Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Updated deprecation description. * [Marketplace Contribution] SplunkCIMFields (#14484) * "pack contribution initial commit" (#14439) * change the scrpt according to the contributor * change the scrpt according to the contributor Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: cshayner <[email protected]> * setGridField: Allow column names to have underscores (#14469) Grid column names can have underscores in them. Co-authored-by: Dean Arbel <[email protected]> * Add more dates, tags, and TLP to feed integration (#14483) * Add more dates, tags, and TLP to feed integration (#14380) * Add more dates, tags and TLP to feed integration * Add release notes * fixed rn Co-authored-by: EvgeniyMeteliza <[email protected]> Co-authored-by: abaumgarten <[email protected]> * Fixed Custom Indicator context value key (#14422) * Fixed context value key * Fixed customIndicator test * Fixed customIndicator test * Merge branch 'master' into custom-indicator-value # Conflicts: # Packs/Base/ReleaseNotes/1_13_22.md * Update 1_13_23.md Done. Co-authored-by: ShirleyDenkberg <[email protected]> * added ignore BA113,BA112 (#14465) * GetFailedTasks - improve err msg of failure to retrieve tasks (#14442) * improve err msg of failure to retrieve tasks * rm new line * Update Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/README.md Co-authored-by: Bar Katzir <[email protected]> Co-authored-by: Bar Katzir <[email protected]> * Fix generic APIModule feeds (#14490) * setGridField: undo column name truncation (#14492) allow column name truncation Co-authored-by: Dean Arbel <[email protected]> * fixed bug in pop ranks (#14493) * fixed bug in pop ranks * fixed bug in pop ranks * Migrate bucket upload workflow to GitLab (#14130) * Remove upload dev rules and env variable dev value assignment * Show that it works with fixed demisto-sdk * Revert "Show that it works with fixed demisto-sdk" This reverts commit 0a813cdbe92fcd4c2840fb92d091661853e8339c. * Enable bucket-upload trigger script to work against production bucket Co-authored-by: ikeren <[email protected]> * Added Iron Bank approved tag (#14489) * Crowdstrike datetime bug (#14382) * added test * added test that fails * fix for test * added release notes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_0_4.md Co-authored-by: roysagi <[email protected]> * Qss new pr (#14502) * update README.md * update README.md * Rasterize improvements (#14124) (#14482) * Added support for different filename * Update the release notes * fix mypy error * Changed the naming from "filename" to "file_name" * Rename 1_0_10.md to 1_0_11.md * Update pack_metadata.json Co-authored-by: Paul <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: Paul D <[email protected]> Co-authored-by: Paul <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> * [Sixgill-195] dve bug (#14503) * [Sixgill-195] dve bug (#14499) * fixed tests * fixed tests * fixed tags * fixed tags * rn Co-authored-by: tamarsix <[email protected]> Co-authored-by: abaumgarten <[email protected]> * metadata constants (#14466) * metadata constants * metadata constants * metadata constants * fix name * typo fix * typo fix * Zip content packs step optimization (#12770) * Testing download packs from gcs * Deleting Skip Zip content packs so it can be tested * Changed file download to gsutil * Fixed bucket path * Fixed gsutil flag * Added dest path prints * Old download * Different url * Changed gcp path * Changed gcp path * Created a bash script for gcp command * Rerun * Added newline * Changed path and error message * Added shell statement to file * Added prints * Changed os.walk * Changed zip path * Changed gcp path * Changed gcp path * added prints * print entries * print entries * print entries * print entries * prints subprocess * prints subprocess * prints subprocess * prints subprocess * prints subprocess * prints subprocess * Changed set and added exception handler * removed unnecessary mkdir * print path of pack * test * test * fixes * fixes * fixes * fixes * testing old step * checks and prints * checks and prints * Added copy to other dir * Added some comments * removed script communication * Added testing, changed parameters to general build * Added docstring to tests * Fixed flake8 issues * Added packs list print - will be removed * Removed print * Added dir entries print * Added check for circle_build * Added src and dest path prints * Added src path prints and check_output * Added src path prints and check_output * Removed trailing / * Fixed zip path * Added storage_base_path, bucket_name args. Removed prints, added logging. Added try except clause. * Added missing arguments * Moved to upload flow only * Removed skip for non master branches - testing * Moved sys.exit(1) to end of script, refactored search in blobs. * Updated comment * Fixed tests * Added looseversion * Added master check back * Removed unnecessary bash script. * Fixed PR comments * Changed copy to artifacts to use the script's arguement * Added gitlab support * Testing gitlab's upload * Added check back * Fixed readme error * Added back the upload check * Fixed some todos * Added todos * Moved download to job * Fixed tests * Todo * removing conditions for testing * Added needed conditions * Removed todo and added env var * Changed packs src * Removed conditions * Updated sbp when bucket is dist-dev * Changed to default storage_base_path * Removed unnecessary conditions * updated path * Sharing variable between steps * Added step to bucket-upload.yml * Fixed flake8 issues * commented out failing tests - for testing gitlab flow * Fixed problem in unittest * Fixed problem in unittest * Changed bucket condition name * Fixed yml file * Removed unnecessary packs dir * Added echo * Added default storage_base_path value * Fixed yml structure * Fixing yml structure * test * Revert "test" This reverts commit a340bfce * Removed run validations * Changed upload-to-marketplace rules * Added gcloud login * Added rule back, removed private zip folder creation * Removed run validations * Added requirement back * Added run validations back * StixParser - skip SSDEEP (#14501) * add ssdeep to stix1 test file * trigger ut * skip ssdeep values * Update Packs/Base/ReleaseNotes/1_13_24.md Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> * Ansible Integration Quality Improvements (#14375) * Ansible Integration Quality Improvements (#12795) * Ansible API Module * Refactored Ansible Integrations using API Module * HCloud Documentation * Default values of [] and {} are invalid in Ansible * Linux README. Work in progress. * spelling * Alibaba Cloud Readme * typo * typo * commands for doco * better acme banner * better description * ACME README WIP * commands from debian server * Windows ReadMe WIP * docker tag bump * docker version bump and displayname spacing * remove commands with error outputs * Release notes / Metadata * validation issue resolution * linting and formating corrections * trimmed package listing * MS Readme WIP * aligning names in note to integrations * MS Readme WIP * get_md5 argument no longer exists on module * More README WIP * remove pester example, looks like it failed tests * mypy and flake8 lint fixes * docker image bump * ignoring pylint errpr for specialised import * typo * pylint and pep8 errors use different ignore syntax * dict2md revisions and unit tests * rec_ansible_key_strip unit test * Correct docker image for Ansible * linting * clean up loose demisto calls and add type hinting * Inventory unit tests * incorrect indentation * remove unused value * tidy up demisto calls * generic_ansible unit test * remove global var host_type * linting * mypy fixes, output_key field, and context camelCase * regenerated integrations * id/name prefixed with ansible * removed whitespace on descriptions * camelcase context * corrected predefined args for bools * outputs_key_field for targetbased integrations * context path updated * better error messages * test-command functionality * fix templating error * correct logic for test-module * version bump and linting * linting * docstring for generic_ansible * Deprecating old pack Adding new packs * Alibaba Cloud Polish * Documenetation for Alibaba Cloud * Documentation for Azure Compute * remove problematic module * Documentation for Hetzner Cloud * Partial documentation for Windows * hcloud test playbook * kubernetes documentation * remove empty command example headings * better explaination around ansible usage * Linux doco * Ansible naming Co-authored-by: roysagi <[email protected]> * Ansible naming Co-authored-by: roysagi <[email protected]> * Ansible naming Co-authored-by: roysagi <[email protected]> * Ansible naming Co-authored-by: roysagi <[email protected]> * Ansible naming Co-authored-by: roysagi <[email protected]> * Ansible naming Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * Better description Co-authored-by: roysagi <[email protected]> * remove todo * Ansible branding + description clean up * Ansible DNS Doco * Formating * Linux doco * formating * moved dns back to linux pack * Cisco NXOS * typo * IOS requires a seperate become/enable password * Cisco IOS documentation * Azure Networking Doco * VMware Doco * deprecated notice * deprecated notices * ACME deprecated notice * min version * removed erronious output * merge azure packages * corrected context case * Case corrections in Context * Added privilege escalation options for Linux * Documentation about complex command inputs * Update Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.py Co-authored-by: roysagi <[email protected]> * Update Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME.yml Co-authored-by: roysagi <[email protected]> * editing azure readme * editing azure readme * editing ciscos readmes * editing ciscos readmes * Update Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/README.md * editing hcloud readme * Update Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/README.md * editing kubernetes readme * editing linux readme * editing windows readme * editing windows readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * changing command examples * fixing secrets * fixing secrets and validations * fixing secrets * fixing secrets * fixing secrets * fixing rm108 * use title case for context * fixing validations * host argument collision fix * whitespace * revised doco for collided arg * title case without underscores * fix title case in documentation * Title case in context path * titlecase context paths * correct display * priv escalation details * Capital letter in description Co-authored-by: roysagi <[email protected]> Co-authored-by: rsagi <[email protected]> * reverting wrong changes * fixing same playbook name * skipping all integrations via conf.json * fixing dependencies * updating playbook-Windows_Application_Deployment_v2.yml * updating playbook-Windows_Application_Deployment_v2.yml * fixing names * updating playbook-Wait_Until_Windows_Host_Online_v2.yml * adding creds support * adding creds support * Merge branch 'master' into contrib/SergeBakharev_ansible_documentation&ApiModule # Conflicts: # Tests/conf.json * disabling guardrails false positive * adding creds support for hcould Co-authored-by: SergeBakharev <[email protected]> Co-authored-by: roysagi <[email protected]> Co-authored-by: rsagi <[email protected]> * [Marketplace Contribution] SendGrid - Content Pack Update (#14350) (#14507) * "contribution update to pack "SendGrid"" * pack resubmitted * pack resubmitted * pack resubmitted * fix cr * fix cr * Update RN Co-authored-by: bachen <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: bachen <[email protected]> * Incidents test playbook (#13848) * adding scripts * changes * adding test * adding using instance * fixed test * changed health ckeck script * new playbook * changing the playbook * new playbook * new playbook * changed playbook and added new scripts from indicators pr * fixed typo * added one more fetch incidents integraion * changes from demo * fixes from cr * Apply suggestions from code review Co-authored-by: Dan Tavori <[email protected]> * added release notes * adding test to test-conf * added readme * Update VerifyEnoughIncidents.yml * Update 1_2_2.md * Update VerifyEnoughIncidents.yml * changed test conf * changed VerifyContextFieldsList to VerifyObjectFieldsList * save little changes * Update README.md Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Richard Bluestone <[email protected]> * Deprecated microsoft policy and compliance playbooks (#14378) * Deprecated Azure and office365 playbooks, moving them to other pack. * Updated release notes * Updated release notes * Wildfire polling enhancement (#13857) * polling command * report context * report context * report context * report context * report context * report context * UT * UT * Common Objects * Common Objects * deprecated: true * upload assertment * upload assertment * TPB * rn * UT * lint * validtae * validtae * Delete lolo.xml * Update Palo_Alto_Networks_WildFire_v2.yml Done. * Update 1_4_0.md Done. * RN * yml fix * Update Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.py Co-authored-by: Shai Yaakovi <[email protected]> * RN * server logs * server logs * server logs * server logs * TPB * TPB * TPB * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * fix sha256 * fix sha256 * fix sha256 * fix sha256 * fix sha256 * Merge branch 'master' into upload_list_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * fstring fix Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: yaakovi <[email protected]> * [Marketplace Contribution] ConvertTimezoneFromUTC (#14512) * "pack contribution initial commit" (#14384) * fixed validate & lint * Update Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py * Update Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: cshayner <[email protected]> Co-authored-by: ChanochShayner <[email protected]> * fix typo (#14516) * QRadar enhance ip commands (#14500) * added support for ip arguments * added args to readme * Added rn * small fixes to filter query * reverted commenting * Update Packs/QRadar/ReleaseNotes/2_0_22.md Co-authored-by: roysagi <[email protected]> * Update Docker Image To demisto/python3 (#14481) * Updated Metadata Of Pack KasperskySecurityCenter * Added release notes to pack KasperskySecurityCenter * Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.yml Docker image update * Updated Metadata Of Pack Shodan * Added release notes to pack Shodan * Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml Docker image update * Adding TPB of Kaspersky Security Center * Updated Metadata Of Pack KasperskySecurityCenter * Fixed build * Added dbotscore to ip command + added readme file that was missing * added dbotscore outputs to readme * deleted use-case empty section * removed unnecessary ignore * Fixed cr comments * added response_type to login Co-authored-by: sberman <[email protected]> * Upload list content item (#14464) * removed the gke tag from run-validations job * adding list item * adding list item * widget fix * testing * testing * testing * testing * typo fix * revert testing changes * revert testing changes * revert testing changes * Update Docker Image To demisto/python3 (#14522) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Integrations/FeedExpanse/FeedExpanse.yml Docker image update * Content mgmt bug fixes (#14459) * bug fixes * bug fixes * rn * metadata * Update pack_metadata.json * Update Packs/ContentManagement/ReleaseNotes/1_0_3.md Co-authored-by: roysagi <[email protected]> * Typo fix constnats upload (#14525) * fix typo * fix typo * fix typo * Update Docker Image To demisto/chromium (#14523) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update * Fixed conflicts Co-authored-by: sberman <[email protected]> Co-authored-by: Shelly Berman <[email protected]> * ParseEmailFiles - added code for multiple mime encoding (#14076) * added code for multiple encoding * added code for multiple encoding - rn tests * added code for multiple encoding - rn tests * added code for multiple encoding - rn tests * docker * rn * add replace logic * add replace logic * meta data * fix test * lint * fix * rn * added default and force arguments, added a verification null bytes not on encoded string * rn * change debug * add debug * update * update * Update Docker Image To demisto/python3 (#14532) * Updated Metadata Of Pack Armis * Added release notes to pack Armis * Packs/Armis/Integrations/Armis/Armis.yml Docker image update * Updated Metadata Of Pack AttackIQFireDrill * Added release notes to pack AttackIQFireDrill * Packs/AttackIQFireDrill/Integrations/AttackIQFireDrill/AttackIQFireDrill.yml Docker image update * Updated Metadata Of Pack BPA * Added release notes to pack BPA * Packs/BPA/Integrations/BPA/BPA.yml Docker image update * Updated Metadata Of Pack Barracuda * Added release notes to pack Barracuda * Packs/Barracuda/Integrations/BarracudaReputationBlockListBRBL/BarracudaReputationBlockListBRBL.yml Docker image update * Updated Metadata Of Pack BastilleNetworks * Added release notes to pack BastilleNetworks * Packs/BastilleNetworks/Integrations/BastilleNetworks/BastilleNetworks.yml Docker image update * Updated Metadata Of Pack BitDam * Added release notes to pack BitDam * Packs/BitDam/Integrations/BitDam/BitDam.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack BluelivThreatCompass * Added release notes to pack BluelivThreatCompass * Packs/BluelivThreatCompass/Integrations/BluelivThreatCompass/BluelivThreatCompass.yml Docker image update * Updated Metadata Of Pack BluelivThreatContext * Added release notes to pack BluelivThreatContext * Packs/BluelivThreatContext/Integrations/BluelivThreatContext/BluelivThreatContext.yml Docker image update * Updated Metadata Of Pack Bonusly * Added release notes to pack Bonusly * Packs/Bonusly/Integrations/Bonusly/Bonusly.yml Docker image update * Updated the Microsoft Graph API README (#14368) * Updated the Microsoft Graph API README Added the authorization process commands - msgraph-api-auth-start, msgraph-api-auth-complete, msgraph-api-test * Update Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/README.md Co-authored-by: Itay Keren <[email protected]> Co-authored-by: Itay Keren <[email protected]> Co-authored-by: ikeren <[email protected]> * Whois integration connectivity issue (#14519) * test to recreate the bug * bug fixed * validate fix * RN * Update Packs/Whois/ReleaseNotes/1_2_4.md Co-authored-by: Itay Keren <[email protected]> * fixed proxy params in test. Added more info to the proxy section in additional info * Update Packs/Whois/Integrations/Whois/Whois.yml Co-authored-by: Itay Keren <[email protected]> * skip tests * Revert "skip tests (#14455)" This reverts commit 61bfafb9 * Indian domain test * Indian domain fix * rn * Update Packs/Whois/ReleaseNotes/1_2_5.md Co-authored-by: Itay Keren <[email protected]> * checking for in tld in playbook-Whois-Test.yml Co-authored-by: Itay Keren <[email protected]> * Added several commands to Darktrace integration (#13905) (#14537) * Added several commands to darktrace * Update Darktrace.yml * lint fixes * Update Darktrace.py * lint fixes * Added readme, and changed some details on the outp * Added example commands * Added additional details in readme-file * lint fix * Updated command argument desc. * upgrade the docker image * upgrade docker image * bump version * Added release notes * added outputs * Added tests for alle commends with output * Added a single iteration to skip the first result * removed all instances of add-comment * Added outputs_key_field * Added secrets to ignore * Update Packs/Darktrace/Integrations/Darktrace/README.md Co-authored-by: Yaakov Praisler <[email protected]> * Update Packs/Darktrace/Integrations/Darktrace/README.md Co-authored-by: Yaakov Praisler <[email protected]> * fix test * lint fix * Updated docs * lint fix * lint fix Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: Solli <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> * Update README.md (#14540) * Update README.md (#14538) * update README.md Co-authored-by: Dorin-PM <[email protected]> Co-authored-by: abaumgarten <[email protected]> * Add Edit and Pin commands to SlackV3 (#14372) * Add Edit and Pin commands to SlackV3 * Alexa v2 (#14072) Added alexa v2 intgeration * Unit42 sub-techniques (#14524) * add parent to the sub thecnique name * remove unrelated files * RN * version * version * Add UTs * Fix UT * Phishing - fixing dt + updating EWS/Gmail mappers (#14498) * Strip labels and fix mail body dt script. * Strip labels and fix mail body dt script. * Adding fields to EWS mapper * Fix dt on main playbook v5 * Changing Playbook inputs on "Process Email - Generic" from labels to fields * Adding fields to Gmail mapper * fixing EWS mapper name * Phishing release notes * Gmail release notes * EWS release notes * fixing EWS mapper id * fix playbook id * fix dt * revert field to label in V6 playbook * revert playbook inputs fields to labels in process email generic playbook * release notes * minor fix * Update 2_4_1.md Co-authored-by: Richard Bluestone <[email protected]> * Added new transformer script - StringToArray (#14536) * Added new transformer script * Added rn + bumped version and fixed linting * Fixed import * Fixed cr's and added tpb * Added test to yml * changed uuid to transformer name in tpb * upload_code_coverage_report.py, initial add (#14302) * upload_code_coverage_report.py, initial add * Formatted file * upload code coverage report in nightly * Update .gitlab/ci/global.yml Co-authored-by: eli sharf <[email protected]> * fix syntax * fix script * fixup! fix script * upload_code_coverage_report.py, initial add * Formatted file * upload code coverage report in nightly * Update .gitlab/ci/global.yml Co-authored-by: eli sharf <[email protected]> * fix syntax * fix script * fixup! fix script * fixup! fixup! fix script * fix * final fix * improve * fixup! improve * Undelete line * Rearrange erinstated lines * Unit test * Test files * Format file * Pythonify * Format * Update Utils/upload_code_coverage_report.py Co-authored-by: Shai Yaakovi <[email protected]> * Use Tuple instead of Dict * Format file Co-authored-by: eli sharf <[email protected]> Co-authored-by: esharf <[email protected]> Co-authored-by: Shai Yaakovi <[email protected]> * [Marketplace Contribution] Palo Alto Networks Cortex XDR - Investigation and Response - Content Pack Update (#14550) * "contribution update to pack "Palo Alto Networks Cortex XDR - Investigation and Response"" (#14505) * fixed * fixed Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: abaumgarten <[email protected]> * AlienVault USM - handle alarms with timestamp_occured (#14542) * add test for alarm with timestamp_occured * use timestamp_occured as incident occurred time * Update Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py Co-authored-by: Bar Katzir <[email protected]> * Update Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py Co-authored-by: Bar Katzir <[email protected]> Co-authored-by: Bar Katzir <[email protected]> * Microsoft Graph Mail incoming mapper (#14468) * new mapper + release notes * Adding more fields * removed the use-cases from all ansible packs (#14555) * change channels:write to channels:manage scope SlackV3 (#14556) * Cisco Umbrella Investigate - handle empty emails list returned in the domain command (#14541) * add google.com to domain cmd test * add support for multiple domains * pass emails list instead of dict to tbtomd * adjust test playbook * build output per domain * ignore type hint * set isArray to true and add note about multiple domains to rn * CommonServerPython - check if session exist before trying to close it (#14526) * Cortex XDR - handle already blacklisted files (#14552) * test blacklist-files * handle err returned in case file already blacklistedd * verify res is dict * revert 3_0_25.md * revert 3_0_25.md * CrowdStrike API Integration (#12335) * crowdstrike api integration initial commit * call handle_proxy * Update CrowdStrikeAPI.yml Done. * Update CrowdStrikeAPI.yml Done. * Update CrowdStrikeAPI_description.md Done. * Update README.md Done. * Update README.md Done. * bump docker image tag * gco * add test data * fix test data filename * bump docker image tag * autopep8 * ignore E501 * rm config json * add readme * improve docs Co-authored-by: ShirleyDenkberg <[email protected]> * Zscaler - handle returned URLs protocols (#14529) * replace res urls from given ones * add rn * improve condition for matching url * Symantec DLP - fix handling of fetch limit (#14561) * test fetch incidents with limit less than num of dlp incidents returned * fix fetch limit handling * fix W293 * fix W293 * PP rule support (#14470) * pp rule support * testing * fix name * testing * typo fix * revert testing changes * revert testing changes * revert testing changes * fix typo * scheme verification * Merge branch 'master' into upload_preprocessing_rule_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * Merge branch 'master' into upload_preprocessing_rule_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * added login to gcp, fixed a default argument (#14331) * replaced the contrib checkout to use github api (#13676) * replaced the contrib checkout to use GitHub REST API * update UT Co-authored-by: esharf <[email protected]> * Thycotic dsv (#14475) * Thycotic dsv (#11589) * Init revision * Init revision * Add integration Thycotic Secret Server * Delete comment block * Add TestPlaybook * Modify Tests/conf.json Delete error files * Delete file * Add Test Playbook * Update Packs/Thycotic/TestPlaybooks/Thycotic-Test.yml Co-authored-by: Bar Katzir <[email protected]> * Update Tests/conf.json Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Thycotic/pack_metadata.json Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Thycotic/pack_metadata.json Co-authored-by: Bar Katzir <[email protected]> * Change support contacts * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <[email protected]> * Change description for output parameters * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <[email protected]> * Fix * Change exception message for command test_command * Change description, add version Secret Server * Add param proxy * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <[email protected]> * Generate documentation for integration * Change version for Secret Server in documentation * Add param verify to class Client * Add files via upload * Add files via upload * Add files via upload * Updated Thycotic Integration * Delete conf.json * Regenerate Thycotc-Test * Update Thycotic_test.py * Update Thycotic.yml * Update pack_metadata.json Change tags * Update README.md * Update conf.json * Update pack_metadata.json * Update Thycotic.yml Change description * Update Thycotic.py Change test_module * Update Thycotic.py Fix syntax error * Update Thycotic_test.py Fix UT * Modify test command fetch-credential * running format * Add files via upload Change description * Update Thycotic_description.md * Update Thycotic_description.md * Add files via upload Updated description for output paramets * Init release for Thycotic DevOps Storage Vault * Change description * Fixed errors in descriptions. * Fixed * Add files via upload * Fixed * Add files via upload * Add files via upload * Fix description * Add files via upload * Add files via upload * Fixed * Add files via upload * Add files via upload * Add files via upload * Delete ThycoticDSV.yml * Add files via upload * Delete ThycoticDSV.py * Delete ThycoticDSV.yml * Delete Packs/Thycotic directory * Update pack_metadata.json * Update descriptions * Update descriptions * Fix * Markdown output Co-authored-by: Bar Katzir <[email protected]> Co-authored-by: Guy Keller <[email protected]> Co-authored-by: guykeller <g12k34ppp> * fixing docs * added author image Co-authored-by: Andrey Nikolaev <[email protected]> Co-authored-by: Bar Katzir <[email protected]> Co-authored-by: Guy Keller <[email protected]> Co-authored-by: guykeller <g12k34ppp> * Splunk Fixes (#14568) * fixed an issue in the outgoing mapper, fixed an issue in update-remote-system command * improved documentation * version bump * cr fixes * Fix Get endpoint details - Generic playbook (#14569) * fix_playbook * fix task * Fix RN * upload new image * update image link * Update 2_0_3.md Done. Co-authored-by: ShirleyDenkberg <[email protected]> * LogsignSiem Pack PR (#14565) * LogsignSiem Pack PR (#13875) * created logsignsiem pack * added logsignsiem classifiers mapper files and deleted dockerfile * fixed [PA126] validation warning * fixed some description in yaml file * deleted override http_request method and updated unittests * fixed last_fetch parameter and updated tests * removed unused variable * fixed logsignsiem api description * fixed logsignsiem api description * added query parameter and help section and fixed get-columns-query on api * fixed unittest func name * fixed Flake8 error * Update Packs/LogsignSiem/README.md * deleted logsign-get-incident method, added default param to query * rm integration setup from detailed desc * set default classifier and mapper Co-authored-by: Itay Keren <[email protected]> * add author_image Co-authored-by: Kerem <[email protected]> Co-authored-by: Itay Keren <[email protected]> Co-authored-by: ikeren <[email protected]> * Update Docker Image To demisto/python3 (#14558) * Updated Metadata Of Pack C2sec * Added release notes to pack C2sec * Packs/C2sec/Integrations/C2sec/C2sec.yml Docker image update * Updated Metadata Of Pack CTIX * Added release notes to pack CTIX * Packs/CTIX/Integrations/CTIX/CTIX.yml Docker image update * Updated Metadata Of Pack CVESearch * Added release notes to pack CVESearch * Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml Docker image update * Updated Metadata Of Pack CarbonBlackProtect * Added release notes to pack CarbonBlackProtect * Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml Docker image update * Updated Metadata Of Pack CentrifyVault * Added release notes to pack CentrifyVault * Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml Docker image update * Updated Metadata Of Pack Cherwell * Added release notes to pack Cherwell * Packs/Cherwell/Integrations/Cherwell/Cherwell.yml Docker image update * Updated Metadata Of Pack CiscoESAIronPortEmailAPI * Added release notes to pack CiscoESAIronPortEmailAPI * Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml Docker image update * Updated Metadata Of Pack CiscoEmailSecurity * Added release notes to pack CiscoEmailSecurity * Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml Docker image update * Updated Metadata Of Pack Claroty * Added release notes to pack Claroty * Packs/Claroty/Integrations/Claroty/Claroty.yml Docker image update * Updated Metadata Of Pack CloudConvert * Added release notes to pack CloudConvert * Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml Docker image update * Added dbotscore outputs to yml and readme Co-authored-by: sberman <[email protected]> * IAM Group Sync - Slack & Okta (#13550) * changes * fixes and changes * fixes and changes * RN * remove test functions * lint * fix * fix * command result * fix * fix * changes * Merge branch 'master' into slack-iam # Conflicts: # Packs/Okta/ReleaseNotes/2_2_2.md # Packs/Slack/ReleaseNotes/2_1_2.md * in progress * some minor changes * RN conflicts fix * RN conflicts fix Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * fixing dups and typos (#14578) * fix upload-flow bug in collect_content_items (#14579) * qradar: fix aql link (#13902) Co-authored-by: glicht <[email protected]> * ran update conf script to generate full conf. Deleted from build call to script (#14583) * Prisma Cloud playbooks bug fix (#14511) * Prisma Cloud playbooks bug fix * updated release notes * Edited playbooks structure and added new photos * Updated image names * Added new links to images * Nightly test failure skippings (#14557) * Skipped the following tests: "iDefense_v2_Test", "EWS Mail Sender Test", "McAfee ESM v2 - Test v10.3.0", "AzureADTest", "AWS - IAM Test Playbook", "Feed iDefense Test", "FireEyeNX-Test", "McAfee ESM v2 - Test v10.2.0", "McAfee ESM Watchlists - Test v10.3.0", "McAfee ESM Watchlists - Test v10.2.0", "Microsoft Teams Management - Test" * reverted integration changes * reverted * Skipped the following tests: "Zscaler Test", "palo_alto_panorama_test_pb" * Update from master * Skipped the following tests: "LogRhythm REST test", "Cisco Umbrella Test" * Skipped the following tests: "Cisco Umbrella Test", "LogRhythm REST test" * Skipped the following tests: "Detonate URL - WildFire v2.1 - Test", "LogRhythm REST test" * Skipped the following tests: "Detonate URL - WildFire v2.1 - Test", "LogRhythm REST test" * merge from master * merge from master Co-authored-by: ShahafBenYakir <[email protected]> * ParseEmailFiles - roll back to multiple encoding part (#14585) * roll back * rn * du * test * Update Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py Co-authored-by: yuvalbenshalom <[email protected]> Co-authored-by: yuvalbenshalom <[email protected]> * Update Threat Intel objects and their score (#14587) * Test DONT Merge * Test DONT Merge * test * Add to Threat Intel * Update Threat Intel Objs and Score * remove unrelated files * docker update * CrowdStrike falcon enhancement (#14476) Added new commands for CrowdStrike falcon integration: - ***cs-falcon-create-host-group*** - ***cs-falcon-update-host-group*** - ***cs-falcon-list-host-group-members*** - ***cs-falcon-add-host-group-members*** - ***cs-falcon-remove-host-group-members*** - ***cs-falcon-list-host-groups*** - ***cs-falcon-delete-host-groups*** * Active Directory Query v2 - fixed an issue where group name includes parentheses (#14451) * unskip LogRhythm REST test (#14596) * ArcSight ESM - add the eventFieldsToStringify arg to get-case cmd (#14553) * add the eventFieldsToStringify arg to get-case cmd * fix W293 * rm fieldstostringify and cast to str every large int * fix notes and docs * bump docker image * fix docker image * [Bug] Maltiverse returns error when file command has no proccess_list (#14517) * adding test that fails * replace [] with get * added rn * Update Packs/Maltiverse/ReleaseNotes/1_0_7.md Co-authored-by: Andrew Shamah <[email protected]> * fixed typo in rn * added given when then to test Co-authored-by: Andrew Shamah <[email protected]> * Add markdown images support in sanePdfReport (#14508) * Add markdown images support in sanePdfReport * Verify server object before closing the server * Start markdown server only if demisto version is ge 6.5 * Add markdown server unit test * update sane-pdf-reports image version in RN * Update 1_13_28.md Co-authored-by: yaron-libman <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#14605) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/boto3py3 (#14609) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Update Docker Image To demisto/cyjax (#14607) * Updated Metadata Of Pack FeedCyjax * Added release notes to pack FeedCyjax * Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.yml Docker image update * Fixed fetch to include max fetch + time range as part of api query (#14599) * GitHub Releases List Command (#14480) * added command, yml, unit test * added test file data * added task of new command to TPB * added rn * add README command entry * removed dor username from test data * validation fix * dan cr notes * lint fixes * Added extra check since some eml files where still passing (#14600) * Added extra check since some eml files where still passing (#14545) * Added extra check since some eml files where still passing * - Update metadata - Add releasenotes Co-authored-by: Aviya Baumgarten <[email protected]> * update RN * update RN Co-authored-by: Steven Goossens <[email protected]> Co-authored-by: Aviya Baumgarten <[email protected]> Co-authored-by: abaumgarten <[email protected]> * Update Docker Image To demisto/google-api-py3 (#14608) * Updated Metadata Of Pack GoogleCloudSCC * Added release notes to pack GoogleCloudSCC * Packs/GoogleCloudSCC/Integrations/GoogleCloudSCC/GoogleCloudSCC.yml Docker image update * Update Docker Image To demisto/crypto (#14604) * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Added test to script yml Co-authored-by: sberman <[email protected]> * Microsoft Teams bug fixes and improvements (#14548) * Microsoft Teams bug fixes and improvements (#14543) * Add support for full width * Add support for Informational threshold * Fix bug with auto_notifications * Update release notes * Change default for 'auto_notifications' to false * changed parameter to be disable instead of enable * Update readme * possible test fixes * lint fixes for severity to float Co-authored-by: tneeman <[email protected]> * cr fixes * added microsoft teams TPB to conf json, although skipepd (for validation) Co-authored-by: Paul D <[email protected]> Co-authored-by: tneeman <[email protected]> * Update Docker Image To demisto/python3 (#14602) * Updated Metadata Of Pack C2sec * Added release notes to pack C2sec * Packs/C2sec/Integrations/C2sec/C2sec.yml Docker image update * Updated Metadata Of Pack CTIX * Added release notes to pack CTIX * Packs/CTIX/Integrations/CTIX/CTIX.yml Docker image update * Updated Metadata Of Pack CVESearch * Added release notes to pack CVESearch * Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml Docker image update * Updated Metadata Of Pack CarbonBlackProtect * Added release notes to pack CarbonBlackProtect * Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml Docker image update * Updated Metadata Of Pack CentrifyVault * Added release notes to pack CentrifyVault * Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml Docker image update * Updated Metadata Of Pack Cherwell * Added release notes to pack Cherwell * Packs/Cherwell/Integrations/Cherwell/Cherwell.yml Docker image update * Updated Metadata Of Pack CiscoESAIronPortEmailAPI * Added release notes to pack CiscoESAIronPortEmailAPI * Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml Docker image update * Updated Metadata Of Pack CiscoEmailSecurity * Added release notes to pack CiscoEmailSecurity * Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml Docker image update * Updated Metadata Of Pack Claroty * Added release notes to pack Claroty * Packs/Claroty/Integrations/Claroty/Claroty.yml Docker image update * Updated Metadata Of Pack CloudConvert * Added release notes to pack CloudConvert * Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml Docker image update * Added dbotscore outputs to yml and readme * Updated Metadata Of Pack APIVoid * Added release notes to pack APIVoid * Packs/APIVoid/Integrations/APIVoid/APIVoid.yml Docker image update * Updated Metadata Of Pack AlienVault_OTX * Added release notes to pack AlienVault_OTX * Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.yml Docker image update * Updated Metadata Of Pack Anomali_Enterprise * Added release notes to pack Anomali_Enterprise * Packs/Anomali_Enterprise/Integrations/Anomali_Enterprise/Anomali_Enterprise.yml Docker image update * Updated Metadata Of Pack AnsibleTower * Added release notes to pack AnsibleTower * Packs/AnsibleTower/Integrations/AnsibleTower/AnsibleTower.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update Co-authored-by: sberman <[email protected]> * Update FortiAuthenticator with fixes and enhancements (#14590) * Update FortiAuthenticator with fixes and enhancements (#14430) * Create 1.0.1.md release notes for updates. * Update README.md updated for additional command arguments * Update FortiAuthenticator.yml updated with additional arguments to existing commands * Update FortiAuthenticator.py code update for adding additional arguments to existing commands * Update pack_metadata.json * Update FortiAuthenticator.py * Update FortiAuthenticator.yml * Update FortiAuthenticator.py * Create 1_0_1.md * Delete 1.0.1.md * Update Packs/FortiAuthenticator/Integrations/FortiAuthenticator/README.md Co-authored-by: yuvalbenshalom <[email protected]> * Update Packs/FortiAuthenticator/ReleaseNotes/1_0_1.md Co-authored-by: yuvalbenshalom <[email protected]> * Apply suggestions from code review Changes per docs-review Co-authored-by: yuvalbenshalom <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> * update docker version * update RN Co-authored-by: Jason Lo <[email protected]> Co-authored-by: yuvalbenshalom <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> * add hello world test (#14611) * remove ownership (#14614) * ironbank enhancements to GitLab integration (#14376) * ironbank enhancements to gitlab integration * cr fixes * changed 'in' arg name to 'scope' * Added pack adoption notice. (#14613) * Added pack adoption notice. (#14612) * Added pack adoption notice. * Apply suggestions from code review Co-authored-by: Aviya Baumgarten <[email protected]> Co-authored-by: Aviya Baumgarten <[email protected]> * update RN Co-authored-by: Kaushal Shah <[email protected]> Co-authored-by: Aviya Baumgarten <[email protected]> Co-authored-by: abaumgarten <[email protected]> * GetIndicatorDBotScoreFromCache - handle KeyError (#14531) * - Fixed an issue where the reliability of the indicator was not defined. * Updated the Docker image * added test playbook which reproduces the issue * fixed test playbook * fixed * update rn * update version * update docker * resolved conflicts * added to conf.json * TwitterSOARx Integration Addition (#14591) * TwitterSOARx Integration Addition (#13994) * Create README.md * Create pack-ignore * Rename pack-ignore to .pack-ignore * Add files via upload * Create .secrets-ignore * Add files via upload * Add files via upload * Add files via upload * Create TwitterSOARx_description.md * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Create delete * Add files via upload * Create delete * Delete delete * Delete delete * Update TwitterSOARx.yml Modified docker image now that the tweepy image has been uploaded * Rename TwitterSOARx.yml to integration-TwitterSOARx.yml * Update TwitterSOARx.py * Update integration-TwitterSOARx.yml * Update TwitterSOARx.py * Update integration-TwitterSOARx.yml * Update TwitterSOARx.py * Update integration-TwitterSOARx.yml * Update TwitterSOARx.py * Update integration-TwitterSOARx.yml * Update Packs/TwitterSOARx/Integrations/integration-TwitterSOARx.yml * Update Packs/TwitterSOARx/Integrations/integration-TwitterSOARx.yml * rm integration- prefix * mv py to dir * mv yml to dir * mv desc to dir * Rename Packs/TwitterSOARx/Integrations/command_examples.txt to Packs/TwitterSOARx/Integrations/Twitter/command_examples.txt * Update Packs/TwitterSOARx/pack_metadata.json * rm title from readme * import csp * handle E0211 and E0213 * Update Twitter.py Removed print statement * Update Twitter.yml * Delete LICENSE Deleted LICENSE file, as per requested by Itay4 * Update Twitter.py * Update Twitter.py * Delete TwitterSOARx_image.png * Add files via upload * Update README.md * Update Twitter.py Added test module, made a couple resolutions to flake errors * Update Twitter.py * Delete TwitterSOARx Testing Documentation.docx * Delete TwitterSOARx Design Document.docx * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py modified test results * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * init client * rm `BaseClient` heritage and `self` from command calls * ignore attr-defined on urllib.parse.quote * rm title from detailed desc * add integration readme * clean pack readme Co-authored-by: Itay Keren <[email protected]> * rename pack dir name Co-authored-by: Christian Brake <[email protected]> Co-authored-by: Itay Keren <[email protected]> Co-authored-by: ikeren <[email protected]> * Threat Intel Report - add fields and improve view (#14564) * add type, status fields and update dashboard * bump to 1.0.1 and add rn * fmt module and add dashboard rn * updated type and layout for test * revert threat actor type changes * sdk 1.4.9 (#14615) * Update dev-requirements-py3.txt * Update dev-requirements-py3.txt Co-authored-by: tomneeman151293 <[email protected]> * Bc support content side (#13924) * added logic, and unit tests * added tests, added docs, moved bc func call * Update Tests/Marketplace/marketplace_services.py Co-authored-by: Guy Freund <[email protected]> * freund requests * fixed typos, fixed validate failures * flake8 fixes line too long * started re-adding BC logic * added tests * added the files to git * indents * fix failures * fixed another test failure * Update Tests/Marketplace/release_notes_bc_calculator.py Co-authored-by: Noy-Maimon <[email protected]> * Update Tests/Marketplace/release_notes_bc_calculator.py Co-authored-by: Noy-Maimon <[email protected]> * added renaming of var * filtered from modified the json files in ReleaseNotes * freund cr fixes * freund cr fixes * deleted added test file. test files were added to mp tests * fix all occurrences of changed naming * dan cr fixes * upload test: edited existing RN * reverted upload test 1 * upload test: new RN without BC * test case 2: RN with BC * added some logs for checks * using custom sdk version to add artifacts support * using custom sdk version to add artifacts support * validating against sdk create artifacts * test case 3: multipe rn, some bc, some not * fixing fraudwatch version * reverted all changes for tests * noy CR fixes Co-authored-by: Guy Freund <[email protected]> Co-authored-by: Noy-Maimon <[email protected]> Co-authored-by: guyfreund <[email protected]> * Azure ad graph fetch (#14352) * Hello Azure AD Pack * Initial commit for AzureADIP * list_risky_users works, list_risks broke? * renamed to AzureADIdentityProtection, added all commands to yml * corrected scope * yaml update * renamed command * code formatting * riskyUserHistory * confirm compromised * dismiss * Generic query_list, passes validation * prettier code * reverted MicrosoftApiModule.yml to master * removed redundant spaces * filter_arguments is optional * Update MicrosoftApiModule.yml added newline to pass validations (no idea why it was removed) * DT * limit default in yml * permission comment * permission comment * OData syntax comment * login instructions in description * country field description * filter description * filter description * removed header, added missing risky-user-list arguments * updated prefix, fixed nextLink parsing, added next_link_description * updated prefix * formatting * formatting * query_list docstrings * separated querying from parsing results, renamed client to AADClient * basic test * parametrized list test * risky users test * risky_users_history_list test * unit tests done * passes linter * moved comment * moved comment * removed resource group (unnecessary) * added first_headers to tableToMd * changed first_headers * first_headers RN * lint fix (e126) * lint fix (126) * redundant `or` * updated beta notice * updated description * fixed RM100 * changed prefix * updated permission notice * filter_arguments now a list * corrected context prefix * corrected context paths * yaml outputs, docs, example_commands * base rn * IPs * fixed tests,removed unused comment * ip * updated userPrincipalName, pack name * Confirm-compromised marked harmful * test playbook * readme * lint: indentations * Test playbook * Test playbook fromversion * CR: return_error message * CR: inherit MSClient * CR: inherit MSClient * docs fix * docs fix * test_list unit test * moved first_headers from CSP to AzureADGraph * reverted CSP changes * lint * lint * header orderˆ * val to obj * "1 results" -> "1 result", improved parse_list tests * corrected id * indentation change * moved @ part to constructor head * fixed name * added auth-complete human-readable to markdown * time argument parsing * time argument parsing * Update AzureADIdentityProtection_description.md * Update AzureADIdentityProtection.yml done * Update AzureADIdentityProtection_description.md done * Update README.md done * Update README.md done * fetch-incidents, initial add * extract method from azure_ad_identity_protection_risk_detection_list for fetch * Fetch configuration * Create incidents * Cleaner code * Fix incident occurred value * IncidentType, initial add * Mapper * Layout * Fixed mapper * incident name * Mapper * Removed test data * Update Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection.yml Co-authored-by: dorschw <[email protected]> * Support fetch pagination * Updated Release Notes * New common incident fields * yml validations * Format * Format * Format * Updated Release Notes * Fixed package name * Align with Pack name * Align pack name * Fix json * Align pack name * Align Pack name * Align Pack name * Test fetch * Test same fetch time * Added missing import * Fix test * Missing var * Unit tests * Unit tests * Classifier keyTypeMap * Cleaner code * Remove unused command * A minor version update * Update Tests/conf.json Co-authored-by: Dean Arbel <[email protected]> * Integration name * Short incident name * Fix test * Fix test * Release notes * Updated release notes * Format release notes Co-authored-by: dschwartz <[email protected]> Co-authored-by: dorschw <[email protected]> Co-authored-by: shannon-holland <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Skipped the following tests: "Domain Enrichment - Generic v2 - Test" (#14626) * Update Docker Image To demisto/zabbix (#14635) * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Update Docker Image To demisto/intezer (#14633) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Update Docker Image To demisto/tesseract (#14632) * Updated Metadata Of Pack ImageOCR * Added release notes to pack ImageOCR * Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml Docker image update * Fireeye ETP - handle unicode chars (#14622) * add test for unicode chars in alert * set system default encoding * Update Packs/FireEyeETP/ReleaseNotes/1_0_4.md Co-authored-by: Bar Katzir <[email protected]> * Update Docker Image To demisto/trustar (#14634) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Packs/TruSTAR/Integrations/TruSTAR_V2/TruSTAR_V2.yml Docker image update * Coverage enforce 2 (#14625) * git * Format code * Fix indentations * Update Docker Image To demisto/greynoise (#14631) * Updated Metadata Of Pack GreyNoise * Added release notes to pack GreyNoise * Packs/GreyNoise/Integrations/GreyNoise/GreyNoise.yml Docker image update * Packs/GreyNoise/Integrations/GreyNoise_Community/GreyNoise_Community.yml Docker image update * Improve stale branch deletion script (#14636) Co-authored-by: avidan-H <> * AlienVault OTX v2 - handle non lower-case URLs and insecure err msg (#14598) * add test for HTTP * handle no status_code and lowercase url * fix url arg passed in the unit test * lowercase url protocol * adjust test * adjust readme * fix e731 * add type hints * fix W291 and E305 * fix raise * use non private ip in test * bump to 1.1.8 * Update Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/README.md Co-authored-by: Bar Katzir <[email protected]>…
- Loading branch information
82 people
committed
Nov 15, 2022
1 parent
04b5e3b
commit 0cdb6c0