Incremental feed

VirusTotal · Jul 8, 2024 · dde8cc1 · dde8cc1
1 parent 18e75cb
commit dde8cc1
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 7 deletions.
diff --git a/Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.yml b/Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.yml
@@ -94,16 +94,23 @@ configuration:
   type: 15
   additionalinfo: The Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feed.
   required: false
-description: Use this feed integration to fetch Google Threat Intelligence Categorized Feeds matches.
-display: Google Threat Intelligence Categorized Feeds
-name: Google Threat Intelligence Categorized Feeds
+- additionalinfo: Incremental feeds pull only new or modified indicators that have been sent from the integration. The determination if the indicator is new or modified happens on the 3rd-party vendor's side, so only indicators that are new or modified are sent to Cortex XSOAR. Therefore, all indicators coming from these feeds are labeled new or modified.
+  defaultvalue: 'true'
+  display: Incremental feed
+  hidden: true
+  name: feedIncremental
+  required: false
+  type: 8
+description: Use this feed integration to fetch Google Threat Intelligence Feeds matches.
+display: Google Threat Intelligence Feeds
+name: Google Threat Intelligence Feeds
 script:
   commands:
   - arguments:
     - name: limit
       defaultValue: "40"
       description: The maximum number of results to return.
-    description: Gets the matches from the latest Categorized Feed.
+    description: Gets the matches from the latest Feed.
     name: gti-feed-get-indicators
   - description: "This command will reset your fetch history."
     name: gti-feed-reset-fetch-indicators

diff --git a/Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md b/Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md
@@ -1,4 +1,4 @@
-Use this feed integration to fetch Google Threat Intelligence Categorized Feeds matches. It processes the latest finished job retrieving its matches based on the limit parameter (40 by default) in every fetch until there are no more matches for that job.
+Use this feed integration to fetch Google Threat Intelligence Feeds matches. It processes the latest finished job retrieving its matches based on the limit parameter (40 by default) in every fetch until there are no more matches for that job.
 
 ## Configure Google Threat Intelligence Feeds on Cortex XSOAR
 
@@ -28,7 +28,7 @@ You can execute these commands from the Cortex XSOAR CLI, as part of an automati
 After you successfully execute a command, a DBot message appears in the War Room with the command details.
 ### gti-feed-get-indicators
 ***
-Gets the matches from the latest Categorized Feed.
+Gets the matches from the latest feed.
 
 ### gti-feed-reset-fetch-indicators
 ***
@@ -56,7 +56,7 @@ There is no context output for this command.
 
 #### Human Readable Output
 
-### Indicators from Google Threat Intelligence Categorized Feeds:
+### Indicators from Google Threat Intelligence Feeds:
 |Sha256|Filetype|
 |---|---|---|
 | 80db033dfe2b4e966d46a4ceed36e20b98a13891ce364a1308b90da7ad694cf3 | ELF |