432)

* fix

* RN

* Adding a command to add VM to cleanroom recovery group and changing the integration name (#35229) (#35411)

* Changes

* Add VM to cleanroom recovery group

Adding command to add VM to cleanroom recovery group

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Update pack_metadata.json

* remove commented code

Co-authored-by: Cv-securityIQ <[email protected]>

* Add new parameters for Sophos Central API (#35357) (#35412)

* Add new parameters for Sophos Central API

* Add contributors file

* Increase version and add release notes

* Update docker image

* Optimize ip address parameter routine

* Use argToList function

* Update release notes to represent changes

* Use argToBoolean for boolean parameter

* Set default value for argToBoolean

Co-authored-by: Nik Stuckenbrock <[email protected]>

* Fix dynammo tpb (#35406)

* fix-tpb

* delete-from-skipped-tests

* delete hard coded

* Update Packs/AWS_DynamoDB/TestPlaybooks/playbook-AWS-DynamoDB-Test.yml

Co-authored-by: tkatzir <[email protected]>

---------

Co-authored-by: tkatzir <[email protected]>

* CIAC-10816-Bitwarden-Password-Manager-Event-Collector (#35191)

* init

* stash

* auth, fetch events

* wip

* wip

* add fetch, and get with start and end

* update yml file

* add comment

* fix main function

* Update Packs/BitwardenPasswordManager/pack_metadata.json

Co-authored-by: Dan Tavori <[email protected]>

* wip

* wip

* Update Packs/BitwardenPasswordManager/pack_metadata.json

Co-authored-by: Dan Tavori <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml

Co-authored-by: Dan Tavori <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml

Co-authored-by: Dan Tavori <[email protected]>

* add readme and description

* remove end date, update category

* combine get_events to fetch_events

* wip

* remove logs

* update readme

* add image

* fixing readability

* use last fetch as start time

* add end time to params

* add end time to params

* fix start+end time

* remove event collector naming

* add get_unique_events

* fix types

* wip

* wip

* wip

* pr fixes

* wip

* add docstring to fetch_events

* add pack readme

* update readme

* add unit tests

* fix defaults dates format

* pre commit changes

* ignore IN150 validation

* upgrade docker image

* add nmock api url to secret ignore

* ran format

* add debug command

* pre-commit changes

* remove debug command

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: Dan Tavori <[email protected]>

* change category

* fix pack readme

---------

Co-authored-by: Dan Tavori <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>

* fix fetch-incidents returns duplicates bug (#35424)

* fix bug and testing and readme

* readme

* release notes

* change argument name

* pre commit

* code review fixes

* more code review fixes

* limit+1

* shirly fixes and changed sort field

* remove the dev

* run pre commit

* last fixes

* typo fixes

* rename splunk host display name (#35431)

* rename splunk host display name

* update code and readme

* test

* bug - ansible dockerimage revert (#35442)

* bug - ansible dockerimage revert

* format

* Update 1_0_7.md

* fix (#35414)

Co-authored-by: Yuval Hayun <[email protected]>

* [ASM] - EXPANDER - 10154 Service Ownership Playbook ASM ServiceOwners  and Ranking Score Fix (#35388)

* [ASM] - EXPANDER - 10154 Service Ownership Playbook ASM ServiceOwners  and Ranking Score Fix (#35091)

* Update RankServiceOwners task to check that "accounttype" does not exist for service owners

* Update release notes

* Update RankServiceOwners task owners argument

* Update Ranking Score key in asmserviceowner field

* Update ReadMe

* Update ReadMe

* Update release notes

* Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Apply suggestions from code review

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update release notes

* Update Release Version

---------

Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>

* RN add desc under Incident Fields

---------

Co-authored-by: John <[email protected]>
Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: Danny_Fried <[email protected]>

* Cyberark Endpoint bug (#35275)

* added logs

* edit

* added support to platform url

* removed test integration

* fixed applying the update

* edited unittests

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: barryyosi-panw <[email protected]>
Co-authored-by: darbel <[email protected]>
Co-authored-by: Dan Tavori <[email protected]>
Co-authored-by: content-bot <[email protected]>
Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: merit-maita <[email protected]>
Co-authored-by: rshunim <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chait A <[email protected]>
Co-authored-by: Tal Carmeli <[email protected]>
Co-authored-by: Karina Fishman <[email protected]>
Co-authored-by: Sasha Sokolovich <[email protected]>
Co-authored-by: Yuval Hayun <[email protected]>
Co-authored-by: OmriItzhak <[email protected]>
Co-authored-by: Danny Fried <[email protected]>
Co-authored-by: Dror Avrahami <[email protected]>
Co-authored-by: Content Bot <[email protected]>
Co-authored-by: samuelFain <[email protected]>
Co-authored-by: [email protected] <[email protected]>
Co-authored-by: Edi Katsenelson <[email protected]>
Co-authored-by: Jacob Levy <[email protected]>
Co-authored-by: omerKarkKatz <[email protected]>
Co-authored-by: cweltPA <[email protected]>
Co-authored-by: azonenfeld <[email protected]>
Co-authored-by: John <[email protected]>
Co-authored-by: Jasmine Beilin <[email protected]>
Co-authored-by: Israel Lappe <[email protected]>
Co-authored-by: Yaakov Praisler <[email protected]>
Co-authored-by: Judah Schwartz <[email protected]>
Co-authored-by: TalNos <[email protected]>
Co-authored-by: Yehuda Rosenberg <[email protected]>
Co-authored-by: Pablo Pérez <[email protected]>
Co-authored-by: Daniel Pascual <[email protected]>
Co-authored-by: israelpoli <[email protected]>
Co-authored-by: ipolishuk <[email protected]>
Co-authored-by: Arad Carmi <[email protected]>
Co-authored-by: Binat Ziser <[email protected]>
Co-authored-by: adi88d <[email protected]>
Co-authored-by: Adi Daud <[email protected]>
Co-authored-by: Tal Zichlinsky <[email protected]>
Co-authored-by: Erez FelmanDar <[email protected]>
Co-authored-by: Aster Bandis <[email protected]>
Co-authored-by: epartington <[email protected]>
Co-authored-by: YairGlik <[email protected]>
Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: jlevypaloalto <[email protected]>
Co-authored-by: Shahaf Ben Yakir <[email protected]>
Co-authored-by: RotemAmit <[email protected]>
Co-authored-by: Shelly Tzohar <[email protected]>
Co-authored-by: Shachar Kidor <[email protected]>
Co-authored-by: noydavidi <[email protected]>
Co-authored-by: Maya Goldman <[email protected]>
Co-authored-by: MLainer1 <[email protected]>
Co-authored-by: rshunim <[email protected]>
Co-authored-by: yedidyacohenpalo <[email protected]>
Co-authored-by: JudithB <[email protected]>
Co-authored-by: Sapir Shuker <[email protected]>
Co-authored-by: Shmuel Kroizer <[email protected]>
Co-authored-by: Cv-securityIQ <[email protected]>
Co-authored-by: Nik Stuckenbrock <[email protected]>
Co-authored-by: tkatzir <[email protected]>
Co-authored-by: ilaredo <[email protected]>
Co-authored-by: Yael Shamai <[email protected]>
xsoar-bot pushed a commit to xsoar-contrib/content that referenced this pull request Sep 10, 2024
* init

* stash

* auth, fetch events

* wip

* wip

* add fetch, and get with start and end

* update yml file

* add comment

* fix main function

* Update Packs/BitwardenPasswordManager/pack_metadata.json

Co-authored-by: Dan Tavori <[email protected]>

* wip

* wip

* Update Packs/BitwardenPasswordManager/pack_metadata.json

Co-authored-by: Dan Tavori <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml

Co-authored-by: Dan Tavori <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml

Co-authored-by: Dan Tavori <[email protected]>

* add readme and description

* remove end date, update category

* combine get_events to fetch_events

* wip

* remove logs

* update readme

* add image

* fixing readability

* use last fetch as start time

* add end time to params

* add end time to params

* fix start+end time

* remove event collector naming

* add get_unique_events

* fix types

* wip

* wip

* wip

* pr fixes

* wip

* add docstring to fetch_events

* add pack readme

* update readme

* add unit tests

* fix defaults dates format

* pre commit changes

* ignore IN150 validation

* upgrade docker image

* add nmock api url to secret ignore

* ran format

* add debug command

* pre-commit changes

* remove debug command

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: Dan Tavori <[email protected]>

* change category

* fix pack readme

---------

Co-authored-by: Dan Tavori <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
xsoar-bot added a commit to xsoar-contrib/content that referenced this pull request Sep 10, 2024
* change path to relative md files integrations A-D

* fix docker

* fix docker

* fix docker

* fix DS108

* ignore rm112

* fix ds108

* type annotation fix (demisto#35317)

* type annotation fix

* RN

* revert pack version bump

* BmcITSM- fix duplicate incidents (demisto#35192)

* adding logs

* adding a fix to the last ticket create time

* adding unit test to demonstrate the bug

* adding the fix+precommit_rn

* adding reason

* docker fix

* add to known words

* Update Packs/BmcITSM/ReleaseNotes/1_0_23.md

Co-authored-by: Dan Tavori <[email protected]>

* cr fix

* cr note

* cr note

---------

Co-authored-by: Dan Tavori <[email protected]>

* [CortexXpanse] Option to add tags to assets (demisto#35111) (demisto#35316)

* change content

* RN

* update play

* fix val error

* Apply suggestions from code review



* Apply suggestions from code review



* John feedback

* sasha recommendations

* bump ver

* removed (s) in survey title

* update screenshot

---------

Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>

* Anomali bug (demisto#35060)

* updated the authentication process, due to api changes

* added rn

* updated unit test

* removed comment

* updated do

* Aws waf regions (demisto#35276)

* added more regions to the region param

* added rn

* added regions as args as well

* updated docker image

* Fix Fetch-Alerts Microsoft Defender for Cloud Apps (demisto#35083)

* fix the fetches issue

* fix the fetches issue

* RN

* Update Packs/MicrosoftCloudAppSecurity/ReleaseNotes/2_2_1.md

Co-authored-by: ShirleyDenkberg <[email protected]>

---------

Co-authored-by: ShirleyDenkberg <[email protected]>

* Bump google-cloud-compute from 1.19.0 to 1.19.1 (demisto#35314)

Bumps [google-cloud-compute](https://github.com/googleapis/google-cloud-python) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/googleapis/google-cloud-python/releases)
- [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md)
- [Commits](googleapis/google-cloud-python@google-cloud-compute-v1.19.0...google-cloud-compute-v1.19.1)

---
updated-dependencies:
- dependency-name: google-cloud-compute
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Skip python2 not support csp test (demisto#35328)

* Skip python2 not supported test

* [ASM] EXPANDR-9733 Cortex ASM Patching files (demisto#35114) (demisto#35332)

* Patching ASM files

* read me fix

* add description

* fixes

* fixes

* fixes

* updated version

* updated version

* core pack dependency

* added misc suggestions

* added misc suggestions

Co-authored-by: Chait A <[email protected]>

* fix-ews-get-attachment (demisto#35315)

* fix-ews-get-attachment

* add RN

* rn

* Fix for XSOAR automation insights dashboard (demisto#35292)

* added the relevant script to the metrics

* added rn

* fix

* pre commit

* fix

* updated RN after revert

* Update Packs/CommonDashboards/ReleaseNotes/1_7_4.md

Co-authored-by: Sasha Sokolovich <[email protected]>

---------

Co-authored-by: Sasha Sokolovich <[email protected]>

* Fix modify edl playbook (demisto#35338)

* fix modify edl playbook

* added rn

* fixes

* add type to set incident

* fixes

* Update Packs/EDL/Playbooks/Modify_EDL.yml

* Update Packs/EDL/Playbooks/Modify_EDL.yml

* fix

* fix

* fix

* fix

* fix

* fix

* Zimperuim_v2_playbook (demisto#35259)

* support for zimperium v2

* RN

* update mapper

* rn conflict

* update docker ver

* Fix misslocated images (demisto#35339)

* moved doc files

* relocate

* relocate

* update readme

* update dockers

* added rn

* fixes

* update contribution team members. (demisto#35330)

* Update 1_34_26.md (demisto#35343)

* ipv6 regex fix (demisto#35279)

* ipv6 fix

* docker

* RN

* RN

* Bump pack from version CommonScripts to 1.15.23.

* Bump pack from version CommonScripts to 1.15.24.

* tests playbook

* Update Packs/CommonScripts/ReleaseNotes/1_15_24.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CommonTypes/ReleaseNotes/3_5_7.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* pb fix

* Bump pack from version CommonScripts to 1.15.25.

---------

Co-authored-by: Content Bot <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>

* [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_5 (demisto#35344)

* Updated docker image to demisto/ansible-runner:1.0.0.102086. PR batch #1/1 (demisto#35324)

* Updated docker image to demisto/chromium:126.0.6478.102778. PR batch #1/1 (demisto#35325)

* Update release notes

* [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_10 (demisto#35346)

* demisto/powershell:7.4.0.80528 | 0-100 | PR batch #1/1 (demisto#35333)

* Updated docker image to demisto/powershell:7.4.0.80528. PR batch #1/1

* fixes

---------

Co-authored-by: [email protected] <[email protected]>

* demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #2/2 (demisto#35335)

* Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #2/2

* fixes

---------

Co-authored-by: [email protected] <[email protected]>

* demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #1/2 (demisto#35334)

* Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #1/2

* fixes

* fix

* fix

---------

Co-authored-by: [email protected] <[email protected]>

* Updated docker image to demisto/python3-deb:3.11.9.102626. PR batch #1/1 (demisto#35336)

* Update release notes

---------

Co-authored-by: [email protected] <[email protected]>

* Tenable fetch bug (demisto#35327)

* fixed an issue with 404 error status code

* added rn

* Update Packs/Tenable_io/ReleaseNotes/2_2_5.md

* Ciac 9706 (demisto#34564)

* Test for CIAC 10315

* Test for CIAC 10315

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* [CoreRESTApi] Fix httpMultipart loop (demisto#35265)

* init

* bump version

* [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_11 (demisto#35352)

* Replace PopularNews docker image to demisto/bs4-py3

* Update RN

* increased the memo for EWS Public Folders Test (demisto#35320)

* CIAC-10305 Fortinet Fortigate XDM Modeling Enhancement  (demisto#35311)

* sort xdm fields

* sort schema fields

* enrich modeling rules

* update release notes

* fix release notes

* fix schema

* update schema

* fixes and refactoring

* fix schema

* remove source application mapping

* update release-notes

* update release-notes

* update README.md

* reformat fields on release notes

* concise release note

* fix schema

* Rewrite Whois (demisto#35050)

* first commit

* add yaml config

* create test playbook, update docs, add ReleaseNotes

* fix doc-review issues

* demo issues

* Change instance name for old test playbooks

* update test playbook

* cr issues

* add abuse felid

* Doc review

* Akamai waf event collector missing and duplicated events issue (demisto#35350)

* fixes

* added rn

* fixes

* test fixes

* Update Packs/Akamai_SIEM/ReleaseNotes/1_1_5.md

Co-authored-by: Dan Tavori <[email protected]>

---------

Co-authored-by: Dan Tavori <[email protected]>

* [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (demisto#35326)

* [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (demisto#32121)

* Add Pack ReadMe

* Add integration

* Add integration description, image, and secrets ignore file

* Add metadata file and pack ignore

* Add test files and tests first

* Add Integration ReadMe

* Update marketplaces

* Update commands descriptions and output

* Update secrets ignore

* Resize image

* Update integration yml commands

* Update integration readme

* Resize image

* Address doc review and some design review comments

* Update client credential flow section of ReadMe

* Update list_operations_command to support a limit argument

* Update azure-rg-list-operations in ReadMe

* Update azure-rg-list-operations to support paging

* Update azure-rg-query to support paging

* Update tests

* Remove Comments

* Update integration configuration yml settings

* Add management_groups & subscriptions parameters for query command

* Add suggested changes from second review

* Update Readme and Description from code review

* Update integration files with code review suggestions

* Update defaultValue key in YAML and docker version

* Update section titles in YAML

* Remove subscription_id from client and format

- Subscription ID is not used during configuration
- Fixed usage of wrong variable in query command

* Remove DefaultValues

- The default values are not necessary and would make the conditionals for limits and paging more complex

* Update ReadMe

* Formatting

* Remove subscription_id from client in test file

* Update tests and fix mypy errors

* Update address mypy errors

* Update README.md

* Apply suggestions from code review

* Update README.md

---------

Co-authored-by: John <[email protected]>
Co-authored-by: Jasmine Beilin <[email protected]>

* DisplyHTMLWIthImages: fix embeded images (demisto#35135)

* potential fix

* update RN

* Bump pack from version CommonScripts to 1.15.20.

* Bump pack from version CommonScripts to 1.15.21.

* Bump pack from version CommonScripts to 1.15.22.

* Bump pack from version CommonScripts to 1.15.23.

* Bump pack from version CommonScripts to 1.15.24.

* Bump pack from version CommonScripts to 1.15.25.

* fix

* pre commit fix

* Bump pack from version CommonScripts to 1.15.26.

* cr changes

* CR changes

---------

Co-authored-by: Content Bot <[email protected]>

* Update docker ml (demisto#35081)

* updated docker

* added the rest

* devdemisto/ml:1.0.0.100486

* fix tpb

* return on no incidents

* remove runonce

* remove space

* fixed

* fix create incidents script

* new docker

* revert: fix create incidents script

* add outputs to DBotFindSimilarIncidents

* new tpb DBotFindSimilarIncidents-test

* new docker

* bump transformers

* Empty-Commit

* fix conf.json

* more fixes

* more fixes

* new docker

* RN

* new docker

* revert dockers

* more stuff

* redirect stderr

* docker

* format

* format

* RN

* more stuff

* build fixes

* build fixes

* fix unit-tests

* more docker changes

* more docker changes

* build fixes

* suppress logger

* build fixes

* build fixes

* Fix ruff in CofenseTriage (demisto#35373)

* fix ruff in CofenseTriage

* test with infra

* revert infra test

* revert infra test

* Raise armis event collector default limit (demisto#35371)

* raise limit

* update rn

* Update Packs/Armis/Integrations/ArmisEventCollector/ArmisEventCollector_description.md

Co-authored-by: Judah Schwartz <[email protected]>

* fixes

* fixes

* fixes

* update docker

---------

Co-authored-by: Judah Schwartz <[email protected]>

* Fix for 'Search For Hash In Sandbox - Generic' playbook (demisto#35354)

* Fix for 'Search For Hash In Sandbox - Generic' playbook

* revert unnecessary changes made by 'generate-docs' command

* Update playbook-Search_For_Hash_In_Sandbox_-_Generic.yml

revert unnecessary changes made by 'format' command

* Update playbook-Search_For_Hash_In_Sandbox_-_Generic.yml

revert unnecessary changes made by 'format' command

* RN

* changed the context path checked in task number 45

* CrowdStrike Falcon - Raptor release (demisto#34805)

* configuration changes

* rn

* deprecation

* readme deprecation

* resolve-identity-detection

* test

* fix conflict

* cs-falcon-search-detection

* unit test

* !cs-falcon-resolve-detection

* cs-falcon-list-detection-summaries

* fix the filter

* fix

* fix tests

* fixes

* fix

* add CrowdStrike.Detections.behaviors.behavior_id

* fix outputs of list-detection-summaries

* finally outputs for cs-falcon-list-detection-summaries

* test

* fetch

* mirroring

* existing fetch

* new fetch

* add tests

* revert unnecessary changes in the mapper

* fix the query

* fix

* fis tests

* last mapper

* fix mapper

* mirroring of new type

* fixes from cr

* fix

* remove the raptor from the tests

* fix tests

* fixes

* fix old mapper

* legacy

* RN

* rn

* metadata

* pre commit

* build fixes

* build fixes #2

* Apply suggestions from code review

Shirley fixes

Co-authored-by: ShirleyDenkberg <[email protected]>

* More from Shirley

Co-authored-by: ShirleyDenkberg <[email protected]>

* cr

* cr

* format

* adding testing the parameters

* Bump pack from version CommonTypes to 3.5.8.

* fix test

* cr

* logs

* fix a mistake

* pre commit

* RN

* fix rn

* fix rn

* fix validate errors

* fix test playbook

* pre commit

* format

* RN

* change output

* fix test playbook

---------

Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* [Google Threat Intelligence] Add curated collections commands and improve polling commands (demisto#35376)

* [Google Threat Intelligence] Add curated collections commands and improve polling commands (demisto#35348)

* [GoogleThreatIntelligence] Add GTI assessment to polling commands

* Lint

* Add curated collections commands

* Add test

* Lint

* Lint

* Update release note

* Add Feed Integration

* Lint

* Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.py

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.yml

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds_description.md

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md

Co-authored-by: Daniel Pascual <[email protected]>

* Include feed type in table

* Incremental feed

* Delete feed integration

* Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md

Co-authored-by: Daniel Pascual <[email protected]>

* Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md

Co-authored-by: Daniel Pascual <[email protected]>

* Update yml

* Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md

Co-authored-by: israelpoli <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py

Co-authored-by: israelpoli <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py

Co-authored-by: israelpoli <[email protected]>

* Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py

Co-authored-by: israelpoli <[email protected]>

---------

Co-authored-by: Daniel Pascual <[email protected]>
Co-authored-by: israelpoli <[email protected]>

* add docs for commands

---------

Co-authored-by: Pablo Pérez <[email protected]>
Co-authored-by: Daniel Pascual <[email protected]>
Co-authored-by: israelpoli <[email protected]>
Co-authored-by: ipolishuk <[email protected]>

* Fix SNOW files mirroring issue (demisto#35298)

* fix XSUP-37069

* fix XSUP-37069

* fix

* CR fix

* remove prints

* docker update

* XSUP-38544/DisplayHtmlWithImages/fix_text_color (demisto#35367)

* Updated the html text color to black

* updated release notes

* ruff on test file

* Update Packs/CommonScripts/ReleaseNotes/1_15_26.md

Co-authored-by: Binat Ziser <[email protected]>

* fixed cr notes

* fix conflicts

* updated RN

* updated RN

* updated RN

* updated RN

---------

Co-authored-by: Binat Ziser <[email protected]>

* remove IN150 from validation_config.toml (demisto#35378)

* remove IN150 and IN161 from validation_config.toml

* bring IN161 back

* Update docker mlurlphishing (demisto#35272)

* init

* new docker

* add tpb

* update docker

* update RN

* Bump pack from version CommonScripts to 1.15.28.

---------

Co-authored-by: adi88d <[email protected]>
Co-authored-by: Adi Daud <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* Ciac 10278 pat enhancement (demisto#35345)

* Fix fields

* Add docs

* Revert docs

* Update README.md

* Address pre-commit

* Address validations

* Remove redundant field

* Address pre-commit

* Fix imports

* Fix imports

* Ignore ruff

* [Demisto Lock] add `polling_interval` to `demisto-lock-get` command (demisto#35374)

* Add new polling_interval

* Update RN

* Add Wizard for Prisma Compliance usecase (demisto#35296)

* Add Wizard for Prisma Compliance usecase

* Update wizard name

* Add second playbook

* Update wizard json

* Remove sandbox section

* Update min_required dependency

* Update supporting integrations

* Update release notes

* Update fetching integration name

* Fix integration name in description

* Add support for [Get/Export/Release]-QuarantineMessage to EWSO PS v3 (demisto#35267) (demisto#35387)

* Add support for [Get/Export/Release]-QuarantineMessage to EWSO PS v3

* Remove unused params from EwsExtensionEXOPowershellV3

* Convert true/false values to boolean for *-QuarantineMessage commands in EWSOv3

* Streamline outputs of *-QuarantineMessage for EwsExtensionEXOPowershellV3

* Update EWSOv3 README.md

* Disallow PSObjects to return $null

* Fix context path in README.md

* Fix table in README.md

* Standardise quotes in EwsExtensionEXOPowershellV3.yml

* Update EWSOv3 README.md

* Update documentation

* Exit ExoReleaseQuarantineMessage when identity or identities not present

* Update content pack to 1.4.0

* Fix integration name in 1_4_0.md

Co-authored-by: Aster Bandis <[email protected]>

* PrismaCloud V2 dashboard update (demisto#35106) (demisto#35369)

* prismaCloud dashboard update

adding sourcebrand for prismacloud v2 to the dashboard to include incidents from that integration.

* Update 4_3_7.md

updating to catch the syntax issues in release notes

* Update 4_3_7.md

updated release notes

* Update 4_3_7.md

release notes update

* Update Packs/PrismaCloud/ReleaseNotes/4_3_7.md



---------

Co-authored-by: epartington <[email protected]>
Co-authored-by: Sasha Sokolovich <[email protected]>
Co-authored-by: samuelFain <[email protected]>

* Ciac 5471 exabeam fetch users (demisto#34900)

* add section to yml

* add command fetch_notable_users

* fix referenced before assignment

* format

* fix fetch_notable_users

* fix set_integration_context

* clear TODO

* add reset-notable-users-cached and classifier

* add Exabeam Notable User to IncidentFields

* add incident layout mapper and type

* add limit to context

* pre commit

* rename pack & integration

* add incidentType to mapping

* update layout

* rename incident field

* add UT

* update dockerimage

* update layout & release note

* Merge branch 'master' of github.com:demisto/content into ciac-5471-exabeam-fetch-users

* add checkbox fetch_user_duplicates

* replace name parameter Fetch user duplicates

* release notes

* fix name of filed

* fix incidentfield

* ReleaseNotes

* IncidentFields

* peck metadata

* ReleaseNotes

* rename incident fide in mapper

* return name incident fide

* mapping

* ReleaseNotes

* add filed to mapping

* add Multi Select type fetch

* fix UT

* save in last run instead of context

* - dev

* fix layout

* try to fix GR103

* fix in ReleaseNotes

* ReleaseNotes

* document review

* Bump pack from version CommonTypes to 3.5.7.

* document review

* remove command reset-notable-users-cached

* update readme about the fetch

* Fix from CR

* Add validation for interval

* update docker

* Updated Docker image in ReleaseNotes

* Bump pack from version CommonTypes to 3.5.8.

* add test to test_module

* Bump pack from version CommonTypes to 3.5.9.

* fix time_period

---------

Co-authored-by: Content Bot <[email protected]>

* [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35178)

* [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35115)

* "contribution update to pack 'Common Scripts'"

* pack resubmitted

---------

Co-authored-by: Jacob Levy <[email protected]>

* add typing

* add typing

* more fixes

* more fixes

* more fixes

* more fixes

* more stuff

* build fixes

* build fixes

* UTs complete

* docs

* marketplace selection

* RN

* docker

* Bump pack from version CommonScripts to 1.15.29.

---------

Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: Jacob Levy <[email protected]>
Co-authored-by: jlevypaloalto <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* Xsup 39381 joesecurity file value (demisto#35408)

* Changed indicator to be sha256

* fixed ut

* added rn

* Bumped docker

* Bumped RN

* Bumped dicker

* Update Packs/JoeSecurity/ReleaseNotes/1_1_23.md

Co-authored-by: Dan Tavori <[email protected]>

---------

Co-authored-by: Dan Tavori <[email protected]>

* Fix CS Falcon Reopen Statuses parameter doesn't have any value (demisto#35366)

* allow empty reopen status list

* RN

* fixed a test

* Update Packs/CrowdStrikeFalcon/ReleaseNotes/1_13_14.md

Co-authored-by: Shelly Tzohar <[email protected]>

---------

Co-authored-by: Shelly Tzohar <[email protected]>

* Revert "checking ignore rm108 (demisto#35291)" (demisto#35318)

This reverts commit 238b27d.

* poetry files (demisto#35419)

Co-authored-by: Content Bot <[email protected]>

* remove /n in html (demisto#35381)

* fix

* rn_pa

* reply fix

* fix rn

* Bump pack from version MicrosoftExchangeOnline to 1.4.1.

* docker-image

* rn

---------

Co-authored-by: Content Bot <[email protected]>

* [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35407)

* [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35297)

* "contribution update to pack 'Common Scripts'"

* resolved rebase conflicts

---------

Co-authored-by: israelpoli <[email protected]>

* add TPB

* resolve conflicts

* add TPB to conf.json and yml file

* Bump pack from version CommonScripts to 1.15.30.

* commit

* remove new tpb from conf json

---------

Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: israelpoli <[email protected]>
Co-authored-by: ipolishuk <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* SplunkPy: fix bug in drilldown enrichemnt (demisto#35368)

* fix + RN

* fix pre commit

* Apply suggestions from code review

Co-authored-by: Shachar Kidor <[email protected]>

---------

Co-authored-by: Shachar Kidor <[email protected]>

* Cisco ASA CRTX-121323 Invert Peer Direction Roles on relevant Teardown Events (demisto#35380)

* apply network peers direction swap on teardown

* minor-fixes

* update release-notes

* update release-notes

* reformat README.md

* Update Packs/CiscoASA/ReleaseNotes/1_1_7.md

Co-authored-by: ShirleyDenkberg <[email protected]>

---------

Co-authored-by: ShirleyDenkberg <[email protected]>

* Un-skip the ruff hook for autoupdate docker PRs (demisto#35413)

* Un-skipped the ruff hook for autoupdate docker PRs

* Un-skipped the pytest-network-in-docker hook for autoupdate docker prs

* added to pack ignore the validation MR108 for Tenable_io.yml (demisto#35415)

* added to pack ignore the validation MR108 for Tenable_io.yml
---------

Co-authored-by: noy <nodavidi.paloaltonetworks.com>

* update feed-performance-test docker (demisto#35423)

* update feed-performance-test docker

* fix DS108

* Lookup CSV output fix (demisto#35418)

* Added the outputs LookupCSV.Result

* Added release notes

* Updated readme file

* Fixed validation

* CR Fix

* Bump pack from version CommonScripts to 1.15.31.

* CR Fix

---------

Co-authored-by: Content Bot <[email protected]>

* Ewso365 bug (demisto#35351)

* fixed an issue where re-registering a header failed

* added rn

* edited the unittest

* Bump pack from version MicrosoftExchangeOnline to 1.4.1.

* fixed conflict in rn

---------

Co-authored-by: Content Bot <[email protected]>

* CIAC-9928 - OpenLDAP ad-entries-search (demisto#35165)

* started implementing ad-entries-search

* yml and finished implemntation

* finished implementing ad-entries-search

* finished implementing ad-entries-search

* and for provided filters

* updated yml

* readme

* pr comments

* pr comments

* pr comments

* pr comments

* pr comments

* unitests

* readme

* Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/OpenLDAP/Integrations/OpenLDAP/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/OpenLDAP/Integrations/OpenLDAP/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* added doc string to tests

---------

Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: omerKarkKatz <[email protected]>

* Update ml dockers (demisto#35422)

* update ml dockers

* bump RN

* fix_azure_sc_tpb (demisto#35428)

* fixed the tpb

* fixed the names

* sdk format

* bug - MD EC added debug logs (demisto#35425)

* bug - MD EC added debug logs

* fix pre-commit

* more logs

* fix logs

* Update MicrosoftDefenderEventCollector.py

---------

Co-authored-by: rshunim <[email protected]>
Co-authored-by: rshunim <[email protected]>

* Yc/carbon black/ciac 9132 (demisto#35202)

* Existing commands migration to the new endpoints

* cbd-find-processes polling command added

* added cbd-find-observation-details polling command

* new version all existing commands including polling commands

* added validations for required args, and cleaning

* device commands added

* added docs string in client functions

* added docs string to all comands

* description file added

* mapper updated to the new response format

* docs and type ignore

* update and set policy commands added

* done

* readme file added for all commands

* Migration notes added

* removed -dev

* test file with all commands tests

* fixed build

* added RN and tests

* pre-commit

* pre commit

* format

* added release note and updated docker image

* rewrite

* handle priority_level in CamelCase arg

* docs review

* docs review

* deleted unneeded duplicates

* Update Packs/CarbonBlackDefense/ReleaseNotes/4_0_0.md

Co-authored-by: JudithB <[email protected]>

* format fixed

---------

Co-authored-by: JudithB <[email protected]>

* add ThreatCrowd to skipped (demisto#35433)

* Update logo to align to common prisma cloud logo (demisto#35322)

* Update logo to align to common prisma cloud logo (demisto#35113)

Updated logo to align to common prisma cloud logo

* bump docker version.

* RN change.

* Bump pack from version PrismaCloud to 4.3.8.

---------

Co-authored-by: epartington <[email protected]>
Co-authored-by: Danny_Fried <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* Impartner community pack (demisto#35430)

* [ThreatConnectV3] Support Python 3.11 (demisto#35432)

* fix

* RN

* Adding a command to add VM to cleanroom recovery group and changing the integration name (demisto#35229) (demisto#35411)

* Changes

* Add VM to cleanroom recovery group

Adding command to add VM to cleanroom recovery group

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Update pack_metadata.json

* remove commented code

Co-authored-by: Cv-securityIQ <[email protected]>

* Add new parameters for Sophos Central API (demisto#35357) (demisto#35412)

* Add new parameters for Sophos Central API

* Add contributors file

* Increase version and add release notes

* Update docker image

* Optimize ip address parameter routine

* Use argToList function

* Update release notes to represent changes

* Use argToBoolean for boolean parameter

* Set default value for argToBoolean

Co-authored-by: Nik Stuckenbrock <[email protected]>

* Fix dynammo tpb (demisto#35406)

* fix-tpb

* delete-from-skipped-tests

* delete hard coded

* Update Packs/AWS_DynamoDB/TestPlaybooks/playbook-AWS-DynamoDB-Test.yml

Co-authored-by: tkatzir <[email protected]>

---------

Co-authored-by: tkatzir <[email protected]>

* CIAC-10816-Bitwarden-Password-Manager-Event-Collector (demisto#35191)

* init

* stash

* auth, fetch events

* wip

* wip

* add fetch, and get with start and end

* update yml file

* add comment

* fix main function

* Update Packs/BitwardenPasswordManager/pack_metadata.json

Co-authored-by: Dan Tavori <[email protected]>

* wip

* wip

* Update Packs/BitwardenPasswordManager/pack_metadata.json

Co-authored-by: Dan Tavori <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml

Co-authored-by: Dan Tavori <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml

Co-authored-by: Dan Tavori <[email protected]>

* add readme and description

* remove end date, update category

* combine get_events to fetch_events

* wip

* remove logs

* update readme

* add image

* fixing readability

* use last fetch as start time

* add end time to params

* add end time to params

* fix start+end time

* remove event collector naming

* add get_unique_events

* fix types

* wip

* wip

* wip

* pr fixes

* wip

* add docstring to fetch_events

* add pack readme

* update readme

* add unit tests

* fix defaults dates format

* pre commit changes

* ignore IN150 validation

* upgrade docker image

* add nmock api url to secret ignore

* ran format

* add debug command

* pre-commit changes

* remove debug command

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/BitwardenPasswordManager/README.md

Co-authored-by: Dan Tavori <[email protected]>

* change category

* fix pack readme

---------

Co-authored-by: Dan Tavori <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>

* fix fetch-incidents returns duplicates bug (demisto#35424)

* fix bug and testing and readme

* readme

* release notes

* change argument name

* pre commit

* code review fixes

* more code review fixes

* limit+1

* shirly fixes and changed sort field

* remove the dev

* run pre commit

* last fixes

* typo fixes

* rename splunk host display name (demisto#35431)

* rename splunk host display name

* update code and readme

* test

* bug - ansible dockerimage revert (demisto#35442)

* bug - ansible dockerimage revert

* format

* Update 1_0_7.md

* fix (demisto#35414)

Co-authored-by: Yuval Hayun <[email protected]>

* [ASM] - EXPANDER - 10154 Service Ownership Playbook ASM ServiceOwners  and Ranking Score Fix (demisto#35388)

* [ASM] - EXPANDER - 10154 Service Ownership Playbook ASM ServiceOwners  and Ranking Score Fix (demisto#35091)

* Update RankServiceOwners task to check that "accounttype" does not exist for service owners

* Update release notes

* Update RankServiceOwners task owners argument

* Update Ranking Score key in asmserviceowner field

* Update ReadMe

* Update ReadMe

* Update release notes

* Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Apply suggestions from code review

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update release notes

* Update Release Version

---------

Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>

* RN add desc under Incident Fields

---------

Co-authored-by: John <[email protected]>
Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: Danny_Fried <[email protected]>

* Cyberark Endpoint bug (demisto#35275)

* added logs

* edit

* added support to platform url

* removed test integration

* fixed applying the update

* edited unittests

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: barryyosi-panw <[email protected]>
Co-authored-by: darbel <[email protected]>
Co-authored-by: Dan Tavori <[email protected]>
Co-authored-by: content-bot <[email protected]>
Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: merit-maita <[email protected]>
Co-authored-by: rshunim <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chait A <[email protected]>
Co-authored-by: Tal Carmeli <[email protected]>
Co-authored-by: Karina Fishman <[email protected]>
Co-authored-by: Sasha Sokolovich <[email protected]>
Co-authored-by: Yuval Hayun <[email protected]>
Co-authored-by: OmriItzhak <[email protected]>
Co-authored-by: Danny Fried <[email protected]>
Co-authored-by: Dror Avrahami <[email protected]>
Co-authored-by: Content Bot <[email protected]>
Co-authored-by: samuelFain <[email protected]>
Co-authored-by: [email protected] <[email protected]>
Co-authored-by: Edi Katsenelson <[email protected]>
Co-authored-by: Jacob Levy <[email protected]>
Co-authored-by: omerKarkKatz <[email protected]>
Co-authored-by: cweltPA <[email protected]>
Co-authored-by: azonenfeld <[email protected]>
Co-authored-by: John <[email protected]>
Co-authored-by: Jasmine Beilin <[email protected]>
Co-authored-by: Israel Lappe <[email protected]>
Co-authored-by: Yaakov Praisler <[email protected]>
Co-authored-by: Judah Schwartz <[email protected]>
Co-authored-by: TalNos <[email protected]>
Co-authored-by: Yehuda Rosenberg <[email protected]>
Co-authored-by: Pablo Pérez <[email protected]>
Co-authored-by: Daniel Pascual <[email protected]>
Co-authored-by: israelpoli <[email protected]>
Co-authored-by: ipolishuk <[email protected]>
Co-authored-by: Arad Carmi <[email protected]>
Co-authored-by: Binat Ziser <[email protected]>
Co-authored-by: adi88d <[email protected]>
Co-authored-by: Adi Daud <[email protected]>
Co-authored-by: Tal Zichlinsky <[email protected]>
Co-authored-by: Erez FelmanDar <[email protected]>
Co-authored-by: Aster Bandis <[email protected]>
Co-authored-by: epartington <[email protected]>
Co-authored-by: YairGlik <[email protected]>
Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: jlevypaloalto <[email protected]>
Co-authored-by: Shahaf Ben Yakir <[email protected]>
Co-authored-by: RotemAmit <[email protected]>
Co-authored-by: Shelly Tzohar <[email protected]>
Co-authored-by: Shachar Kidor <[email protected]>
Co-authored-by: noydavidi <[email protected]>
Co-authored-by: Maya Goldman <[email protected]>
Co-authored-by: MLainer1 <[email protected]>
Co-authored-by: rshunim <[email protected]>
Co-authored-by: yedidyacohenpalo <[email protected]>
Co-authored-by: JudithB <[email protected]>
Co-authored-by: Sapir Shuker <[email protected]>
Co-authored-by: Shmuel Kroizer <[email protected]>
Co-authored-by: Cv-securityIQ <[email protected]>
Co-authored-by: Nik Stuckenbrock <[email protected]>
Co-authored-by: tkatzir <[email protected]>
Co-authored-by: ilaredo <[email protected]>
Co-authored-by: Yael Shamai <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants