New features for emails (demisto#29400)

* New features for emails (demisto#28916) * New features for emails * Fix validations * Fix lint and test * Increase coverage and fix validation * Increase test coverage * Manual report condition * Request changes * Fixes request changes * Fix last fetch * Skip event with last fetch time * Remove sensitive data * Change args from simple to complex format * Update notification endpoint * Minor fixes * Fix layout field * Fix condition for manual alerts * Update docker * Add button to get campaign result and fix scan info command output * Update release notes * fix Rn * fix rn * fix rn * remove an empty line * add a "." for validation to pass * one more period --------- Co-authored-by: Christian Gutierrez <[email protected]> Co-authored-by: Yehuda <[email protected]>
xsoar-contrib · Oct 5, 2023 · 92f4bf7 · 92f4bf7
1 parent 9f9fc30
commit 92f4bf7
Show file tree

Hide file tree

Showing 46 changed files with 20,176 additions and 487 deletions.
diff --git a/Packs/CheckPointHEC/.pack-ignore b/Packs/CheckPointHEC/.pack-ignore
@@ -0,0 +1,22 @@
+[file:incidentfield-CheckPointHEC_Campaign_Task.json]
+ignore=IF113
+
+[file:incidentfield-CheckPointHEC_Farm.json]
+ignore=IF113
+
+[file:incidentfield-CheckPointHEC_Email_Sender.json]
+ignore=IF113
+
+[file:incidentfield-CheckPointHEC_Email_Subject.json]
+ignore=IF113
+
+[file:incidentfield-CheckPointHEC_Reported.json]
+ignore=IF113
+
+[file:incidentfield-CheckPointHEC_Task.json]
+ignore=IF113
+
+[known_words]
+HEC
+CP
+Saas
diff --git a/Packs/CheckPointHEC/.secrets-ignore b/Packs/CheckPointHEC/.secrets-ignore
@@ -1,3 +1,6 @@
 [email protected]
-24dfc0f6bd9c7f2eaf5f8457b8c593d3
-54.240.9.35
+[email protected]
+https://yardiasp14.com
+http://operatf.xyz
+[email protected]
+[email protected]
diff --git a/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Campaign_Task.json b/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Campaign_Task.json
@@ -0,0 +1,32 @@
+{
+    "id": "incident_checkpointheccampaigntask",
+    "version": -1,
+    "modified": "2023-08-07T15:36:49.667762Z",
+    "name": "CP HEC Campaign Task",
+    "ownerOnly": false,
+    "description": "Campaign task id to get results",
+    "cliName": "checkpointheccampaigntask",
+    "type": "shortText",
+    "closeForm": false,
+    "editForm": true,
+    "required": false,
+    "neverSetAsRequired": false,
+    "isReadOnly": false,
+    "useAsKpi": false,
+    "locked": false,
+    "system": false,
+    "content": true,
+    "group": 0,
+    "hidden": false,
+    "openEnded": false,
+    "associatedTypes": [
+        "CheckPointHEC Security Event"
+    ],
+    "associatedToAll": false,
+    "unmapped": false,
+    "unsearchable": true,
+    "caseInsensitive": true,
+    "sla": 0,
+    "threshold": 72,
+    "fromVersion": "6.9.0"
+}
diff --git a/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Customer.json b/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Customer.json
@@ -1,8 +1,8 @@
 {
     "id": "incident_checkpointheccustomer",
     "version": -1,
-    "modified": "2023-07-02T03:39:22.498231281Z",
-    "name": "CheckPointHEC Customer",
+    "modified": "2023-08-01T19:26:46.346683Z",
+    "name": "CP HEC Customer",
     "ownerOnly": false,
     "placeholder": "CP Customer",
     "description": "Customer portal name",

diff --git a/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Email_Sender.json b/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Email_Sender.json
@@ -0,0 +1,33 @@
+{
+    "id": "incident_checkpointhecemailsender",
+    "version": -1,
+    "modified": "2023-08-07T15:36:49.667762Z",
+    "name": "CP HEC Email Sender",
+    "ownerOnly": false,
+    "placeholder": "Email Sender",
+    "description": "Sender of the email",
+    "cliName": "checkpointhecemailsender",
+    "type": "shortText",
+    "closeForm": false,
+    "editForm": true,
+    "required": false,
+    "neverSetAsRequired": false,
+    "isReadOnly": false,
+    "useAsKpi": false,
+    "locked": false,
+    "system": false,
+    "content": true,
+    "group": 0,
+    "hidden": false,
+    "openEnded": false,
+    "associatedTypes": [
+        "CheckPointHEC Security Event"
+    ],
+    "associatedToAll": false,
+    "unmapped": false,
+    "unsearchable": true,
+    "caseInsensitive": true,
+    "sla": 0,
+    "threshold": 72,
+    "fromVersion": "6.9.0"
+}
diff --git a/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Email_Subject.json b/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Email_Subject.json
@@ -0,0 +1,33 @@
+{
+    "id": "incident_checkpointhecemailsubject",
+    "version": -1,
+    "modified": "2023-08-07T15:36:49.667762Z",
+    "name": "CP HEC Email Subject",
+    "ownerOnly": false,
+    "placeholder": "Email Subject",
+    "description": "Subject of the email",
+    "cliName": "checkpointhecemailsubject",
+    "type": "shortText",
+    "closeForm": false,
+    "editForm": true,
+    "required": false,
+    "neverSetAsRequired": false,
+    "isReadOnly": false,
+    "useAsKpi": false,
+    "locked": false,
+    "system": false,
+    "content": true,
+    "group": 0,
+    "hidden": false,
+    "openEnded": false,
+    "associatedTypes": [
+        "CheckPointHEC Security Event"
+    ],
+    "associatedToAll": false,
+    "unmapped": false,
+    "unsearchable": true,
+    "caseInsensitive": true,
+    "sla": 0,
+    "threshold": 72,
+    "fromVersion": "6.9.0"
+}
diff --git a/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Entity.json b/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Entity.json
@@ -1,8 +1,8 @@
 {
     "id": "incident_checkpointhecentity",
     "version": -1,
-    "modified": "2023-07-02T04:30:15.829662037Z",
-    "name": "CheckPointHEC Entity",
+    "modified": "2023-08-01T19:26:46.346683Z",
+    "name": "CP HEC Entity",
     "ownerOnly": false,
     "placeholder": "CP Entity ID",
     "description": "Internal entity ID of email with leak",

diff --git a/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Farm.json b/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Farm.json
@@ -0,0 +1,33 @@
+{
+    "id": "incident_checkpointhecfarm",
+    "version": -1,
+    "modified": "2023-08-07T15:36:49.667762Z",
+    "name": "CP HEC Farm",
+    "ownerOnly": false,
+    "placeholder": "CP Farm",
+    "description": "Customer farm",
+    "cliName": "checkpointhecfarm",
+    "type": "shortText",
+    "closeForm": false,
+    "editForm": true,
+    "required": false,
+    "neverSetAsRequired": false,
+    "isReadOnly": false,
+    "useAsKpi": false,
+    "locked": false,
+    "system": false,
+    "content": true,
+    "group": 0,
+    "hidden": false,
+    "openEnded": false,
+    "associatedTypes": [
+        "CheckPointHEC Security Event"
+    ],
+    "associatedToAll": false,
+    "unmapped": false,
+    "unsearchable": true,
+    "caseInsensitive": true,
+    "sla": 0,
+    "threshold": 72,
+    "fromVersion": "6.9.0"
+}
diff --git a/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Saas.json b/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Saas.json
@@ -1,8 +1,8 @@
 {
     "id": "incident_checkpointhecsaas",
     "version": -1,
-    "modified": "2023-07-02T04:30:00.142598958Z",
-    "name": "CheckPointHEC Saas",
+    "modified": "2023-08-01T19:26:46.346683Z",
+    "name": "CP HEC Saas",
     "ownerOnly": false,
     "placeholder": "CP Saas Identifier",
     "description": "Internal SaaS Identifier",

diff --git a/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Task.json b/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Task.json
@@ -0,0 +1,32 @@
+{
+    "id": "incident_checkpointhectask",
+    "version": -1,
+    "modified": "2023-08-07T15:36:49.667762Z",
+    "name": "CP HEC Task",
+    "ownerOnly": false,
+    "description": "Action task id to get results",
+    "cliName": "checkpointhectask",
+    "type": "shortText",
+    "closeForm": false,
+    "editForm": true,
+    "required": false,
+    "neverSetAsRequired": false,
+    "isReadOnly": false,
+    "useAsKpi": false,
+    "locked": false,
+    "system": false,
+    "content": true,
+    "group": 0,
+    "hidden": false,
+    "openEnded": false,
+    "associatedTypes": [
+        "CheckPointHEC Security Event"
+    ],
+    "associatedToAll": false,
+    "unmapped": false,
+    "unsearchable": true,
+    "caseInsensitive": true,
+    "sla": 0,
+    "threshold": 72,
+    "fromVersion": "6.9.0"
+}
diff --git a/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Type.json b/Packs/CheckPointHEC/IncidentFields/incidentfield-CheckPointHEC_Type.json
@@ -1,8 +1,8 @@
 {
     "id": "incident_checkpointhectype",
     "version": -1,
-    "modified": "2023-07-02T04:30:44.192922335Z",
-    "name": "CheckPointHEC Type",
+    "modified": "2023-08-01T19:26:46.346683Z",
+    "name": "CP HEC Type",
     "ownerOnly": false,
     "placeholder": "CP Event Type",
     "description": "Detection type (dlp, phishing, malware, spam)",

diff --git a/Packs/CheckPointHEC/IncidentTypes/incidenttype-CheckPointHEC_Security_Event.json b/Packs/CheckPointHEC/IncidentTypes/incidenttype-CheckPointHEC_Security_Event.json
@@ -19,7 +19,7 @@
     "disabled": false,
     "reputationCalc": 0,
     "onChangeRepAlg": 0,
-    "layout": "CheckPointHEC Security Event Layout",
+    "layout": "CP HEC Security Event Layout",
     "detached": false,
     "extractSettings": {
         "mode": "Specific",