Skip to content

Commit

Permalink
Merge branch 'master' into XSUP_45126_cyberark_identity_update
Browse files Browse the repository at this point in the history
  • Loading branch information
eepstain authored Jan 9, 2025
2 parents 88533e5 + be2ced3 commit 4c1db41
Show file tree
Hide file tree
Showing 239 changed files with 1,217 additions and 680 deletions.
2 changes: 1 addition & 1 deletion .pre-commit-config_template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ repos:
args:
- --ignore=demistomock.py,CommonServerPython.py,CommonServerUserPython.py,conftest.py,.venv
- -E
- --disable=bad-option-value,unsubscriptable-object
- --disable=bad-option-value,unsubscriptable-object,E0601,E0606 # Remove E0601,E0606 after CIAC-11651 is done
- -d duplicate-string-formatting-argument
- "--msg-template='{path}:{line}:{column}: {msg_id} {obj}: {msg}'"
- --generated-members=requests.packages.urllib3,requests.codes.ok
Expand Down
4 changes: 4 additions & 0 deletions Packs/AWS-ACM/ReleaseNotes/1_1_40.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#### Integrations

##### AWS - ACM
Code functionality improvements.
2 changes: 1 addition & 1 deletion Packs/AWS-ACM/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "AWS - ACM",
"description": "Amazon Web Services Certificate Manager Service (acm)",
"support": "xsoar",
"currentVersion": "1.1.39",
"currentVersion": "1.1.40",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
4 changes: 4 additions & 0 deletions Packs/AWS-AccessAnalyzer/ReleaseNotes/1_1_37.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#### Integrations

##### AWS - AccessAnalyzer
Code functionality improvements.
2 changes: 1 addition & 1 deletion Packs/AWS-AccessAnalyzer/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "AWS - AccessAnalyzer",
"description": "Amazon Web Services IAM Access Analyzer",
"support": "xsoar",
"currentVersion": "1.1.36",
"currentVersion": "1.1.37",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
4 changes: 4 additions & 0 deletions Packs/AWS-Athena/ReleaseNotes/2_0_5.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#### Integrations

##### AWS - Athena
Code functionality improvements.
2 changes: 1 addition & 1 deletion Packs/AWS-Athena/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "AWS - Athena",
"description": "Amazon Web Services Athena",
"support": "xsoar",
"currentVersion": "2.0.4",
"currentVersion": "2.0.5",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ def filter_log_events(args, aws_client):
if args.get('limit') is not None:
kwargs.update({'limit': int(args.get('limit'))})
if args.get('interleaved') is not None:
kwargs.update({'interleaved': True if args.get('interleaved') == 'True' else False})
kwargs.update({'interleaved': args.get('interleaved') == 'True'})

response = client.filter_log_events(**kwargs)
for event in response['events']:
Expand Down Expand Up @@ -435,6 +435,7 @@ def main():
retries, sts_endpoint_url=sts_endpoint_url, endpoint_url=endpoint_url)
command = demisto.command()
args = demisto.args()
result = ""

if command == 'test-module':
# This is the call made when pressing the integration test button.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -461,7 +461,7 @@ script:
description: The name of the log group.
type: string
description: Lists the specified metric filters. You can list all the metric filters or filter the results by log name, prefix, metric name, or metric namespace.
dockerimage: demisto/boto3py3:1.0.0.115129
dockerimage: demisto/boto3py3:1.0.0.1894954
tests:
- No Tests
fromversion: 5.0.0
5 changes: 5 additions & 0 deletions Packs/AWS-CloudWatchLogs/ReleaseNotes/1_2_26.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#### Integrations

##### AWS - CloudWatchLogs
- Code functionality improvements.
- Updated the Docker image to: *demisto/boto3py3:1.0.0.1894954*.
2 changes: 1 addition & 1 deletion Packs/AWS-CloudWatchLogs/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "AWS - CloudWatchLogs",
"description": "Amazon Web Services CloudWatch Logs (logs).",
"support": "xsoar",
"currentVersion": "1.2.25",
"currentVersion": "1.2.26",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
4 changes: 4 additions & 0 deletions Packs/AWS-EC2/ReleaseNotes/1_4_17.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#### Integrations

##### AWS - EC2
Code functionality improvements.
2 changes: 1 addition & 1 deletion Packs/AWS-EC2/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "AWS - EC2",
"description": "Amazon Web Services Elastic Compute Cloud (EC2)",
"support": "xsoar",
"currentVersion": "1.4.16",
"currentVersion": "1.4.17",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
4 changes: 4 additions & 0 deletions Packs/AWS-EKS/ReleaseNotes/1_0_7.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#### Integrations

##### AWS-EKS
Code functionality improvements.
2 changes: 1 addition & 1 deletion Packs/AWS-EKS/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "AWS - EKS",
"description": "The AWS EKS integration allows for the management and operation of Amazon Elastic Kubernetes Service (EKS) clusters.",
"support": "xsoar",
"currentVersion": "1.0.6",
"currentVersion": "1.0.7",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
36 changes: 18 additions & 18 deletions Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.py
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ def create_detector(client: "GuardDutyClient", args: dict) -> CommandResults:

if args.get('findingFrequency'):
kwargs['FindingPublishingFrequency'] = FINDING_FREQUENCY[args['findingFrequency']]
get_dataSources = dict()
get_dataSources = {}
if args.get('enableKubernetesLogs'):
get_dataSources.update(
{'Kubernetes': {'AuditLogs': {'Enable': argToBoolean(args['enableKubernetesLogs'])}}})
Expand All @@ -73,7 +73,7 @@ def create_detector(client: "GuardDutyClient", args: dict) -> CommandResults:

def delete_detector(client: "GuardDutyClient", args: dict):
response = client.delete_detector(DetectorId=args.get('detectorId', ''))
if response == dict() or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
if response == {} or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
return f"The Detector {args.get('detectorId')} has been deleted"
else:
raise Exception(f"The Detector {args.get('detectorId')} failed to delete.")
Expand Down Expand Up @@ -118,7 +118,7 @@ def update_detector(client: "GuardDutyClient", args: dict) -> str:

if args.get('findingFrequency'):
kwargs['FindingPublishingFrequency'] = FINDING_FREQUENCY[args['findingFrequency']]
get_dataSources = dict()
get_dataSources = {}
if args.get('enableKubernetesLogs'):
get_dataSources.update(
{'Kubernetes': {'AuditLogs': {'Enable': argToBoolean(args['enableKubernetesLogs'])}}})
Expand All @@ -131,7 +131,7 @@ def update_detector(client: "GuardDutyClient", args: dict) -> str:
kwargs['DataSources'] = get_dataSources

response = client.update_detector(**kwargs)
if response == dict() or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
if response == {} or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
return f"The Detector {args.get('detectorId')} has been updated successfully"
else:
raise Exception(f"Detector {args.get('detectorId')} failed to update. Response was: {response}")
Expand Down Expand Up @@ -167,7 +167,7 @@ def list_detectors(client: "GuardDutyClient", args: dict) -> CommandResults:
def create_ip_set(client: "GuardDutyClient", args: dict):
kwargs: dict[str, Any] = {'DetectorId': args.get('detectorId')}
if args.get('activate') is not None:
kwargs.update({'Activate': True if args.get('activate') == 'True' else False})
kwargs.update({'Activate': args.get('activate') == 'True'})
if args.get('format') is not None:
kwargs.update({'Format': args.get('format')})
if args.get('location') is not None:
Expand All @@ -193,7 +193,7 @@ def delete_ip_set(client: "GuardDutyClient", args: dict):
DetectorId=args.get('detectorId', ''),
IpSetId=args.get('ipSetId', '')
)
if response == dict() or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
if response == {} or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
return f"The IPSet {args.get('ipSetId')} has been deleted from Detector {args.get('detectorId')}"

else:
Expand All @@ -206,15 +206,15 @@ def update_ip_set(client: "GuardDutyClient", args: dict):
'IpSetId': args.get('ipSetId')
}
if args.get('activate'):
kwargs.update({'Activate': True if args.get('activate') == 'True' else False})
kwargs.update({'Activate': args.get('activate') == 'True'})
if args.get('location'):
kwargs.update({'Location': args.get('location')})
if args.get('name'):
kwargs.update({'Name': args.get('name')})

response = client.update_ip_set(**kwargs)

if response == dict() or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
if response == {} or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
return f"The IPSet {args.get('ipSetId')} has been Updated"

else:
Expand Down Expand Up @@ -269,7 +269,7 @@ def list_ip_sets(client: "GuardDutyClient", args: dict) -> CommandResults:
def create_threat_intel_set(client: "GuardDutyClient", args: dict):
kwargs: dict[str, Any] = {'DetectorId': args.get('detectorId')}
if args.get('activate') is not None:
kwargs.update({'Activate': True if args.get('activate') == 'True' else False})
kwargs.update({'Activate': args.get('activate') == 'True'})
if args.get('format') is not None:
kwargs.update({'Format': args.get('format')})
if args.get('location') is not None:
Expand All @@ -296,7 +296,7 @@ def delete_threat_intel_set(client: "GuardDutyClient", args: dict):
DetectorId=args.get('detectorId', ''),
ThreatIntelSetId=args.get('threatIntelSetId', '')
)
if response == dict() or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
if response == {} or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
return f"The ThreatIntel Set {args.get('threatIntelSetId')} has been deleted from Detector {args.get('detectorId')}"
else:
raise Exception(f"Failed to delete ThreatIntel set {args.get('threatIntelSetId')} . Response was: {response}")
Expand Down Expand Up @@ -357,14 +357,14 @@ def update_threat_intel_set(client: "GuardDutyClient", args: dict):
'ThreatIntelSetId': args.get('threatIntelSetId')
}
if args.get('activate'):
kwargs.update({'Activate': True if args.get('activate') == 'True' else False})
kwargs.update({'Activate': args.get('activate') == 'True'})
if args.get('location'):
kwargs.update({'Location': args.get('location')})
if args.get('name'):
kwargs.update({'Name': args.get('name')})
response = client.update_threat_intel_set(**kwargs)

if response == dict() or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
if response == {} or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
return f"The ThreatIntel set {args.get('threatIntelSetId')} has been updated"
else:
raise Exception(f"Failed updating ThreatIntel set {args.get('threatIntelSetId')}. "
Expand Down Expand Up @@ -457,7 +457,7 @@ def parse_finding(finding: "FindingTypeDef") -> Dict[str, Any]:
which is generated when abnormal or suspicious activity is detected.
:return: parsed_finding
"""
parsed_finding: dict = dict()
parsed_finding: dict = {}
parsed_finding['AccountId'] = finding.get('AccountId')
parsed_finding['CreatedAt'] = finding.get('CreatedAt')
parsed_finding['Description'] = finding.get('Description')
Expand Down Expand Up @@ -511,7 +511,7 @@ def get_findings(client: "GuardDutyClient", args: dict) -> dict:


def parse_incident_from_finding(finding: "FindingTypeDef") -> Dict[str, Any]:
incident: dict = dict()
incident: dict = {}
incident['name'] = finding.get('Title')
incident['details'] = finding.get('Description')
incident['occurred'] = finding.get('CreatedAt')
Expand Down Expand Up @@ -646,7 +646,7 @@ def create_sample_findings(client: "GuardDutyClient", args: dict):

response = client.create_sample_findings(**kwargs)

if response == dict() or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
if response == {} or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
return "Sample Findings were generated"
else:
raise Exception(f"Failed to generate findings. Response was: {response}")
Expand All @@ -659,7 +659,7 @@ def archive_findings(client: "GuardDutyClient", args: dict):

response = client.archive_findings(**kwargs)

if response == dict() or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
if response == {} or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
return "Findings were archived"
else:
raise Exception(f"Failed to archive findings. Response was: {response}")
Expand All @@ -672,7 +672,7 @@ def unarchive_findings(client: "GuardDutyClient", args: dict):

response = client.unarchive_findings(**kwargs)

if response == dict() or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
if response == {} or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
return "Findings were unarchived"
else:
raise Exception(f"Failed to archive findings. Response was: {response}")
Expand All @@ -688,7 +688,7 @@ def update_findings_feedback(client: "GuardDutyClient", args: dict):
kwargs.update({'Feedback': argToList(args.get('feedback'))})

response = client.update_findings_feedback(**kwargs)
if response == dict() or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
if response == {} or response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200:
return "Findings Feedback sent!"
else:
raise Exception(f"Failed to send findings feedback. Response was: {response}")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -880,7 +880,7 @@ script:
- contextPath: AWS.GuardDuty.Members.UpdatedAt
description: The time a member was last updated.
type: string
dockerimage: demisto/boto3py3:1.0.0.1865449
dockerimage: demisto/boto3py3:1.0.0.1894954
isfetch: true
runonce: false
script: '-'
Expand Down
8 changes: 8 additions & 0 deletions Packs/AWS-GuardDuty/ReleaseNotes/1_3_57.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#### Integrations

##### AWS - GuardDuty Event Collector
Code functionality improvements.

##### AWS - GuardDuty
- Code functionality improvements.
- Updated the Docker image to: *demisto/boto3py3:1.0.0.1894954*.
2 changes: 1 addition & 1 deletion Packs/AWS-GuardDuty/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "AWS - GuardDuty",
"description": "Amazon Web Services Guard Duty Service (gd)",
"support": "xsoar",
"currentVersion": "1.3.56",
"currentVersion": "1.3.57",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
Loading

0 comments on commit 4c1db41

Please sign in to comment.