From 97522a70250c0a89f8f008849ea25f319d5fb4b2 Mon Sep 17 00:00:00 2001 From: rshunim Date: Sun, 25 Jun 2023 12:13:59 +0300 Subject: [PATCH 1/8] hide widgets --- .../GetLargestInputsAndOuputsInIncidents.yml | 1 + .../GetLargestInvestigations/GetLargestInvestigations.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.yml b/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.yml index 5778c21fc87b..3dbb5bf200d8 100644 --- a/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.yml +++ b/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.yml @@ -40,6 +40,7 @@ commonfields: name: GetLargestInputsAndOuputsInIncidents script: '-' subtype: python3 +enabled: false system: false tags: - widget diff --git a/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.yml b/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.yml index b0fc418e9e21..fcf409c063e1 100644 --- a/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.yml +++ b/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.yml @@ -40,6 +40,7 @@ commonfields: name: GetLargestInvestigations script: '-' subtype: python3 +enabled: false system: false tags: - widget From a762f8f1265bd8936865256012167159ad466899 Mon Sep 17 00:00:00 2001 From: rshunim Date: Sun, 25 Jun 2023 12:21:34 +0300 Subject: [PATCH 2/8] BC --- Packs/CommonWidgets/ReleaseNotes/1_2_23.json | 1 + Packs/CommonWidgets/ReleaseNotes/1_2_23.md | 10 ++++++++++ Packs/CommonWidgets/pack_metadata.json | 2 +- 3 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 Packs/CommonWidgets/ReleaseNotes/1_2_23.json create mode 100644 Packs/CommonWidgets/ReleaseNotes/1_2_23.md diff --git a/Packs/CommonWidgets/ReleaseNotes/1_2_23.json b/Packs/CommonWidgets/ReleaseNotes/1_2_23.json new file mode 100644 index 000000000000..cd8241b47ff0 --- /dev/null +++ b/Packs/CommonWidgets/ReleaseNotes/1_2_23.json @@ -0,0 +1 @@ +{"breakingChanges":true,"breakingChangesNotes":"These widgets will no longer be accessible: GetLargestInputsAndOutputsInIncidents and GetLargestInvestigations"} \ No newline at end of file diff --git a/Packs/CommonWidgets/ReleaseNotes/1_2_23.md b/Packs/CommonWidgets/ReleaseNotes/1_2_23.md new file mode 100644 index 000000000000..a4e54f26ace6 --- /dev/null +++ b/Packs/CommonWidgets/ReleaseNotes/1_2_23.md @@ -0,0 +1,10 @@ + +#### Scripts + +##### GetLargestInvestigations + +- Fixed an issue where the GetLargestInvestigations widget was deprecated, but not hidden. + +##### GetLargestInputsAndOuputsInIncidents + +- Fixed an issue where the GetLargestInputsAndOutputsInIncidents widget was deprecated, but not hidden. \ No newline at end of file diff --git a/Packs/CommonWidgets/pack_metadata.json b/Packs/CommonWidgets/pack_metadata.json index a1585849642c..f9b6f812ec1d 100644 --- a/Packs/CommonWidgets/pack_metadata.json +++ b/Packs/CommonWidgets/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Widgets", "description": "Frequently used widgets pack.", "support": "xsoar", - "currentVersion": "1.2.22", + "currentVersion": "1.2.23", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 26f38fc37f492ffef3c3f4aa264e5b8531eb8d7b Mon Sep 17 00:00:00 2001 From: rshunim Date: Sun, 25 Jun 2023 12:50:56 +0300 Subject: [PATCH 3/8] [known_words] --- Packs/CommonWidgets/.pack-ignore | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Packs/CommonWidgets/.pack-ignore b/Packs/CommonWidgets/.pack-ignore index edde3076bc31..e5a35491c459 100644 --- a/Packs/CommonWidgets/.pack-ignore +++ b/Packs/CommonWidgets/.pack-ignore @@ -1,3 +1,7 @@ [file:MyToDoTasksWidget.yml] ignore=RM109 +[known_words] +GetLargestInvestigations +GetLargestInputsAndOutputsInIncidents + From 2f347f4390db03f0d3e3e5b73440d0f335566b7c Mon Sep 17 00:00:00 2001 From: rshunim Date: Mon, 26 Jun 2023 10:26:01 +0300 Subject: [PATCH 4/8] remove those 2 packs --- Packs/CommonWidgets/ReleaseNotes/1_2_23.md | 4 +- .../GetLargestInputsAndOuputsInIncidents.py | 107 --------------- .../GetLargestInputsAndOuputsInIncidents.yml | 51 ------- ...tLargestInputsAndOuputsInIncidents_test.py | 74 ----------- .../GetLargestInvestigations.py | 121 ----------------- .../GetLargestInvestigations.yml | 51 ------- .../GetLargestInvestigations_test.py | 124 ------------------ 7 files changed, 2 insertions(+), 530 deletions(-) delete mode 100644 Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.py delete mode 100644 Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.yml delete mode 100644 Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents_test.py delete mode 100644 Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.py delete mode 100644 Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.yml delete mode 100644 Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations_test.py diff --git a/Packs/CommonWidgets/ReleaseNotes/1_2_23.md b/Packs/CommonWidgets/ReleaseNotes/1_2_23.md index a4e54f26ace6..f8cf53d59399 100644 --- a/Packs/CommonWidgets/ReleaseNotes/1_2_23.md +++ b/Packs/CommonWidgets/ReleaseNotes/1_2_23.md @@ -3,8 +3,8 @@ ##### GetLargestInvestigations -- Fixed an issue where the GetLargestInvestigations widget was deprecated, but not hidden. +- Removed the ***GetLargestInvestigations*** pack. ##### GetLargestInputsAndOuputsInIncidents -- Fixed an issue where the GetLargestInputsAndOutputsInIncidents widget was deprecated, but not hidden. \ No newline at end of file +- Removed the ***GetLargestInputsAndOuputsInIncidents*** pack. \ No newline at end of file diff --git a/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.py b/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.py deleted file mode 100644 index 6aec7a1e1893..000000000000 --- a/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.py +++ /dev/null @@ -1,107 +0,0 @@ -import demistomock as demisto -from CommonServerPython import * -from CommonServerUserPython import * - - -def find_largest_input_or_output(all_args_list) -> dict: - max_arg = {'Size(MB)': 0} - for arg in all_args_list: - if arg.get('Size(MB)') > max_arg.get('Size(MB)'): - max_arg = arg - - return max_arg - - -def get_largest_inputs_and_outputs(inputs_and_outputs, largest_inputs_and_outputs, incident_id) -> None: - inputs = [] - outputs = [] - urls = demisto.demistoUrls() - server_url = urls.get('server', '') - incident_url = os.path.join(server_url, '#', 'incident', incident_id) - if inputs_and_outputs: - # In case no inputs and outputs are found a getInvPlaybookMetaData will return a string. - # in that case we ignore the results and move on. - if isinstance(inputs_and_outputs, str): - return - for task in inputs_and_outputs: - task_id = task.get('id') - if 'outputs' in task: - for output in task.get('outputs'): - task_url = os.path.join(server_url, '#', 'WorkPlan', incident_id, task_id) - outputs.append({ - 'IncidentID': f"[{incident_id}]({incident_url})", - 'TaskID': f"[{task_id}]({task_url})", - 'TaskName': task.get('name'), - 'Name': output.get('name'), - 'Size(MB)': float(output.get('size', 0)) / 1024, - "InputOrOutput": 'Output', - }) - - else: - for arg in task.get('args'): - task_url = os.path.join(server_url, '#', 'WorkPlan', incident_id, task_id) - inputs.append({ - 'IncidentID': f"[{incident_id}]({incident_url})", - 'TaskID': f"[{task_id}]({task_url})", - 'TaskName': task.get('name'), - 'Name': arg.get('name'), - 'Size(MB)': float(arg.get('size', 0)) / 1024, - 'InputOrOutput': "Input", - }) - if inputs: - largest_inputs_and_outputs.append(find_largest_input_or_output(inputs)) - - if outputs: - largest_inputs_and_outputs.append(find_largest_input_or_output(outputs)) - - -def get_extra_data_from_investigations(investigations: list) -> list: - largest_inputs_and_outputs: List = [] - for inv in investigations: - raw_output = demisto.executeCommand('getInvPlaybookMetaData', - args={ - "incidentId": inv.get('IncidentID'), - }) - if is_error(raw_output): - raise DemistoException(f'Failed to run getInvPlaybookMetaData:\n{get_error(raw_output)}') - - inputs_and_outputs = raw_output[0].get('Contents', {}).get('tasks') - get_largest_inputs_and_outputs(inputs_and_outputs, largest_inputs_and_outputs, inv.get('IncidentID')) - return largest_inputs_and_outputs - - -def main(): - try: - args: Dict = demisto.args() - if is_demisto_version_ge("6.2.0"): - deprecate_msg = "Warning: This script has been deprecated. Please checkout the System Diagnostic page " \ - "for an alternative." - if not argToBoolean(args.get('ignore_deprecated')): - raise DemistoException(deprecate_msg) - else: - demisto.info(deprecate_msg) - is_table_result = argToBoolean(args.get('table_result', False)) - raw_output = demisto.executeCommand('GetLargestInvestigations', - args={ - 'from': args.get('from'), - 'to': args.get('to'), - 'table_result': 'true', - 'ignore_deprecated': 'true', - }) - if is_error(raw_output): - raise DemistoException(f'Failed to run GetLargestInvestigations:\n{get_error(raw_output)}') - - investigations = raw_output[0].get('Contents', {}).get('data') - data = get_extra_data_from_investigations(investigations) - - if not is_table_result: - return_results(tableToMarkdown('Largest Inputs And Outputs In Incidents', data)) - else: - return_results(data) - - except Exception as exc: - return_error(f'Failed to execute GetLargestInputsAndOuputsInIncidents.\nError: {exc}', error=exc) - - -if __name__ in ('__main__', '__builtin__', 'builtins'): - main() diff --git a/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.yml b/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.yml deleted file mode 100644 index 3dbb5bf200d8..000000000000 --- a/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents.yml +++ /dev/null @@ -1,51 +0,0 @@ -args: -- default: false - description: The end date for fetching incidents in ISO format. Incidents will be fetched until the last day of the specified month. For example, if you specify 2020-08-14, incidents created on the specified "from" date until 2020-08-31 will be returned. - isArray: false - name: to - required: false - secret: false -- default: false - description: The start date for fetching incidents in ISO format. Incidents will be fetched starting from the first day of the specified month. For example, if you specify 2020-08-14, incidents created on 2020-08-01 will be returned. - isArray: false - name: from - required: false - secret: false -- auto: PREDEFINED - default: false - defaultValue: 'false' - description: Change to true to return a result suitable for a table widget. By default the return will be in Markdown. - isArray: false - name: table_result - predefined: - - 'true' - - 'false' - required: false - secret: false -- auto: PREDEFINED - default: false - defaultValue: 'false' - description: "WARNING: Setting this argument to true might result in CPU and RAM issues. Set to true to allow the script to run even though it was deprecated." - isArray: false - name: ignore_deprecated - predefined: - - 'true' - - 'false' - required: false - secret: false -comment: Deprecated. Use System Diagonstics page instead (available from version 6.2.0). Returns inputs and outputs larger than 1 MB from all Cortex XSOAR investigations. -commonfields: - id: GetLargestInputsAndOuputsInIncidents - version: -1 -name: GetLargestInputsAndOuputsInIncidents -script: '-' -subtype: python3 -enabled: false -system: false -tags: -- widget -timeout: '0' -type: python -dockerimage: demisto/python3:3.9.7.24076 -fromversion: 6.0.0 -deprecated: true diff --git a/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents_test.py b/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents_test.py deleted file mode 100644 index 73124228c253..000000000000 --- a/Packs/CommonWidgets/Scripts/GetLargestInputsAndOuputsInIncidents/GetLargestInputsAndOuputsInIncidents_test.py +++ /dev/null @@ -1,74 +0,0 @@ -inputs_and_outputs = [ - { - 'args': [{'name': 'text', 'size': 10.44}], - 'id': '9', - 'name': 'Extract indicators from incident' - }, - { - 'id': '198', - 'name': 'Malware Investigation', - 'outputs': [{'name': 'IP', 'size': 159.692}], - 'subplaybook': 'Malware Investigation' - }, - { - 'args': [{'name': 'text', 'size': 11.44}], - 'id': '10', - 'name': 'Extract indicators from incident again' - }, - { - 'id': '200', - 'name': 'Malware Investigation 2', - 'outputs': [{'name': 'IP', 'size': 200.692}], - } -] - - -largest_input = { - 'IncidentID': '[1](https://test-address:8443/#/incident/1)', - 'TaskID': '[10](https://test-address:8443/#/WorkPlan/1/10)', - 'TaskName': 'Extract indicators from incident again', - 'Name': 'text', - 'Size(MB)': 0.011171875, - 'InputOrOutput': 'Input' -} - -largest_output = { - 'IncidentID': '[1](https://test-address:8443/#/incident/1)', - 'TaskID': '[200](https://test-address:8443/#/WorkPlan/1/200)', - 'TaskName': 'Malware Investigation 2', - 'Name': 'IP', - 'Size(MB)': 0.19598828125, - 'InputOrOutput': 'Output' -} - - -def test_get_largest_inputs_and_outputs(): - """ - Given: - a list of inputs and outputs - When: - Running get_largest_inputs_and_outputs. - Then: - the result a list with only the larges input and output - """ - from GetLargestInputsAndOuputsInIncidents import get_largest_inputs_and_outputs - res = [] - get_largest_inputs_and_outputs(inputs_and_outputs, res, '1') - assert len(res) == 2 - assert largest_input in res - assert largest_output in res - - -def test_get_largest_inputs_and_outputs__on_fail(): - """ - Given: - a failure message from getInvPlaybookMetaData command - When: - Running get_largest_inputs_and_outputs. - Then: - the result is an empty list - """ - from GetLargestInputsAndOuputsInIncidents import get_largest_inputs_and_outputs - res = [] - get_largest_inputs_and_outputs('No data', res, '1') - assert len(res) == 0 diff --git a/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.py b/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.py deleted file mode 100644 index de57d424abd1..000000000000 --- a/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.py +++ /dev/null @@ -1,121 +0,0 @@ -import demistomock as demisto -from CommonServerPython import * -from CommonServerUserPython import * - -import traceback -from typing import List, Dict -from operator import itemgetter -from dateutil.parser import parse -from dateutil.relativedelta import relativedelta - - -def get_investigations(raw_output, investigations): - # in case getDBStatistics fails to fetch information it will return a message like so: - # `Failed getting DB stats with filter [102020], minBytes [1000000]` - in this case there are no incidents to report - if isinstance(raw_output, str): - return - for db in raw_output: - buckets = db.get('buckets') - for entry in buckets.keys(): - if entry.startswith('investigations-'): - investigations[entry] = buckets.get(entry) - investigations[entry].update({"Date": db.get('dbName')}) - - -def parse_investigations_to_table(investigations, is_table_result): - data: List = [] - widget_table = {"total": len(investigations)} - urls = demisto.demistoUrls() - server_url = urls.get('server', '') - for investigation in investigations.keys(): - full_size = investigations[investigation].get('leafSize').split(' ') - db_name = investigations[investigation].get('Date') - size = float(full_size[0]) - if size >= 1.0 and full_size[1] == 'MB': - if db_name.isdigit(): - inv_id = investigation.split('-')[1] - inv_link = f"[{inv_id}]({os.path.join(server_url, '#', 'incident', inv_id)})" - date = db_name[:2] + "-" + db_name[2:] - else: - inv_id = "-".join(investigation.split('-')[1:]) - inv_link = f"[playground]({os.path.join(server_url, '#', 'WarRoom', 'playground')})" - date = "" - inv_link = inv_id if is_table_result else inv_link - data.append({ - "IncidentID": inv_link, - "Size(MB)": int(size) if size == int(size) else size, - "AmountOfEntries": investigations[investigation].get('keyN'), - "Date": date - }) - - widget_table['data'] = sorted(data, key=itemgetter('Size(MB)'), reverse=True) # type: ignore - - return widget_table - - -def get_month_db_from_date(date): - month = date.strftime('%m') - year = date.strftime('%Y') - return month + year - - -def get_time_object(timestring, empty_res_as_now=True): - empty_res = datetime.now() if empty_res_as_now else None - if timestring is None or timestring == '': - return empty_res - - date_object = parse(timestring) - if date_object.year == 1: - return empty_res - else: - return date_object - - -def get_month_database_names(): - db_names = set() - to_date = get_time_object(demisto.args().get('to')) - from_date = get_time_object(demisto.args().get('from')) - current = from_date - while current.timestamp() < to_date.timestamp(): - db_names.add(get_month_db_from_date(current)) - current = current + relativedelta(months=1) - - db_names.add(get_month_db_from_date(to_date)) - return db_names - - -def main(): - try: - investigations: Dict = {} - args: Dict = demisto.args() - if is_demisto_version_ge("6.2.0"): - deprecate_msg = "Warning: This script has been deprecated. Please checkout the System Diagnostic page " \ - "for an alternative." - if not argToBoolean(args.get('ignore_deprecated')): - raise DemistoException(deprecate_msg) - else: - demisto.info(deprecate_msg) - from_date = args.get('from') - is_table_result = args.get('table_result') == 'true' - if not get_time_object(from_date, empty_res_as_now=False): - raw_output = demisto.executeCommand('getDBStatistics', args={}) - get_investigations(raw_output[0].get('Contents', {}), investigations) - else: - for db_name in get_month_database_names(): - raw_output = demisto.executeCommand('getDBStatistics', args={"filter": db_name}) - get_investigations(raw_output[0].get('Contents', {}), investigations) - result = parse_investigations_to_table(investigations, is_table_result) - if not is_table_result: - # change result to MD - result = tableToMarkdown('Largest Incidents by Storage Size', result.get("data"), - headers=["IncidentID", "Size(MB)", "AmountOfEntries", "Date"]) - if not result: - result = "No incidents found. Note: only incidents larger than 1MB are scanned." - demisto.results(result) - except Exception: - demisto.error(traceback.format_exc()) # print the traceback - return_error(f'Failed to execute GetLargestInvestigations. Error: {traceback.format_exc()}') - - -if __name__ in ('__main__', '__builtin__', 'builtins'): - main() diff --git a/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.yml b/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.yml deleted file mode 100644 index fcf409c063e1..000000000000 --- a/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations.yml +++ /dev/null @@ -1,51 +0,0 @@ -args: -- default: false - description: The end date for fetching incidents in ISO format. Incidents will be fetched until the last day of the specified month. For example, if you specify 2020-08-14, incidents created on the specified "from" date until 2020-08-31 will be returned. - isArray: false - name: to - required: false - secret: false -- default: false - description: The start date for fetching incidents in ISO format. Incidents will be fetched starting from the first day of the specified month. For example, if you specify 2020-08-14, incidents created on 2020-08-01 will be returned. - isArray: false - name: from - required: false - secret: false -- auto: PREDEFINED - default: false - defaultValue: 'false' - description: Change to true to return a result suitable for a table widget. By default the return will be in Markdown. - isArray: false - name: table_result - predefined: - - 'true' - - 'false' - required: false - secret: false -- auto: PREDEFINED - default: false - defaultValue: 'false' - description: "WARNING: Setting this argument to true might result in CPU and RAM issues. Set to true to allow the script to run even though it was deprecated." - isArray: false - name: ignore_deprecated - predefined: - - 'true' - - 'false' - required: false - secret: false -comment: Deprecated. Use System Diagonstics page instead (available from version 6.2.0). Returns all investigations larger than 1 MB from all Cortex XSOAR. -commonfields: - id: GetLargestInvestigations - version: -1 -name: GetLargestInvestigations -script: '-' -subtype: python3 -enabled: false -system: false -tags: -- widget -timeout: '0' -type: python -dockerimage: demisto/python3:3.9.7.24076 -fromversion: 6.0.0 -deprecated: true diff --git a/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations_test.py b/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations_test.py deleted file mode 100644 index 7c611f77e525..000000000000 --- a/Packs/CommonWidgets/Scripts/GetLargestInvestigations/GetLargestInvestigations_test.py +++ /dev/null @@ -1,124 +0,0 @@ -from typing import Dict -import demistomock as demisto - -raw_incidents_data = [ - { - 'buckets': - { - 'investigations-4185': { - 'keyN': 133, - 'leafSize': '1.6 MB' - }, - 'investigations-4187': { - 'keyN': 1301, - 'leafSize': '4.8 MB' - }, - 'newInsights': { - 'keyN': 106, - 'leafSize': '3.3 MB' - }, - 'newInvPlaybooks': { - 'keyN': 9, - 'leafSize': '29 MB' - }, - }, - 'dbName': '082020' - }, - { - 'buckets': - { - 'investigations-playground': { - 'keyN': 1301, - 'leafSize': '4.8 MB', - 'Date': '' - } - }, - 'dbName': 'main' - } -] - -investigations = { - 'investigations-4185': { - 'keyN': 133, - 'leafSize': '1.6 MB', - 'Date': '082020' - }, - 'investigations-4187': { - 'keyN': 1301, - 'leafSize': '4.8 MB', - 'Date': '082020' - }, - 'investigations-playground': { - 'keyN': 1301, - 'leafSize': '4.8 MB', - 'Date': 'main' - } -} - - -def test_get_investigations(): - """ - Given: - raw incidents info from getDBStatistics command. - When: - Running get_investigations. - Then: - check the resulting incidents are filtered and formatted correctly - """ - from GetLargestInvestigations import get_investigations - inv: Dict = {} - get_investigations(raw_incidents_data, inv) - assert inv == investigations - - -def test_get_investigations__on_fail(): - """ - Given: - a failure message from getDBStatistics command. - When: - Running get_investigations. - Then: - check the resulting incidents are in a dict. - """ - from GetLargestInvestigations import get_investigations - inv: Dict = {} - get_investigations('Failed getting DB stats with filter [102020], minBytes [1000000]', inv) - assert inv == {} - - -def test_parse_investigations_to_table(): - """ - Given: - A dict of investigations with their info. - When: - Running investigations_to_table. - Then: - check the result has the correct amount of outputs, that the incident names are in the correct - order (sorted by size) and that the date is formatted correctly. - """ - from GetLargestInvestigations import parse_investigations_to_table - table = parse_investigations_to_table(investigations, True) - assert table.get('total') == 3 - assert table.get('data')[0].get('IncidentID') == '4187' - assert table.get('data')[0].get('Size(MB)') == 4.8 - assert table.get('data')[1].get('Date') == '' - assert table.get('data')[1].get('IncidentID') == 'playground' - assert table.get('data')[2].get('IncidentID') == '4185' - assert table.get('data')[2].get('Date') == '08-2020' - - -def test_get_month_database_names(mocker): - """ - Given: - from and to dates - When: - Running get_month_database_names. - Then: - the result is a set of all the months between from and to - """ - from GetLargestInvestigations import get_month_database_names - mocker.patch.object(demisto, 'args', return_value={'to': '2020-08-20T14:28:23.382748Z', - 'from': '2020-06-20T14:28:23.382748Z'}) - db_names = get_month_database_names() - expected_dbs = {'082020', '072020', '062020'} - assert db_names == expected_dbs From 4c0ec50aa4cc7880c1bddf5e487c9d58a61d344b Mon Sep 17 00:00:00 2001 From: rshunim <102469772+rshunim@users.noreply.github.com> Date: Mon, 26 Jun 2023 10:26:52 +0300 Subject: [PATCH 5/8] Update Packs/CommonWidgets/ReleaseNotes/1_2_23.json Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> --- Packs/CommonWidgets/ReleaseNotes/1_2_23.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Packs/CommonWidgets/ReleaseNotes/1_2_23.json b/Packs/CommonWidgets/ReleaseNotes/1_2_23.json index cd8241b47ff0..0e145d510947 100644 --- a/Packs/CommonWidgets/ReleaseNotes/1_2_23.json +++ b/Packs/CommonWidgets/ReleaseNotes/1_2_23.json @@ -1 +1 @@ -{"breakingChanges":true,"breakingChangesNotes":"These widgets will no longer be accessible: GetLargestInputsAndOutputsInIncidents and GetLargestInvestigations"} \ No newline at end of file +{"breakingChanges":true,"breakingChangesNotes":"These widgets have been deprecated in the past, and will no longer be usable: GetLargestInputsAndOutputsInIncidents and GetLargestInvestigations"} \ No newline at end of file From b04542a698ef27cfeec957b137d5b6442836ae91 Mon Sep 17 00:00:00 2001 From: rshunim Date: Mon, 26 Jun 2023 10:33:52 +0300 Subject: [PATCH 6/8] RN --- Packs/CommonWidgets/ReleaseNotes/1_2_23.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Packs/CommonWidgets/ReleaseNotes/1_2_23.md b/Packs/CommonWidgets/ReleaseNotes/1_2_23.md index f8cf53d59399..0a77a3e64749 100644 --- a/Packs/CommonWidgets/ReleaseNotes/1_2_23.md +++ b/Packs/CommonWidgets/ReleaseNotes/1_2_23.md @@ -3,8 +3,8 @@ ##### GetLargestInvestigations -- Removed the ***GetLargestInvestigations*** pack. +- ***Breaking Change:*** Removed the ***GetLargestInvestigations*** pack. ##### GetLargestInputsAndOuputsInIncidents -- Removed the ***GetLargestInputsAndOuputsInIncidents*** pack. \ No newline at end of file +- ***Breaking Change:*** Removed the ***GetLargestInputsAndOuputsInIncidents*** pack. \ No newline at end of file From 9e1ae3d6e97f46b5cbb8c62a0ae577b1e3e94501 Mon Sep 17 00:00:00 2001 From: rshunim Date: Mon, 26 Jun 2023 10:40:24 +0300 Subject: [PATCH 7/8] RN --- Packs/CommonWidgets/ReleaseNotes/1_2_23.md | 5 ----- 1 file changed, 5 deletions(-) diff --git a/Packs/CommonWidgets/ReleaseNotes/1_2_23.md b/Packs/CommonWidgets/ReleaseNotes/1_2_23.md index 0a77a3e64749..36be88a83f07 100644 --- a/Packs/CommonWidgets/ReleaseNotes/1_2_23.md +++ b/Packs/CommonWidgets/ReleaseNotes/1_2_23.md @@ -1,10 +1,5 @@ #### Scripts -##### GetLargestInvestigations - - ***Breaking Change:*** Removed the ***GetLargestInvestigations*** pack. - -##### GetLargestInputsAndOuputsInIncidents - - ***Breaking Change:*** Removed the ***GetLargestInputsAndOuputsInIncidents*** pack. \ No newline at end of file From 2792fbfdcc95195b1203029dfc61cdf1e2d07996 Mon Sep 17 00:00:00 2001 From: rshunim <102469772+rshunim@users.noreply.github.com> Date: Mon, 26 Jun 2023 15:51:36 +0300 Subject: [PATCH 8/8] Update Packs/CommonWidgets/ReleaseNotes/1_2_23.md Co-authored-by: yuvalbenshalom --- Packs/CommonWidgets/ReleaseNotes/1_2_23.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Packs/CommonWidgets/ReleaseNotes/1_2_23.md b/Packs/CommonWidgets/ReleaseNotes/1_2_23.md index 36be88a83f07..a5a3e4d3337e 100644 --- a/Packs/CommonWidgets/ReleaseNotes/1_2_23.md +++ b/Packs/CommonWidgets/ReleaseNotes/1_2_23.md @@ -1,5 +1,5 @@ #### Scripts -- ***Breaking Change:*** Removed the ***GetLargestInvestigations*** pack. -- ***Breaking Change:*** Removed the ***GetLargestInputsAndOuputsInIncidents*** pack. \ No newline at end of file +- ***Breaking Change:*** Widget ***GetLargestInvestigations*** was removed from this pack. +- ***Breaking Change:*** Widget ***GetLargestInputsAndOuputsInIncidents*** was removed from this pack. \ No newline at end of file