Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Google Threat Intelligence] Add curated commands and improve polling commands #111

Closed
wants to merge 369 commits into from

Conversation

pabloperezj
Copy link

Contributing to Cortex XSOAR Content

Make sure to register your contribution by filling the contribution registration form

The Pull Request will be reviewed only after the contribution registration form is filled.

Status

  • In Progress
  • Ready
  • In Hold - (Reason for hold)

Related Issues

fixes: link to the issue

Description

A few sentences describing the overall goals of the pull request's commits.

Must have

  • Tests
  • Documentation

@pabloperezj pabloperezj requested a review from danipv June 3, 2024 14:57
Copy link

@danipv danipv left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Let's keep this branch opened to add more feature requests.

pabloperezj and others added 28 commits June 19, 2024 11:38
…ams (demisto#34912)

* cisco webex rename integration context

* change the access token to body

* add ut and rn

* fix import

* fix ut

* docker

* fix RN
* use expandtoken

* expand token in mirror

* update docker
…to#34931)

* [sane-pdf-reports] - assign markdown server port automatically

* bump rn

* rollback changes

* log on which port markdown server started

* pragma cover

* run time error

* pragma

* fix test
* added logs

* reverted yml

* edit

* fix

* added rn

* updated do

* edit

* added log

* added log

* log rewrite

---------

Co-authored-by: Danny_Fried <[email protected]>
* fixed parsing events from api

* fix

* added rn

* fix

* fix

* fixes

* fixes

* added rn

* updated do

* pre-commit edits

* Update Packs/DigitalGuardian/ReleaseNotes/1_1_5.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DigitalGuardian/ReleaseNotes/1_1_5.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* fixes

* made a change for the unit test

* edit

* added fixes for unittests

* fixed do

---------

Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: Content Bot <[email protected]>
Co-authored-by: israelpoli <[email protected]>
* Added new command

* enhance endpoint command

* Readme

* release notes

* pre commit

* pre commit

* fix yml

* format

* rn

* remove the dev

* Build

* fix yml

* fix yml

* generate docs

* test description

* readme

* little fixes

* fixes

* fixes

* fixes

* code review fixes

* fix yml

* format

* remove the dev

* fix yml

* fixes

* /

* code review fixes

* change command's name

* more fixes

* add documentation

* more code review fixes

* more fixes

* Update Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/MicrosoftDefenderAdvancedThreatProtection.py

* added 'Dev' to name of integration

* /

* pre commit

* Build effort

* release notes

* rebuild

* fix

---------

Co-authored-by: Jasmine Beilin <[email protected]>
Co-authored-by: yrosenberg <[email protected]>
* Added backslashes handling to drilldown enrichment

* Added comment + pre commit fixes

* Fixed unit test

* Added a test

* fix test

* Handled splunk variables that were surrounded by quotation marks in the original query

* precommit fixes

* Added RN file

* Fixed Typo

* Removed redundant logs

* Removed unnecessary logs

* Delete unnecessary variable

* delete RN file

* Update the RN files
…emisto#34967)

* Fixed an issue where test button failed with un informative error.

* Bumped the docker image
* Added skip

* pack-ignore

* BC

* Update Packs/CommonScripts/ReleaseNotes/1_15_13.json

Co-authored-by: dorschw <[email protected]>

* Moved to known words

* Update Packs/CommonScripts/ReleaseNotes/1_15_13.md

Co-authored-by: dorschw <[email protected]>

* Fixed RNs

---------

Co-authored-by: dorschw <[email protected]>
* [CSP] Fixed issue uploading large files

* Add 'if files'

* Replace from BaseClient to generic_http_request

* Update Packs/Base/ReleaseNotes/1_34_14.md

Co-authored-by: tkatzir <[email protected]>

* Update Packs/Base/Scripts/CommonServerPython/CommonServerPython.py

Co-authored-by: Binat Ziser <[email protected]>

* Update 1_34_14.md

---------

Co-authored-by: tkatzir <[email protected]>
Co-authored-by: Binat Ziser <[email protected]>
* Fixed an issue where the authentication would use a deprecated app id
* fix attached email decode

* CreateEmailHtmlBody add support for alert in XSIAM

* fix script

* RN

* Cr fixes

* FIX

* revert

* doc fixes

* conflicts
* proofpoint tap most attcked users widget

* proofpoint tap top clickers widget fix

* added a main function

* RN

* autopep8

* bumped the docker image

* RN

* commit

* fine tune

* pre commit fixes
…misto#34255)

* pydantic image and fixes

* use prod image

* RN

* RN

* RN

* bump api-dependent images

* bump pydantic: BoxEventsCollector

* add type hint

* fix

* bump minor versions

* fix dict

* add trailing period

* Bump pack from version Mimecast to 2.4.0.

---------

Co-authored-by: Content Bot <[email protected]>
* fix converting a response to json

* dict not response

* remove UTs

* RN

* final fix

* UT

* edit UT

* UT

* RN

* pre commit

---------

Co-authored-by: yrosenberg <[email protected]>
* changed insecure

* Update Packs/OpenCTI/ReleaseNotes/1_0_12.json

Co-authored-by: Dean Arbel <[email protected]>

---------

Co-authored-by: Dean Arbel <[email protected]>
* Get Content Roles from Blob

* Update content_roles.json

* revert content roles changes

* add retrieval from fs as backup

* organize imports

* created const for roles filename

* fix precommit

* use consts for ut class

* use git instead of rel dirs to resolve path to content roles json file

* rm unneeded var when getting blob
…rsed correctly (demisto#34862)

* test

* bla

* [SanePDFReport] - fix large logos

* docker-image

* bump rn

* pre-commit-shit

* docker image

* bump rn
…roring. (demisto#34868)

* added using data and not only delta

* blank line

* rn

* rn

* rn
dependabot bot and others added 4 commits July 9, 2024 15:06
Bumps [google-cloud-compute](https://github.com/googleapis/google-cloud-python) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/googleapis/google-cloud-python/releases)
- [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md)
- [Commits](googleapis/google-cloud-python@google-cloud-compute-v1.19.0...google-cloud-compute-v1.19.1)

---
updated-dependencies:
- dependency-name: google-cloud-compute
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Skip python2 not supported test
…#35332)

* Patching ASM files

* read me fix

* add description

* fixes

* fixes

* fixes

* updated version

* updated version

* core pack dependency

* added misc suggestions

* added misc suggestions

Co-authored-by: Chait A <[email protected]>
* fix-ews-get-attachment

* add RN

* rn
Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Outdated Show resolved Hide resolved
Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Outdated Show resolved Hide resolved
Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Outdated Show resolved Hide resolved
karinafishman and others added 24 commits July 9, 2024 20:04
* added the relevant script to the metrics

* added rn

* fix

* pre commit

* fix

* updated RN after revert

* Update Packs/CommonDashboards/ReleaseNotes/1_7_4.md

Co-authored-by: Sasha Sokolovich <[email protected]>

---------

Co-authored-by: Sasha Sokolovich <[email protected]>
* fix modify edl playbook

* added rn

* fixes

* add type to set incident

* fixes

* Update Packs/EDL/Playbooks/Modify_EDL.yml

* Update Packs/EDL/Playbooks/Modify_EDL.yml

* fix

* fix

* fix

* fix

* fix

* fix
* support for zimperium v2

* RN

* update mapper

* rn conflict

* update docker ver
* moved doc files

* relocate

* relocate

* update readme

* update dockers

* added rn

* fixes
* ipv6 fix

* docker

* RN

* RN

* Bump pack from version CommonScripts to 1.15.23.

* Bump pack from version CommonScripts to 1.15.24.

* tests playbook

* Update Packs/CommonScripts/ReleaseNotes/1_15_24.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CommonTypes/ReleaseNotes/3_5_7.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* pb fix

* Bump pack from version CommonScripts to 1.15.25.

---------

Co-authored-by: Content Bot <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
…emisto#35344)

* Updated docker image to demisto/ansible-runner:1.0.0.102086. PR batch #1/1 (demisto#35324)

* Updated docker image to demisto/chromium:126.0.6478.102778. PR batch #1/1 (demisto#35325)

* Update release notes
…demisto#35346)

* demisto/powershell:7.4.0.80528 | 0-100 | PR batch #1/1 (demisto#35333)

* Updated docker image to demisto/powershell:7.4.0.80528. PR batch #1/1

* fixes

---------

Co-authored-by: [email protected] <[email protected]>

* demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #2/2 (demisto#35335)

* Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #2/2

* fixes

---------

Co-authored-by: [email protected] <[email protected]>

* demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #1/2 (demisto#35334)

* Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #1/2

* fixes

* fix

* fix

---------

Co-authored-by: [email protected] <[email protected]>

* Updated docker image to demisto/python3-deb:3.11.9.102626. PR batch #1/1 (demisto#35336)

* Update release notes

---------

Co-authored-by: [email protected] <[email protected]>
* fixed an issue with 404 error status code

* added rn

* Update Packs/Tenable_io/ReleaseNotes/2_2_5.md
* Test for CIAC 10315

* Test for CIAC 10315

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706

* Ciac 9706
…demisto#35352)

* Replace PopularNews docker image to demisto/bs4-py3

* Update RN
* sort xdm fields

* sort schema fields

* enrich modeling rules

* update release notes

* fix release notes

* fix schema

* update schema

* fixes and refactoring

* fix schema

* remove source application mapping

* update release-notes

* update release-notes

* update README.md

* reformat fields on release notes

* concise release note

* fix schema
…igence/GoogleThreatIntelligence.py

Co-authored-by: israelpoli <[email protected]>
…igence/GoogleThreatIntelligence.py

Co-authored-by: israelpoli <[email protected]>
…igence/GoogleThreatIntelligence.py

Co-authored-by: israelpoli <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.