testing release #107

…33773) * fix tracker_id * tests * fix pre-commit * pre * release notes * update docker * add for priority id and status id * pre commit fixes * read me fix * readme fix * fix * readme * notes * release notes * period * fix status for create and readme * fix tests * fix test2 * fix readme and yml * fix decs review * fix readme * reset-context * fix _ * fix command name * fix cr * fix cr * fix * fix json bc * add comment * fix raw * fix redmine * fix commands * no cache * fix metadata * fix lint * change name of func * fix readme * fix readme * cr fixes * fix playbook * fix rn * fix docker * docker * fix version * fix description * Apply suggestions from code review docs Co-authored-by: ShirleyDenkberg <[email protected]> * Apply suggestions from code review docs Co-authored-by: ShirleyDenkberg <[email protected]> * fix * fix * rn * the * jasmin fixes * fix * Update Packs/Redmine/ReleaseNotes/1_0_3.md Co-authored-by: JudithB <[email protected]> * Update Packs/Redmine/ReleaseNotes/1_0_3.md Co-authored-by: JudithB <[email protected]> * fixed rn * fix RN * FIX rn --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: JudithB <[email protected]>

Co-authored-by: Christian Gutierrez <[email protected]>

* Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Removed xql-content folder

* Possible solution * rns --------- Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]>

…update (demisto#34107) * added new parameters and updated documentation * fixed unit tests * added a unit test * added a unit test test_audit_log_api_request_check_compartment_id

* qradar mirroring bug * RN --------- Co-authored-by: jbabazadeh <[email protected]>

* Playbook fix * rn * rn * removed unnecessary test playbooks * RN * review

* fix TPB * fix test inside TPB * fix test inside TPB * fix

demisto#34044) * init * ruff changes * works, no bugs * add unit-tests * RN * cause error * trigger tests * Revert "cause error" This reverts commit 4c388e8. * Remove changes to ArcSightESMv2_test.py

…emisto#34167) * [Ping] - documentation fixes for xsoar8/xsiam * update test file * remove comments * bump rn * remove debug log * Update Packs/CommonScripts/Scripts/Ping/Ping.yml Co-authored-by: Dan Tavori <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_14_42.md Co-authored-by: Dan Tavori <[email protected]> * mock * fix * add readme and docker-image * DS109 * skip * add test success with mock for coverage * do not run ping on xsoar saas --------- Co-authored-by: Dan Tavori <[email protected]>

* added logs * fix the exception * uncomment * remove bad st line * added func * added test * added test for sad flow * precommit stuff * fixed test * added rn * Apply suggestions from code review * cr fixes * fix test

* Fixed description. * Adding release notes and bumping version * Added a validation in the code as well * cr fixes * Bump pack from version CortexXDR to 6.1.32. --------- Co-authored-by: Content Bot <[email protected]>

* fix invalid image names and references * fix another image * Lumu documentation version bump

* fix invalid image names and references * fix another image * Lumu documentation version bump * fix image names

* add phishing domain hunting usecase pack * Add phishing domain hunting usecase content items * Add scripts to pack * Fix lint errors * Update playbook image * Update description and pack readme * Update scripts name * Fix validation errors * fix validation errors * fix validation errors * Fix validation errors * Fix validation errors * Fix validation errors * Fix author image size * Update docker image version * Update readme * Update readme * Update author image * Remove certstream fields * Add widget scripts * Modified suspicious site elements section name, change to view all fields * Rename pack and content items * Move playbook to CertStream pack * Rename content items * Fix names for dynamic sections * Fix script lint errors * Fix Layout dynamic sections script names * Update incident field name prefix * update playbook readme * Fix validations error * Move incident fields to integration pack * Fix incident fields names * Fix filter to update the right domain * Fix validation errors * Fix lint errors * Fix lint errors * Fix build errors * Add user-agent to http request task * Fix review comments * Fix content items according to review comments * Fix review comments * Move incident fields to commontypes pack * Fix incident fields * Fix review comments * Fix playbook according to review comments * Fix layout according to review comments * Fix layout review comments * Update release notes, Add missing description field in playbook * Fix button name * Fix review comments * Add contact email input to send email layout button, Update image

* revert port in GenericWebhook * RN * italic * docker and RN * conflicts * remove docs * Update docs Co-authored-by: Judah Schwartz <[email protected]> * Update README.md --------- Co-authored-by: Danny_Fried <[email protected]> Co-authored-by: Judah Schwartz <[email protected]>

* remove version from description * change error parsing * Added disclaimer * removed dev name * merged from master * bumped docker

* change link to master * moving to master on another link as well

* server does not support auto port allocation on XSOAR8/XSIAM on AWS-SNS-Listener * RN docker image version bump pack version bump

* added cen-host-history command * added ip and domain reputation command * pre commit * pre commit * done first version * hr fixed, added execution_metrics, try and except and more * ip and domain commands output updated in the yml file * unneeded f string removed * handles separately premium and non premium * tests for ip and domain commands and update for the others * better error handling * readme for cen-host-history command * added description on the reputation command * updated output for host history, ip and domain commands * added ip and domain commands * domain command relationships update * deleted host history command * docs improves * domain output updated * added tests docs * added tpb for ip and domain commands * new rn for the new ip and domain commands and more * pr fixes * pre commit * relationships fixed * fixed ut * edited responses * ut fixed * edited response * edited response * ip and domain output updated * updated descriptions * updated readme for ip and domain output * updated doker image * updated doker image * release note edited * semantic fixed * unneeded * doc review fixed * syntax * section edited

* added logs and 429 to try to create a new token * more debug logs * added generic_http_request * fixed pre-commit errors * added error handler and json_data * added the ok_codes and timeout * updated the valid_status_codes and added a unit test * use generic_http_request from common server python * added release notes * added unit tests * cr fixes * fixed a debug log * removed debug logs

* add while loop for timeouts * added tests * RN * Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_53.md Co-authored-by: Judah Schwartz <[email protected]> * Update CoreRESTAPI.js --------- Co-authored-by: Judah Schwartz <[email protected]>

* Fixed DbotScore for grayware verdict * Added release notes and bumped version * Removed print * Updated the docker image * Fixed rn

* remove version from description * unlocked core packs

* Create CyberArkEPM event collector * commit changes * add date filter * fixes * fixes * docs * added modeling rules to the pack. * add commands * fixes * pre-commit * format * add UT and doc review * ut and description * fix * doc review * demo fixes * add next cursor * demo fixes * improve fetch mechanism * וֹ * UT * pre-commit fixes * pre-commit fixes * build fixes * build fixes * build fixes * docs * Modified the schema file * cr fixes * cr fixes * Small fixes to folder names (demisto#31019) * OpenCVE throws an error when trying to enrich a CVE (demisto#31482) OpenCVE throws an error when trying to enrich a CVE demisto#31482 * Remove generic polling task (demisto#31411) * generic polling task was removed and read me file created * Release notes update * release notes update * old playbook deprecated and new version created * release notes added * added image to the old playbook version * deprecated for the playbook * RN updated * added image * removed unnecessary tasks * added more outputs * RN updated * added description * image replaced * added an instance to a test PB * removed tests instances removed from PB this test * removed tests --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: ssokolovich <[email protected]> * README * cr fixes * type ignore * remove rasie * remove raise * Added field to schema file * change field type in schema * added a modeling rule (demisto#22875) * added a modeling rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * Update README.md (demisto#23810) Edit the file to remove duplication of command names in the right pane. * Modeling rules fixes (demisto#24259) * save * save no exit_code * save not fail on test-modeling-rules * remove ciscoasa changes * Update Docker Image To demisto/chromium (demisto#24291) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update * Deprecated GitHub TestData (demisto#31573) * eventTypeXsiam to source_log_type * eventTypeXsiam to source_log_type * fix UT * Modified the first filter. * improve description * add event type parameter * fixes * add event type for policy audits * add event type for policy audits * change display name * change display name * fixes * okta * docker * fix ut --------- Co-authored-by: Yehonatan Asta <[email protected]> Co-authored-by: yasta5 <[email protected]> Co-authored-by: Dror Avrahami <[email protected]> Co-authored-by: Koby Meir <[email protected]> Co-authored-by: Karina Fishman <[email protected]> Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: ssokolovich <[email protected]> Co-authored-by: michal-dagan <[email protected]> Co-authored-by: guytamir10 <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Darya Koval <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: eepstain <[email protected]>

* bumped version to all core packs * Bump pack from version Palo_Alto_Networks_WildFire to 2.1.46. --------- Co-authored-by: Content Bot <[email protected]>

* removed a reviewer * dict

…isto#34199) * Changes related to the Securonix Release: 2.0.20 * Fixing linting errors * Updated the release docs * Updated the release notes and README as per the suggested changes by securonix team * Added the command name as a unique key for the pagination information updated by the securonix-list-activity-data command * Updated the release notes for the escaping back slash character --------- Co-authored-by: scnx-knathani <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]>

…manually create method to description files (demisto#34161) * Starting Kubernetes 1.24, Secrets are not automatically generated when Service Account are created. Minor update to manually create secret to get token. (demisto#34128) Changed the following description files to affect this change Changes to be committed: modified: Integrations/AnsibleKubernetes/AnsibleKubernetes_description.md modified: Integrations/AnsibleKubernetes/README.md new file: ReleaseNotes/1_0_7.md * Update the RN * Update the pack_metadata version * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: Jie <[email protected]> Co-authored-by: Menachem <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

* Update layout and fields for records (demisto#33635) * Update layout and fields for records * Update docker version based on demisto-sdk suggestion * Update code based on demisto-sdk suggestions * Update RN based on feedback * Remove unused incident fields * Adding modified Record Fields based on field type * Modified incident fields based on new JSON * Update release notes * Update description based on PR comments * revert package-lock.json * Revert package-lock.json * Update package-lock.json * Update package-lock.json * Update package-lock.json * Update package-lock.json * update * Update 1_1_23.md * Update pack_metadata.json * Update RN * Fix --------- Co-authored-by: Yair Leiferman <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]>

* Threatzone Static & CDR Revision (demisto#34088) * submission private patch * update release notes * fixed metadata & payload * update release notes * Submission URL removed * update breaking changes * fix unit tests & neccesary changes are made based on unit tests * remove version xx * requested changes are made * requested changes are made * Fix validate --------- Co-authored-by: Veli Tekin <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]>

* Adoption for pack (demisto#34031) * Update README.md * Update pack_metadata.json * Create 3_2_4.md * Netwitness Author image --------- Co-authored-by: Mai Morag <[email protected]> * fixing rl * pre -commit fixes --------- Co-authored-by: adit-ghildiyal <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: maimorag <[email protected]>

* update pack README * XDR Remediation * Update Packs/CortexAttackSurfaceManagement/README.md --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Mai Morag <[email protected]>

* Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes

* Updated Metadata Of Pack PAN-OS * Added release notes to pack PAN-OS * Packs/PAN-OS/Integrations/Panorama/Panorama.yml Docker image update * Bump pack from version PAN-OS to 2.1.26. --------- Co-authored-by: Content Bot <[email protected]>

* YARA Indicator * Formatted * small fixes * id fix * New field * RN * Removed script * layout_update * rn * RN * Bump pack from version CommonTypes to 3.5.2. --------- Co-authored-by: Content Bot <[email protected]>

* Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Update Akamai_WAF.xif

)

* Fixed the date format * Added release notes and bumped version. * Fixed validate and tests * Fixed rn

* Update CODEOWNERS * more updates * even more updates * last update?

* update dependencies * poetry lock * minimize PR * add types * update deps * update python version * use latest SDK supporting 3.11 * fix mypy * add missing types-emoji * remove unused imports (flake8 update) * add `type:ignore` * more `types-` * lock * poetry lock * remove py2-style typing * some py2-typing changes * fix mypy * one more `type:ignore` * autopep8 * autopep8, mypy fixes * autopep8 * release notes * bump docker images * Fix `DS108` * ignore print * latest SDK branch * fix TypeError * allow pytest coverage step to fail * Bump pack from version CommonScripts to 1.14.36. * Bump pack from version CommonScripts to 1.14.37. * Bump pack from version MicrosoftExchangeOnline to 1.3.6. * Undo DropboxEventCollector image update (see CIAC-10398) * undo ExtractIndicatorFromWordFile changes * undo ExtractIndicatorFromWordFile changes * Undo DropboxEventCollector image update (see CIAC-10398) * format slashnext * Bump pack from version MicrosoftExchangeOnline to 1.3.7. * fix usage-before-assignment * DO106 * bump CommonPacks * Bump pack from version CommonScripts to 1.14.42. * Bump pack from version CommonScripts to 1.14.43. * Ignore BA111 in CommunityCommonDashboards * undo infra changes * Bump pack from version CommonScripts to 1.14.44. --------- Co-authored-by: ilan <[email protected]> Co-authored-by: Content Bot <[email protected]>

* O365 - Search and Delete Last Week - attempt 2 (demisto#34043) * move logic to correct playbook and pack. update RNs and BC notes. * Update RNs Co-authored-by: Sasha Sokolovich <[email protected]> * update playbook image * update condition, move tasks * update pb image and fix issues in yml * updates discussed during demo * Update task name Co-authored-by: Sasha Sokolovich <[email protected]> * update input description * rearrange position of playbook tasks * Fixed conflict * Fixed metadata * Deleted json --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * Added description to task * Bump pack from version CommonPlaybooks to 2.6.32. --------- Co-authored-by: Ali Sawyer <[email protected]> Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Anas Yousef <[email protected]> Co-authored-by: Content Bot <[email protected]>

* Devo enh 3 (demisto#34215) * fix : Upgrade the python-sdk. fix : update the unit-test. * fix : Increase the time limit. * feat : release note for update. * fix : Update docker image. * fix : Update release note structure. * fix : update release note version. * fix : Update release note structure. * feat : Added response status validation. * fix : update unit tests. * fix : removed un-necessary comment. * feat : Added unit tests for "_to_unix" method. * fix : update release note version. * fix : update old unit tests. * feat : added new param "ip_as_string" in devo_run_command. * fix : Added ip_as_string param in run_command method. * feat : update release note. * fix : Update docker image. * fix : Update docker image. * fix : Handle the edge cases. * fix : Update the readme. * feat : Added unit test case for new param "ip_as_string". * fix : docker image. * fix : Update readme. * fix : Removed un-used param. * feat : using argToBoolean for validating the "ip_as_string" param. Added the validation for extra_data. Removed un-used param. * feat : Update the run_query_command parameters. * fix : passing ip_as_string param while calling the function. * feat : Added support for query_timeout param. * Update 1_3_2.md * Update 1_3_2.md * Update Devo_v2.yml * Updated Readme.md --------- Co-authored-by: Manas Shinde <[email protected]> Co-authored-by: anas-yousef <[email protected]>

demisto#34249) * Update CortexXpanse integration - Uses server_creation_time and local_insert_ts for fetching alerts - Update comments to be more useful - Rename variable to be more specific * Add release notes * Update test --------- Co-authored-by: John <[email protected]> Co-authored-by: johnnywilkes <[email protected]>

* init * convert to function * RN * Update Packs/Base/ReleaseNotes/1_33_53.md * Bump pack from version Base to 1.33.54. * sleep error, pylint: disable=E9003 * Update Packs/Base/ReleaseNotes/1_33_54.md * add hint typing --------- Co-authored-by: Content Bot <[email protected]>

* Revert demisto#33560 * fix tag * RN and metadata

* reco: get files exposed to specific email address (demisto#34122) * reco: get files exposed to specific email address Signed-off-by: Gal Nakash <[email protected]> * reco: add new command Signed-off-by: Gal Nakash <[email protected]> * reco: add tests Signed-off-by: Gal Nakash <[email protected]> * Reco: update README.md --------- Signed-off-by: Gal Nakash <[email protected]> * fix pre-commit * fix README RM102 * fix context path * fix read me * fix docker --------- Signed-off-by: Gal Nakash <[email protected]> Co-authored-by: GalNakash-RecoLabs <[email protected]> Co-authored-by: maimorag <[email protected]> Co-authored-by: Mai Morag <[email protected]>

* removing trigger private nightly from SDK release * Removing wait for private build

* [bug] - TC Feed grid field parsing * solution * small fix * precommit

Co-authored-by: Content Bot <[email protected]> Co-authored-by: samuelFain <[email protected]>

* Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules

* "pack contribution initial commit" * pack resubmitted * add to secret ignore * adding category * fix category * fix lint * fix lint * fix link --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: maimorag <[email protected]>

* fixing missing param method from api call * reverting removing params = None * Update Packs/Core/ReleaseNotes/3_0_30.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * fix build * fix demistomock --------- Co-authored-by: Shahaf Ben Yakir <[email protected]>

* fix `linters_runner.sh` * use mypy * minimize diff

* Update README.md Updating readme.d * Update pack_metadata.json Updating json file for adoption process * Update pack_metadata.json * Create 1_0_8.md * Uploading Author image * Update README.md Updating Readme file * Update Packs/RsaNetWitnessPacketsAndLogs/ReleaseNotes/1_0_8.md --------- Co-authored-by: adit-ghildiyal <[email protected]> Co-authored-by: Mai Morag <[email protected]>

* init * fix * update rn and revert demistomock * update is_time_sensitive * Update 1_2_13.md --------- Co-authored-by: dorschw <[email protected]>

* removed mpv2 tag * update rn * update docker * Update Packs/CommonScripts/ReleaseNotes/1_14_45.json Co-authored-by: Dan Tavori <[email protected]> * update rn * Update Packs/CommonScripts/ReleaseNotes/1_14_45.json Co-authored-by: Judah Schwartz <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Judah Schwartz <[email protected]>

* remove the private support from content build * removed from another place

* save * save comment * demisto class fixes * save current state * save changes * trying to run playbooks for relevant integrations * try except for Common Server python tests. * rn * pre-commit * remove log * revert files * comments, logs and other minor changes * Bump pack from version Base to 1.34.0. * Bump pack from version Base to 1.34.0. * Bump pack from version Base to 1.34.0. * suppress is python3 * autopep --------- Co-authored-by: daryakoval <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Content Bot <[email protected]>

* removed the private releated code from collect tests * commit * private tests * removed from other parts

* Check point ndr (demisto#33486) * Check Point NDR pack * Fix comments by PAN * Round 2 fixes * Fix CircleCi validation errors * Round 3 fixes * CircleCI fix * CircleCI fix * Update CheckPointNDR.yml --------- Co-authored-by: chkp-maxn <[email protected]> Co-authored-by: Moshe Galitzky <[email protected]>

…emisto#34282) * [Marketplace Contribution] Common Dashboards - Content Pack Update (demisto#33726) * "contribution update to pack 'Common Dashboards'" * Update UseCaseAdoptionMetrics.yml changed the id * adding tests and improving code * adding docstrings to tests * adding tests * adding docs * fixing table to markdown * fixing tests * fixing tests docstring * pre -commit fixes * cr fixes * pre-commit changes+ fixing tests * fixes after merging from master * fixes after merging from master * fix unit test main * fix test --------- Co-authored-by: Karina Fishman <[email protected]> Co-authored-by: maimorag <[email protected]> Co-authored-by: Mai Morag <[email protected]> * fix * fix * reverting removing params = None * fix test * add ignore * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Karina Fishman <[email protected]> Co-authored-by: maimorag <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

* Added support for additional duration conventions. * Added release note.

Section 2 under Guidelines is not valid and results in the following error: "error validating destination: error writing object: error uploading to https: 401". Suggested changes to section 2 that results in a successfull configuration. Co-authored-by: kingK0ng22 <[email protected]> Co-authored-by: anas-yousef <[email protected]>

* CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * CIAC-8731 Enhance G Suite Admin Integration to Support - Fixing after demo and tests * Ciac 8513 * Ciac 8513 * Ciac 8513 * Ciac 8513 * Ciac 8513 * Ciac 8513 * Ciac 8513

* pre commit * fix * revert * add isTimeSensitive to demistomock * pre commit * RN * rn * update rn and revert demistomock * update is_time_sensitive * Update Packs/ipinfo/ReleaseNotes/2_1_22.md Co-authored-by: dorschw <[email protected]> * Update Packs/ipinfo/ReleaseNotes/2_1_22.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker and add debug * add `time_sensitive` variable --------- Co-authored-by: dorschw <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

* layout * RN * pre-commit * Revert "pre-commit" This reverts commit 1bf09d9. * Revert * Revert "pre-commit" This reverts commit 1bf09d9. * PB update * PB Updates * Update playbook-YARA_-_File_Scan.yml * PB

demisto#34286) (demisto#34300) * Updated Telemetry url to ThreatDown * Updated domain to 'ThreatDown' for Usage Analytics. * Update Malwarebytes.py * Update Malwarebytes.py Co-authored-by: rskumar-mwb <[email protected]>

…isto#34304) * Add logs to update_contribution_pack_in_base_branch.py * Add back auto removed type[ignores] * add argument logs

* fix * build * revert test build

…34292) * fix message * RN * equals 0 * fix message * RN * revert

* init * RN * update * updated rn and revert demistomock * updated is_time_sensitive * Update Packs/Zscaler/ReleaseNotes/1_3_20.md Co-authored-by: dorschw <[email protected]> * Update 1_3_20.md * timeout * add debug * add `time_sensitive` variable * Update Packs/Zscaler/Integrations/Zscaler/Zscaler.py Co-authored-by: dorschw <[email protected]> * Update Packs/Zscaler/Integrations/Zscaler/Zscaler.py Co-authored-by: dorschw <[email protected]> --------- Co-authored-by: dorschw <[email protected]>

…emisto#33705) * added 'Core REST API' for the 'Test Playbook - Cortex XDR - Retrieve File by sha256' playbook, set timeout and 'is_mockable' for the 'Test Playbook - Cortex XDR Malware - Incident Enrichment' playbook * changed the test incident details * added the 'Cortex XDR - IR' integration for the 'test Playbook - Cortex XDR Malware - Incident Enrichment' * removed the 'is mockable' from the configurations of the 'Test Playbook - Cortex XDR Malware - Incident Enrichment' * removed task that checks the 'network artifacts' context key since the test incident does not include it * removed unnecessary comma * fixes for for 'Test Playbook - Cortex XDR Malware - Incident Enrichment' and 'Test Playbook - MDE - Retrieve File' * revert changes for 'Test Playbook - MDE Malware - Incident Enrichment' * fixes for the test playbook * re-added fixes for MDE - Retrieve File test playbook * updated test playbook * revert changes * revert changes * revert changes --------- Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: rshunim <[email protected]>

* Gem Security pack Commit Pack includes: 1 Automation 3 Classifiers 16 Incident Fields 1 Incident Type 1 Integration 1 Layout 3 Playbooks 1 Pre-process Rule * Ci fix (#5) * Fix post commit validation issues * Fix tests coverage * Fix indent (#6) * Cr fix (#7) * Fix playbooks * Format playbooks and fix Gem Alert Classifier * Fix blank space in Gem Layout * Fix incident fields * Fix cr (#8) * Fix double line * Update playbooks (#9) Co-authored-by: Lior Maman <[email protected]>

* enhancement AWS IAM Identity Center * delete-user-command * new commands * remove memberships ids * yml changes * list-groups-for-user and list-memberships * key_field * key_field * unit test create user * unit test * unit tests * readme and tests * fix * readme changes * command_examples * readme and yml fixes * readme - command examples * description change * test changes * release notes + bc * changes after code review * descriptions and errors * test and code fixes * test fix * hook changes * contributors * release notes and code review fixes * tests update-user, update-group * tests * examples * annotations and doc strings * pre-commit changes * release notes fixes * - * Merge branch 'master' into ia_CIAC-8931 * Update conf.json * conf json * conf json * add description * Update Packs/AWS-IAMIdentityCenter/Integrations/AWSIAMIdentityCenter/AWSIAMIdentityCenter.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/Integrations/AWSIAMIdentityCenter/AWSIAMIdentityCenter.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/Integrations/AWSIAMIdentityCenter/AWSIAMIdentityCenter.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/ReleaseNotes/1_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/Integrations/AWSIAMIdentityCenter/AWSIAMIdentityCenter.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/ReleaseNotes/1_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/ReleaseNotes/1_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/ReleaseNotes/1_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/ReleaseNotes/1_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/ReleaseNotes/1_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/ReleaseNotes/1_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/ReleaseNotes/1_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-IAMIdentityCenter/ReleaseNotes/1_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * doc changes * docs changes * readme * author update * syntax changes * constants * get user by email * test for get user by not existing email * code review fixes * pre-commit changes * code review changes * code review changes * pre-commit errors fixes * type annotations * syntax * pre-commit * fix * code review fixes * fix * fix * ignore * doc string to update_groups_and_memberships * doc fix * pre-commit * yml updates * validation fixes * proxy and sts_regional_endpoint * fixes * fixes * json changes * TESTS * conf * test update * update docker * fromversion 6.10.0 --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]>

* The field is now searchable * Added release notes and bumped version * Updated rn * Updated rn again * Updated the RN again

* Fixed args handling * Added release notes * Bump pack from version Base to 1.33.53. * Update Docker Image * Adding more default values * Bump pack from version Base to 1.33.54. * Bump pack from version Base to 1.33.55. * Bump pack from version Base to 1.34.1. * Updated the test file name --------- Co-authored-by: Content Bot <[email protected]>

…pdate (#…" (demisto#34323) This reverts commit 6120249.

* Move getServerURL to developer tools * pass validations * refactor * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Removing the script from TPB folders --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* initial commit * Initial integration skeleton * send-message-command * send-message command * check-email-* commands * check-email-* commands * check-email-* commands * revert commonserverpython changes * get-cve-info-command * Fixating model parameters on configuration instance level. * debug * Updated design * verbose-message * tests * [XSUP-35785][Netskope] Add the `is_overwrite` Argument (demisto#33931) * add is_overwrite argument * docker & RN * fix RN * Fix threat grid v2 upload sample command (demisto#33546) * fix command * add RN * add UT and update Docker * pre-commit * pre-commit * add parameter to api call - classify=true * add parameter classify to api call * commit * fix UT * No ticket_type default value in servicenow-update-ticket (demisto#33840) * safebreach expose (demisto#33934) * removed hidden * edit * added rn * Tenable bug (demisto#33913) * fixed a bug * added rn * pre commit edits * pre commit edits * revert * revert * added checking if xsiam machine * removeed print * Fix the creation of the curl commands within the logs. (demisto#33935) * t * rn * add test * fix test * add explanation * add new line * pre commit * poetry files (demisto#33939) Co-authored-by: Content Bot <[email protected]> * Replace XSOAR 8 Example in Generic Webhook README (demisto#33778) * Replace XSOAR 8 Example in READM * Update Packs/GenericWebhook/Integrations/GenericWebhook/README.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * docker and RN * port no required and credentials are required * fixed test-conf * change to mp * only on - prem --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: meichler <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> * fix image link (demisto#33896) * [ASM] - EXPANDER 8513 - XDR Mitigation for ASM (demisto#33857) (demisto#33938) * Add Cortex Endpoint Remediation playbook * Update supporting playbooks for Cortex Endpoint remediation * Add PNG for Cortex Endpoint Remediation Playbook * Update Pack ReadMe * Update ASM Alert Playbook remediation data collection task * Update missing logic in RPR playbook * Update release notes * Update PNG link * Update playbook layout position for ASM Alert playbook * Update XDR Remediation Playbook - Quiet to False. - Add Remediation status flags. * Update Cortex Remediation playbook and PNG - Add more conditionals and separate XDR and Core tasks to visually show what is happening. * Update PNG link * Update Cortex ASM - Cortex Endpoint Remediation ReadMe * Add Skip task / branch if unavailable to true Co-authored-by: John <[email protected]> Co-authored-by: anas-yousef <[email protected]> * Modified BetweenHours.py script to handle midnight range (demisto#33774) (demisto#33932) * Modified BetweenHours script to handle midnight range * Increased content pack version and release notes * Added unit test * Fixed validation and lint issue * Added Contributors.json * Fixed lint issues with test file * Update release note to include docker change --------- Co-authored-by: Samuel Kamar <[email protected]> Co-authored-by: Mai Morag <[email protected]> * remove flaky test (demisto#33949) * Update permission needed for API calls in ServiceNow (demisto#33947) * Update permission needed for API calls in ServiceNow Ability to call web services in ServiceNow is granted by role snc_platform_rest_api_access. * Update README.md * Add `native:candidate` to pre-commit template `docker_image:nightly` (demisto#33944) * update candidate image tag * add `native:candidate` to `docker_image:nightly` * undo tag change * moved init of auth to startup instead of first request (demisto#33922) * moved init of auth to startup instead of first request * bump version * mah bad * fix bug * fixed tpb * push * secret ignore * instance * fix the tpb * simple pass * revert bad stuff * add fv * format * finish change * XSUP-35465/add argument (demisto#33837) * add argument * fix pre-commit * fixes * fixes * fix pre-commit * sdk 1.29.2 (demisto#33961) Co-authored-by: Content Bot <[email protected]> * [Marketplace Contribution] Google Chat via Webhook (demisto#33957) * [Marketplace Contribution] Google Chat via Webhook (demisto#33874) * "pack contribution initial commit" * Update GoogleChatViaWebhook.py * Minor fixes * Update pack_metadata.json * Update README.md --------- Co-authored-by: RotemAmit <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * pre-commit * updated doc string * Resize image and updated categories --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: RotemAmit <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * Deprecate BPA (demisto#33522) * pack open * no pre-commit- fixing after adi * no pre-commit- first commit * no pre-commit- until generate * no pre-commit- check polling mechanism * no pre-commit- check polling mechanism * no pre-commit- check polling mechanism * no pre-commit- check polling mechanism * no pre-commit- check polling mechanism * no pre-commit- check polling mechanism * no pre-commit- check polling mechanism * no pre-commit- check polling mechanism * no pre-commit- check polling mechanism * no pre-commit- fix py * no pre-commit- fix crash * no pre-commit- fix crash * no pre-commit- fix crash * no pre-commit- tests * no pre-commit- tests * no pre-commit- tests * no pre-commit- tests * no pre-commit- tests * no pre-commit- tests * no pre-commit- tests * no pre-commit- tests * no pre-commit- tests * no pre-commit- pre-commit fixes * no pre-commit- smallfix * no pre-commit- change trust certificate * no pre-commit- change trust certificate * no pre-commit- deprecate * no pre-commit- deprecate * fixes cr * deprecate * fix changes in aiops * delete not needed * fix build * [McAfee] Test TPB (demisto#33843) * test * fix TPB * revert this file --------- Co-authored-by: rshunim <[email protected]> Co-authored-by: rshunim <[email protected]> * Fix ews unserializable items error (demisto#33745) * added some logs * added recursion to parse_object_as_dict * changes * mid-save * add tests * Empty-Commit * fix rn * empty --------- Co-authored-by: okarkkatz <[email protected]> Co-authored-by: Judah Schwartz <[email protected]> Co-authored-by: Judah Schwartz <[email protected]> * delete lint from gitlab build (demisto#33861) * poetry: set `package-mode = false` (demisto#33962) * set `package-mode = false` * bump poetry * bump CI poetry version * Qradar handle polling timeout (demisto#33936) * qradar_timeout_playbooks * Add "is_error" check to ReadQRCode (demisto#33941) * init * fix unit-tests * add unit-tests * fix unit-tests * build fixes * RN * Fixed description of demisto.incidents (demisto#33919) * Fixed description of demisto.incidents * Fixed CR * SkyHigh Security Bug Fix (demisto#33807) * Changing the response type from the call * Reproduce issue in unittest * Added a fix in case the response is empty. * revert the yml change * Added tests, examples and fix * Added release notes * cr fixes * Updated docker image and fixed flake8 * Qradar Deprecated hidden commands (demisto#33910) * Deprecated hidden commands. * Improve performance for DBotPredictURLPhishing (demisto#31903) * init * first try * bug fixes * bug fixes * remove temp changes * remove timeit * init * update docker + RN * added unit-tests * refactor * refactor * fix unnassigned variable * build fixes * minor adjustments * fixed unit-tests * update docker * Bump pack from version PhishingURL to 1.1.12. * remove unnecessary validation * fix rasterize * resolve conflicts * unchange bc chnages * update docker * add validation * add weed_rasterize_errors() * finally works * remove debug * add context manager * improved docs * Update 2_0_3.md * RN * RN * RN * undo argToList * formatted tpbs * fix tpb * RN * RN --------- Co-authored-by: Content Bot <[email protected]> * added base_dn_query parameter (demisto#33888) * changed query * rn * PANW DLP - Setup instructions (demisto#33969) * add setup instructions * rn * rn * CitrixADC_Enhancement_CIAC-9982 (demisto#33838) * changes to the description field * commit * commit * changes to the modeling rules * changes to the modeling rules * fixes to the yml * fixes to the yml * fixes to the release notes * fixes to the release notes * fixes to parsing rule yml file * fixes to parsing rule yml file * changes to the RN * adding keywords to pack-ignore file * adding keywords to pack-ignore file * changes to the file * changes to the file * changes to the readme --------- Co-authored-by: cweltPA <[email protected]> * XSUP-35581/JiraV3- update file mime type in upload_file_command (demisto#33746) * the fix and a unit test * RN * cr fixes and unit tests * removed unnecesary debug logs * cr fixes * docker image update * cr fixes * remove MP from generic webhook (demisto#34025) * Add `validate-conf-json` hook (demisto#34027) * Xpanse wizard fixes (demisto#33933) * removed the xpanse pack section * RN * Fixed RN issue * Update Packs/CortexXpanse/ReleaseNotes/1_0_22.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * minimize validate-conf-json friction (demisto#34032) * minimize noise * only in CI, nightly * test * skip only commit * skip:commit only for now --------- Co-authored-by: ilan <[email protected]> * Update Redmine.yml tests (demisto#34033) * Update Redmine.yml tests * RN * Pre-Commit: copy coverage report folder to artifacts in GitLab (demisto#34024) * Fix subscription notification. (demisto#34023) * Fix subscription notification. Bump docker version. * Update Packs/AWS-SNS-Listener/ReleaseNotes/1_0_1.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * XSUP-36157 - A fix to MapRangeValues script (demisto#34013) * the fix * added a test playbook * docker image update and test playbook connection * Update Packs/FiltersAndTransformers/ReleaseNotes/1_2_68.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: EyalPintzov <[email protected]> * Gitlab v2.2.22 - Argument Description Change (demisto#33855) * Gitlab v2.2.22 - Argument Description Change (demisto#33637) * Updated Release Notes and added CONTRIBUTORS.json * Aligned CommandResults output. * Updated GitLabv2.yml GetFile Argument Description * v.2.2.22 * Encoded file_path --------- Co-authored-by: JudithB <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * Fixed TPB * Writing unit tests * Added support for not encoding already encoded file paths * pre-commit * Fixed comment * Added commit * Fixed comments * Added to file create command * CR fixes --------- Co-authored-by: Martin Ohl <[email protected]> Co-authored-by: JudithB <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * Implement filters for search email command (demisto#33755) (demisto#34046) * Implement filters for search email command * Implement Gmail support * Implement authentication with Infinity Credentials * Fix unit tests * Clean code and fix docs * Fix some validations * Increase test coverage Update release notes with no backward compatibility Update docs * Validation fixes and format * Set item prefix * Minor validation fixes * Minor improvements and fixes over code * Fix tests * Minor improvements Co-authored-by: Christian Gutierrez <[email protected]> * add memory_threshold (demisto#34045) * add memory_threshold * remove empty lines * Identity analytics for XSIAM - layout fix (demisto#34048) * layout fix * RN * Format URL ATP Wrapper update (demisto#34050) * revert docker (demisto#34051) * AwsRoute-53 - fix issue with aws-route53-list-resource-record-sets command (demisto#34052) * failed ut * fix the bug * bump rn * pre-commit * Thinks canary playbook fix (demisto#34054) * Fixed Enrich Thinks Canary Playbook * Added release notes and bump version * Code42 Event Collector (demisto#33432) * init code42-collector * description and code * add client * change support level * get_file_events func * implement test-module * get events command * empty fetch events * yml * start tests * dedup * file events algo * implement get_audit_logs * finish fetch logic * pre-commit * fixes * fix structure * some pre-commit fixes * fix several bugs * bump rn major * docker * fix * description file * readme * readme * test the test module * build uts infrastructure * test infra update * uts * ut * pre-commit * uts * add ut * transfer datetime to datestring recursivly * ut * more ut * mypy * docstring * test fix * config fixes + fetch bugs fixes * docker update and code improvments * pre-commit * logs * logs * validation fixes * rn update * docs improvments * docker-image * ignore * Update Packs/Code42/Integrations/Code42EventCollector/Code42EventCollector.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/Code42EventCollector.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/Code42EventCollector.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/Code42EventCollector.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/Code42EventCollector.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/Code42EventCollector_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/ReleaseNotes/5_0_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/Code42EventCollector_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Code42/Integrations/Code42EventCollector/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * cr * pre-commit * fixes * Creating modeling rules * fixing modeling rules * fix tests * ruff * refactor-modeling-rules * modeling-rules-fix-device-domain-fqdn * rn * last changes * docker-image update --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: ellopez777 <[email protected]> Co-authored-by: Chanan Welt <[email protected]> Co-authored-by: cweltPA <[email protected]> * fix pre commit nightly (demisto#34058) * Rapid7 fix (demisto#34061) * transplant demisto#34055 * rn and metadata * Update Packs/Rapid7_InsightIDR/ReleaseNotes/2_0_1.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * Fix DBotPredictURLPhishing failing on rasterize errors (demisto#34060) * init * fixed * RN * RN * added unit-tests; fixed CR changes * use list comprehension * ActiveMQ Config Data Types (demisto#34066) * Fix Code42 pack (demisto#34064) Fix Code42 pack demisto#34064 * Code42 collector fix first fetch (demisto#34067) * fix * bump rn * Bump pack from version Code42 to 5.0.2. --------- Co-authored-by: Content Bot <[email protected]> * add retry mechanism (demisto#34080) * ParseEmailFiles: Fixed an issue where same eml files are not recognized (demisto#34081) * XSUP-36299 FortiSIEM Fix Fetch Incident (demisto#34053) * Failing UT * Fixed the issue * Updated RN * Qualysv2: added start date to the test-module (demisto#34026) * added start date to the test-module * added rn * improvements * update docker * [ASM] EXPANDR-9134 service account changes (demisto#34068) * [ASM] EXPANDR-9134 service account changes (demisto#33926) * service account changes * service account changes to script * updated image * updated version * seperated service account * Add missing GCP tag binding logic * Update GCP Enrichment playbook PNG with tagbindings * Update release notes --------- Co-authored-by: bigeasyj <[email protected]> * changed name --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: bigeasyj <[email protected]> Co-authored-by: maimorag <[email protected]> * Fixed a problem where closing and incident in XDR with 'duplicate' cl… (demisto#34082) * Fixed a problem where closing and incident in XDR with 'duplicate' close reason, would not be closed in XSOAR. * RN * RN * Ew so365 decode fix (demisto#34078) * remove version from description * TDD * Added the fix * docs str * typo * Added rn * Update Packs/MicrosoftExchangeOnline/ReleaseNotes/1_3_5.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * [ASM] XPANDR- 7915 - Add the *SSHTerrapinAttack* attack surface rule. (demisto#34091) * [ASM] XPANDR- 7915 - Add the *SSHTerrapinAttack* attack surface rule. (demisto#34087) * added terrapin * RN * Update .pack-ignore * Fixed RNs --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: anas-yousef <[email protected]> * Fixed TPB. (demisto#34083) * Fixed TPB. TPB support for XSOAR6 and 8. Better README. Better integration doc. Docker version bump * changing ID of GetServerInfo to GetServerInfo_copy * 1. tmp TPB on xsoar6 only. 2. tmp use copy script * Run on xsoar_on_prem until longrunningport is set * Use port from GSM * Set integration fromversion to 6.9.0 * minimum supported version is 6.10 * Generic http request and sleep wrapper (demisto#33466) * lambda changes * progress * changes * added tests and changed code, also documentation added * fixed bugs and added zip file read in the publish layer * added 2 commands and unit tests * readme and yml fix * fixes and readme * rn * reverted to master not needed changes * format yml * rn * added generic http request * changes * Sleep wrapper * fix * revert * revert * revert * rn and fixes * fix and pre commit * add unit tests * fix * Bump pack from version Base to 1.33.45. * Bump pack from version Base to 1.33.46. * Bump pack from version Base to 1.33.47. * changed getrunduration to calling context * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <[email protected]> * CR * fix * changed docstring for tests * changed docstring for tests * fix * fix * fix * fix a bug * rn * CR * conf * CR * pre commit * rn * pre commit * pre commit * pre commit * pre commit * pre commit * pre commit * added params * pre commit * pre commit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * T1059 command and scripting xsiam fix (demisto#34049) * added a new conditional task * RN and task description * Bump pack from version Core to 3.0.26. * change the task location * added task description * validation error fix * Bump pack from version Core to 3.0.27. --------- Co-authored-by: Content Bot <[email protected]> * tests and docstring update * tests * tests * tests * test data * Tests * Deprecating old community integration * Deprecating old community integration * Readme fixes * yml fix * metadata update * Improvments * reorder * RN * RN * format * Arguments fix * improvements and fixes * update contributors * lint * pep8 fixes * pre commit fixes * lint * Create SOC email template command * readme update * validation fix * metadata update * create_soc_template_command test * RN update * Instance config update * Changed context keys to be populated. * lint * Fix context prefixes * Fixes * Fixes * Replacing creds type * Advanced config parameters * metadata update * Update Packs/OpenAI/ReleaseNotes/2_0_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenAI/ReleaseNotes/2_0_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenAI/Integrations/OpenAIGPT/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenAI/Integrations/OpenAIGPT/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenAI/Integrations/OpenAIGPT/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenAI/Integrations/OpenAIGPT/OpenAIGPT.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenAI/Integrations/OpenAIGPT/OpenAIGPT.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenAI/Integrations/OpenAIGPT/OpenAIGPT.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenAI/Integrations/OpenAIGPT/OpenAIGPT.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenAI/Integrations/OpenAIGPT/OpenAIGPT.yml Co-authored-by: ShirleyDenkberg <[email protected]> * introducing setup args function * better emails headers extraction * validations * File names refactor * fixes * known words enhancement * restore author image * validations * validations * validations * validations * validations * RN * RN * RN --------- Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: tkatzir <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: meichler <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: dorschw <[email protected]> Co-authored-by: John <[email protected]> Co-authored-by: anas-yousef <[email protected]> Co-authored-by: Samuel Kamar <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: Judah Schwartz <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: RotemAmit <[email protected]> Co-authored-by: Tal Carmeli <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: okarkkatz <[email protected]> Co-authored-by: Judah Schwartz <[email protected]> Co-authored-by: ilaner <[email protected]> Co-authored-by: JudithB <[email protected]> Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]> Co-authored-by: Yuval Cohen <[email protected]> Co-authored-by: sharonfi99 <[email protected]> Co-authored-by: cweltPA <[email protected]> Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: ilan <[email protected]> Co-authored-by: Danny Fried <[email protected]> Co-authored-by: EyalPintzov <[email protected]> Co-authored-by: Martin Ohl <[email protected]> Co-authored-by: Christian Gutierrez <[email protected]> Co-authored-by: OmriItzhak <[email protected]> Co-authored-by: Dror Avrahami <[email protected]> Co-authored-by: Guy Afik <[email protected]> Co-authored-by: ellopez777 <[email protected]> Co-authored-by: Chanan Welt <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: Moshe Galitzky <[email protected]> Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: Chait A <[email protected]> Co-authored-by: bigeasyj <[email protected]> Co-authored-by: maimorag <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: johnnywilkes <[email protected]>

…emisto#34324) * updated extraction mode * updated extraction mode * updated extraction mode * updated extraction mode * updated version * Update 1_0_24.md Co-authored-by: Chait A <[email protected]>

* HarfangLab EDR connector v1.2.0 (demisto#32559) * add new commands to manage whitelists (harfanglab-whitelist-search, harfanglab-whitelist-add, harfanglab-whitelist-add-criterion, harfanglab-whitelist-delete), add a new command to get a process graph from a process UUID (harfanglab-telemetry-process-graph), add policy name and agent groups in the agent key in every alert * update * Major improvement: 2 types of incidents (security events and threats), added a classifier for incoming incidents, added a dedicated layout for Threats * updates of the connector: new telemetry commands for dns, process graph, windows, linux and macos authentications, whitelist management commands, additional fields in the incidents (endpoint groups...) * replace deprecated demisto.results function with CommandResults + fix text issues in alert management playbook + add max_results parameter in the fetch-incidents command + * add new generic harfanglab-api-call command * add the harfanglab-telemetry-authentication-users to get the most frequent authenticating users on an endpoint * remove long running instance option * add 1.2.0 release notes * fix api_call function parameter type (string vs dict) * fix bugs * fix flake8 issues * fix QA issues * fix after demisto-sdk validate command * fix validation issue * fix pre-commit validation issues * fix after demisto-sdk pre-commit command * review * review * revert changes * fix bug in harfanglab-api-call command, remove duplicated API key parameter * fixed issues in PR checks * fix issues in CI * remove unnecessary spaces * fix CI issues * fix Outgoing mapper upper case * chore(harfanglab): update pack's known words list * chore(harfanglab): various typo fixes * feat(harfanglab): add integration name constant * fix(harfanglab): invalid type comparison error * fix(harfanglab): set a default value for parameters * style(harfanglab): black formatting * style(harfanglab): reformat all json files * chore(harfanglab): remove old GitHub account reference * chore(harfanglab): update docker image version * feat(harfanglab): raise error instead of returning message * feat(harfanglab): raise error instead of using assert * feat(harfanglab): remove unreachable code * feat(harfanglab): update last run handling * style(harfanglab): bump black version (v24.2) * fix(harfanglab): sec-event/threat status wasn't properly handled * fix(harfanglab): invalid field-name for filter * refactor(harfanglab): redo main/entrypoint function * feat(harfanglab): rework the 'get_function_from_command_name' function The function now throw an error instead of returning None. * feat(harfanglab): function for fetching security events * feat(harfanglab): function for fetching threats * refactor(harfanglab): redo the 'fetch_incidents' function * feat(harfanglab): update max_fetch hardcoded value * feat(harfanglab): function to validate an incident to be fetched Mutalise code from both security events and threats fetching functions. * feat(harfanglab): update type annotations for FetchHistory * feat(harfanglab): function to get a fetching cursor * feat(harfanglab): function to generate the XSOAR incident * feat(harfanglab): pass the 'last_run' object as argument in fetch_incidents function * feat(harfanglab): add a runtime adjustment for max_fetch value * feat(harfanglab): update type annotations * feat(harfanglab): remove unnecessary code * fix(harfanglab): invalid handling for fields parameter * refactor(harfanglab): redo the 'get_modified_remote_data' function * feat(harfanglab): update function's default values * feat(harfanglab): reword some logs * refactor(harfanglab): fix imports ordering * refactor(harfanglab): redo the 'get_remote_data' function * feat(harfanglab): remove unnecessary enum * feat(harfanglab): remove no longer used function * refactor(harfanglab): simplify duplicate code * docs(harfanglab): add docstring for the 'fetch_incidents' function * feat(harfanglab): redo the 'close_in_hfl' function Simplify the comparison statement from set and dictionary's keys and reword the description to be more understandable. * refactor(harfanglab): redo the 'update_remote_system' function * feat(harfanglab): reuse token for telemetry when available * feat(harfanglab): avoid logs spam when unnecessary * refactor(harfanglab): redo the 'set_updated_object' function * fix(harfanglab): invalid argument in threat mirroring request * fix(harfanglab): note mirroring when note doesn't exist yet * fix(harfanglab): fixes on command's output * fix(harfanglab): prefix incident field files with integration name * fix(harfanglab): logical implementation on 'get_frequent_users' * fix(harfanglab): don't add 'id' filter if there is nothing to filter * feat(harfanglab): more precision about 'max_fetch' errors * feat(harfanglab): comment about unreachable code * feat(harfanglab): rename incoming mapper * feat(harfanglab): update release note for 1.2.0 * feat(harfanglab): add basic unit tests * fix(harfanglab): CI flake8 validation * fix(harfanglab): CI misc validation * fix(harfanglab): CI lint validation * fix(harfanglab): CI pre-commit validation * style(harfanglab): change backticks for asterisks * style(harfanglab): change '<br>' anchor for raw '\n' * chore(harfanglab): revert formatting --------- Co-authored-by: Pierre <[email protected]> * changed dir * test * rn * doker image * docker image --------- Co-authored-by: Godefroy Amaury de Malefète <[email protected]> Co-authored-by: Pierre <[email protected]> Co-authored-by: Yuval Cohen <[email protected]> Co-authored-by: yucohen <[email protected]>

* Initial * Linting * Add docstrings Linting clean-up * Initial unit tests * Updated unit tests and documentation * Added author_image * Update paths * Cleanup * Code Cleanup * Linting * Fixed bug with datetime call * Code Cleanup * Code Cleanup * Linting * Code Cleanup * Code Linting * Linting * Linting * Linting * Linting * Linting * Linting * Linting * Linting * Linting * Linting * Linting * Linting * Linting * Code cleanup * Unit testing updates * Update docker image * Update integration image * Image update * Cleanup * Sync * small fixes - initial * Fixes * fixes * Updated retries to 3 * RN * lint * tests * tests * tests * tests * pep8 * rn * image * docs * image * RN * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/FeedNVDv2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Review * Update FeedNVDv2.yml --------- Co-authored-by: TerminalFin <[email protected]> Co-authored-by: Josh Levine <[email protected]> Co-authored-by: Josh Levine <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

Co-authored-by: Ariel Tobiana <[email protected]> Co-authored-by: anas-yousef <[email protected]>

* update RN * update RN * update RN

…classification when closing incident (demisto#34330) * MS Sentinel - Added missing classification reason for BenignPositive classification when closing incident (demisto#34306) * Added missing classification reason for BenignPositive classification * updated release notes * Updated RNs * Docker * Docker --------- Co-authored-by: Kristian Samsing <[email protected]> Co-authored-by: Anas Yousef <[email protected]>

* added NetScaler * keywords

* type fix * bump version * Refactor of outoftheoffice incident field type. Including all references. * Adding bc note * ignore unknown words. RN errors * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * fix bc note --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* TDD: committing failing tests * TDD: committing failing tests * changed so starred=false will be filtered in get_incidents * fixing tests * added release notes * test fixes * deprecate starred_incidents_fetch_window fix * fix tests * fixing tests * fixing tests * tests found a problem, fixing * fix test * fix code

* remove version from description * Added ignore * change error parsing * Revert "change error parsing" This reverts commit ed0c3ae. * Added rn * Update Packs/DemistoLocking/ReleaseNotes/1_0_10.md Co-authored-by: Judah Schwartz <[email protected]> * fixed validate * more valdiate --------- Co-authored-by: Judah Schwartz <[email protected]>

Co-authored-by: Daniel Pascual <[email protected]>

demisto#34103) * removed some code relating upload private content from the upload flow * pre commit fixes * remove some failing pre commit code from upload_packs_private * commit

* remove version from description * Added debug Added exception to slacklogger * rn * removed log * Added disclaimer to readme

* increase kubernetes memory * update resources for .run-pre-commit

* Fix typo XSIEM > XSIAM * update docker --------- Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]>

* fixed and added rn * added test * removed line

* separate infra tests from pre-commit in GitLab * separate infra tests from pre-commit in GitLab * add stage * fix

* changed the conditions in task number 3 and 69 * RN * RN * removed the inputs.SrcHostname, inputs.SrcIPAddress, inputs.Username used within tasks number 112 and 56 * added browser names to secrets ignore file * added FW app ID to secrets ignore file * revert changes in secrets ignore file * added browser names and FW app ID to secrets ignore file

* add VenafiV2 * add yml file * client authentication * wip get-certificates command * wip test_module * parse params * wip get_certificate_details command * wip commands * wip get_certificates_command * wip get_certificate_details_command * wip get_certificate_details_command * fixing pre commit * unit testing * add command_examples * refactor * add functions descriptions * change keysize to be not required * add argument description to the yml file * wip _store_token_in_context * wip _store_token_in_context * wip _store_token_in_context * new readme * refactor * refactor * refactor * refactor * refactor * Update Packs/Venafi/Integrations/VenafiV2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/VenafiV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/VenafiV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/VenafiV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/VenafiV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/VenafiV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/VenafiV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/VenafiV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/VenafiV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/VenafiV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Venafi/Integrations/VenafiV2/VenafiV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * cr fixes * cr fixes * add integration description * wip * wip * refactor * refactor * wip * add ID to get-certificates outputs * add ID to get-certificate-details outputs * fix context path * fix incompatible type * remove guid from response and change get-certificates-details arg guid additional data provided * add outputs_key_field to commandresults * integration description * add url to secret ignore * add freeze_time to mock_client_with_valid_token * update docker image and release note * remove using version comment from readme * fix cr * add venafiv2_test * update readme * add new venafi logo * update readme and yml * change conf.json * fix conf.json * change fromversion * add fromversion: 5.0.0 * deprecate V1 * deprecate V1 * update release note * change from version * add 1_0_2.md * create new test yml * remove test yml * add test yml * add fromversion to test yml * downgrade fromversion --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* Updated description and Display Name of the integration * Updated the description of SafeBreach pack and API key generation steps * Updated SafeBreach pack version Co-authored-by: Devang Mungara <[email protected]>

* remove semicolons * Update release notes * Update Packs/AbnormalSecurity/ReleaseNotes/2_2_8.md * Update Packs/AbnormalSecurity/ReleaseNotes/2_2_8.md --------- Co-authored-by: james-lim-xq <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]>

* Fix comments, spelling, typo, linting + order imports * Add backward search of 1hour to avoid missing events due to different publishing delays * Added release note + version * Updated docker image * Fixed release note (wrong docker version) * Updated RN to ensure customers are aware of possible duplicates creation Co-authored-by: Vectra-ODuda <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]>

* improve_rfc_script_description * added rn * update docker * changes * improve_rfc_script_description * Update Packs/FiltersAndTransformers/Scripts/IsRFC1918Address/IsRFC1918Address.yml Co-authored-by: Judah Schwartz <[email protected]> * Update Packs/FiltersAndTransformers/Scripts/IsRFC1918Address/README.md Co-authored-by: Judah Schwartz <[email protected]> --------- Co-authored-by: Judah Schwartz <[email protected]>

…34380) * Axonius Pack - Add default value to max_results description (demisto#34313) * Add default value to max_results description * Add default value as field. Add release notes. --------- Co-authored-by: Menachem Weinfeld <[email protected]> * Update the README; Update the docker image --------- Co-authored-by: sahar-hagbi1 <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: Menachem <[email protected]>

…o#34357) * [generic-polling] - add times * fix tests * bump rn * fix * pre-commit

* in progress * in progress * added rn * fixes * ready for testing * fixed tests * minor fixes * added test cases * cr fixes * pre commit fixes * test fixes * cr fixes

* Updated the gcc endpoints * Added rn for all integrations. * Missing rn * UpdateRN * CR Fixes

* Possible solution * Added more logs * Fixed CR notes * updated the logic * pre-commit fixes * pre-commit fixes * pre-commit fixes * fix * test fix * fix mypy * fix duplicates * rns * docker * set start_time correctly --------- Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]>

…34383) * add credentials support * update docker image * fix backwards compatibility Co-authored-by: Paul <[email protected]>

…isto#34382) * Adoption Process * Update Adoption Release Notes * Resolved comments --------- Co-authored-by: Rambatla Venkat Rao <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]>

…posure (demisto#34375) * [ASM] EXPANDR-9133 updated command filters asm-list-asset-internet-exposure (demisto#34320) * updated command filters asm-list-asset-internet-exposure * updated command for CortexXpanse and unit test cases * Misc changes * Misc changes --------- Co-authored-by: John <[email protected]> * Fix autopep8 --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: John <[email protected]> Co-authored-by: Menachem <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]>

* Edge case fix * Update playbook-Cortex_XDR_IOCs_-_Push_new_IOCs_to_XDR.yml * RN * Bump pack from version CortexXDR to 6.1.34. * RN * RN * PB * PB * Bump pack from version CortexXDR to 6.1.35. * PB fix + image --------- Co-authored-by: Content Bot <[email protected]>

* fix scope * update * update the docker * Bump pack from version AzureDataExplorer to 1.2.41. --------- Co-authored-by: Content Bot <[email protected]>

* Update docker images * More updatea * Rn Updates

* update execution timeout * test * revert * revert * update RN

* Add missing tactics to dashboard * Add more widgets to dashboard * Update release notes * Fix review comments * Remove duplicate widget * Bump pack from version FeedMitreAttackv2 to 1.1.35. * Fix according to review comments * Update release notes * Fix Attack pattern by month widget * Fix validation errors * Change widget to attack pattern by incident type * Fix review comments * Update release notes --------- Co-authored-by: Content Bot <[email protected]>

EWSv2 fix html body default behaviour demisto#34226

* play and RN (demisto#34312) * Bump pack from version CortexAttackSurfaceManagement to 1.7.38. --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: anas-yousef <[email protected]> Co-authored-by: Content Bot <[email protected]>

* init * appease build * appease build * appease build * RN

…-pack-upload (demisto#34231) * added saas-force-pack-upload and upload-sync-buckets-between-projects and force-upload-sync-buckets-between-projects Co-authored-by: Yaakov Praisler <[email protected]> --------- Co-authored-by: Yaakov Praisler <[email protected]>

* fix docs * rn

* Update Akamai WAF Docker Image * update rn

* Disable Docker Image Update CyberArkAIM v2 * update rn * Update Packs/cyberark_AIM/ReleaseNotes/1_0_18.md Co-authored-by: Judah Schwartz <[email protected]> --------- Co-authored-by: Judah Schwartz <[email protected]>

* validate_start_query_time * added RN and a test * updated debug logs * cr fixes and pre-commit * updated validate_first_fetch_time to check first_fetch parameter * cr fix

* added PATCH and DELETE to method_whitelist and increased the number of retries in create_gql_client * added RN files and bumped the version * Bump pack from version Base to 1.34.4. * updated RN --------- Co-authored-by: Content Bot <[email protected]>

* Add Zoom Mail integration

* Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated README

* Blocklist updates * RN

* Added temp fix * Updated RNs * Update 1_0_4.md * Added UTs * Added comment * Fixed test data * Fixed RNs * Update 1_0_4.md Co-authored-by: Jasmine Beilin <[email protected]> * Update 1_0_4.md --------- Co-authored-by: Jasmine Beilin <[email protected]>

…ot in the STIX format (demisto#34434) * [TAXII2 Server] Fixed issue to handle requests with indicators that not in the STIX format * Add type hint

… Update (demisto#34317) (demisto#34438) * "contribution update to pack 'Community Common Dashboards'" * Pushed fixes * Update version * Adding rn --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]> Co-authored-by: sberman <[email protected]>

* Update docker images * RN and bump version * Bump pack from version CommonScripts to 1.14.47. * pre-commit fix * pre-commit * Test fix * Test fix * revert * Bump pack from version CommonScripts to 1.14.48. * Adding logs to see in the build * remove logs * revert --------- Co-authored-by: Content Bot <[email protected]>

* [bug] - TAXII Server wrong API url * taxii server test * possible solution + precommit * rn * Added dcumentation * added docs * Delete integration-TAXIIServer.yml * is_xsiam_or_xsoar_saas * add http to check test playbook * fixed test * revert FeedTAXII * cr * pre-commit * taxii1 change * di * Bump pack from version TAXIIServer to 2.0.62. * Update 2_0_62.md --------- Co-authored-by: Content Bot <[email protected]>

* fixing the bug * fix CR * add fix with another attribute and disposing engine * Empty-Commit * remove - dev from yml * after customer approved * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * after CR * add UTs * pre commit * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * add comment * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL_test.py Co-authored-by: dorschw <[email protected]> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL_test.py Co-authored-by: dorschw <[email protected]> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL_test.py Co-authored-by: dorschw <[email protected]> * edit UTs * override the client's methods * Update Packs/GenericSQL/pack_metadata.json Co-authored-by: dorschw <[email protected]> * RN name --------- Co-authored-by: dorschw <[email protected]>

* update image * RN * update image * format

* squash * revert for a sec

* logs, docs and messaging improvements * use globals * Bump pack from version Base to 1.34.4. * Bump pack from version Base to 1.34.5. * fix note --------- Co-authored-by: Content Bot <[email protected]>

* added support * unit test * fix * fix * removed logging * rn * rn and docker * rn and docker * Apply suggestions from code review Co-authored-by: Dan Tavori <[email protected]> * CR * do not update docker * Update Packs/Elasticsearch/ReleaseNotes/1_3_22.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]>

* commit test * delete all ci content without gitlab-ci file * delete all scripts under Utils and Tests * change ref to test_move_all_ci_content * Empty commit * Empty commit * Empty commit * Empty commit * change mv to rsync for merge what that is under infra/Tests to Tests * change rsync to cp with rm for merge what that is under infra/Tests to Tests * Empty commit * Adding logic for choosing a branch that exists in infra * commit test * change the checking if branch name exist * commit test * commit test * remove all comments * test * commit test * commit test * commit * test test * commit * commit * revert all rules with regex * Empty commit * Empty commit * Empty commit * Empty commit * Empty commit * change the download_conf_repos file that not copy some files to content * Empty commit * add cp to google_secret_manager_handler and merge_and_delete_dev_secrets files * Empty commit * Empty commit * Empty commit * Empty commit * Empty commit * add conditions for include on gitlab-ci * commit * check if variable is undefined * commit * workaround to fail run validation * commit * Empty commit * add conf.json * commit * Empty commit * Empty commit * Empty commit * run content build on custom sdk * Empty commit * commit * commit * Empty commit * test for regular build (FireEyeHX update docker) * Empty commit * commit * commit * commit * commit * commit * commit * fix request_contributor_review workflow * commit * corrections * runs on move_all_ci_content * Empty commit * update poetry * Empty commit * commit * add script_runner file * delete script_runner file * update poetry * delete some files * fix pre-commit in github workflow * Empty commit * commit * commit * commit * commit * disable coverage-pytest-analyze hooks in pre commit * delete FireEye HX test * END --------- Co-authored-by: azonenfeld <[email protected]>

* add parameter hidden * update docker * Bump pack from version AbnormalSecurity to 2.2.9. * add parameter hiddento the code * Update Packs/AbnormalSecurity/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * fix CR comments --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

* update docker * commit * commit * commit * fix pre commit

…) (demisto#34449) * add credentials support * update docker image * update release notes * fix backwards compatibility * Update DomainTools_Iris.py * Revert DomainTools_Iris.py * Update DomainTools_Iris.py --------- Co-authored-by: Paul <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]>

* Ciac 10185 * Ciac 10185 * Ciac 10185 * Ciac 10185 * Ciac 10185 * Ciac 10185 * Ciac 10185 * Ciac 10185 * Ciac 10185 * Ciac 10185

* fix * fix * fix config file

…to#34391) * test - taxii 1 server * Update 2_0_61.md * added test * Bump pack from version TAXIIServer to 2.0.62. * Bump pack from version TAXIIServer to 2.0.63. * Update 2_0_63.md * Update 2_0_63.md --------- Co-authored-by: Content Bot <[email protected]>

* add comment * fix * fix * tests * mirroring alerts * fixe get alerts * DELETE DEBUG * SPACE * del,ete dev * fix * tests * pre-commit * pre-commit * fix params close * RN * fix readme * add test * fix * Updated docker image to demisto/pcap-miner:1.0.0.91369. PR batch #1/3 (demisto#33830) * Updated docker image to demisto/pcap-miner:1.0.0.91369. PR batch #2/3 (demisto#33831) Co-authored-by: Tal Zichlinsky <[email protected]> * fix rn * fix merge of auto docker * fix merge docker related * add test * pre-commit * cr * FIX CR * fix * revert * fix * fix tests * remove dev * fix raw * fix * fix comment * fix dev * Bump pack from version CortexXDR to 6.1.29. * fix after alerts changed * Apply suggestions from code review doc review Co-authored-by: ShirleyDenkberg <[email protected]> * Merge remote-tracking branch 'origin' into xdr_alert_mrroring * Apply suggestions from code review docs and adi Co-authored-by: Adi Bamberger Edri <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * cr * fix * fix test * assign params * fix debug * FIX PALYBOOK * fix test * delete informatinal * 6_1_30 * fix playbook * add version * rn31 * Bump pack from version CortexXDR to 6.1.32. * fix rn * fix * fix 33 * fix * Bump pack from version CortexXDR to 6.1.35. * Bump pack from version CortexXDR to 6.1.36. * Bump pack from version CortexXDR to 6.1.37. * docker image --------- Co-authored-by: samuelFain <[email protected]> Co-authored-by: Tal Zichlinsky <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Adi Bamberger Edri <[email protected]>

…#34119) (demisto#34470) * update data modeling rule to properly handle integrity level * incorporating linting and reviewer suggestions * Update Release notes --------- Co-authored-by: paulusaltus <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: RotemAmit <[email protected]>

* Modified modeling rules of cisco asa * Added release notes. * Modified modeling rule.

* replace IP * better logs * autopep8 * change domain * increase TPB timeout

…o#34359) (demisto#34461) * Update integration and tests to support reopened * Update readme * Update release notes * pre commit fix Co-authored-by: John <[email protected]> Co-authored-by: anas-yousef <[email protected]>

* add piping at the end and beginning of each row * Removed unnecessary code * Added rn * Added rn * Update Packs/Base/ReleaseNotes/1_34_6.md Co-authored-by: Judah Schwartz <[email protected]> --------- Co-authored-by: Judah Schwartz <[email protected]>

* remove flake8 dependency * remove `native` group * update boto3 * remove `boto3`, update `boto3-stubs` * fix mypy issue * remove boto3 * remove boto3 * remove boto3 * lock * undo AWS-SH changes * add typing, matching SDK versions * match deps * update deps

@ssokolovich

* Stellar Cyber (demisto#33481) * Initial commit of Stellar Cyber Pack * add .pack-ignore * Update files with demisto-sdk format * Update StellarCyber integration and pack metadata * Update StellarCyber incidentfields and integrations * Update StellarCyber version from 6.0.0 to 6.6.0 * Add outputs for StellarCyber.Case.Close and StellarCyber.Case.Update * Update StellarCyber integration: Modify incident fetching and add fetch limit*** This commit updates the `StellarCyber.py` file in the `StellarCyber` integration. It modifies the `get_new_incidents` function to include a `limit` parameter for fetching a specified number of incidents. Additionally, the `fetch_incidents` function now passes the `fetch_limit` parameter to the `get_new_incidents` function. This allows for more control over the number of incidents fetched. The commit also includes some minor code cleanup and formatting changes. * Fix bug in login functionality * Refactor StellarCyber integration code * update documentation * Remove unused imports * Update StellarCyber.py Removed unnecessary comments * Update StellarCyber pack metadata and integrations as per PR notes * Update .secrets-ignore Add missing [email protected] value * Update README.md tested with version and fixed linting errors * Fix layout, removed empty section and increased the size of two sections * Update StellarCyber pack: removed "Stellar Cyber Case ID" and "Stellar Cyber Case URL" incident fields. Refactored to use "External ID" and "External Link" common fields instead. Added "External ID" (as the replacement for "Stellar Cyber Case ID" which had been missing from layout) and "Stellar Cyber Tenant ID" to layout. Changes suggested by @ssokolovich * Update StellarCyber pack: - Increased the width of "shortText" fields in incidentfields_StellarCyber_Case_Alerts.json - Added new read-only fields in incidentfields_StellarCyber_Case_Alerts.json - Added extractSettings in incidenttype-StellarCyber_Case.json - Updated layout in layoutscontainer-StellarCyber_Case.json - Refactored StellarCyber.py to handle authorization errors in test_module_command * Update layoutscontainer-StellarCyber_Case.json Removed marketplaces attribute as per @ssokolovich suggestion * chore: Update incident field mappings to make them unsearchable and specify support for only xsoar * fix: remove whitespace * chore: Update secrets-ignore and test_data URLs * Update secrets-ignore and test_data URLs * Empty commit --------- Co-authored-by: wfales <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: maimorag <[email protected]>

(demisto#34493) * opening new pack * Empty commit

* fixed * unit-tests * RN * CR changes * docker * add unit-tests * appease build * appease build * appease build * Remove rasterize.yml changes

* add wiz-get-issue command * add release notes files * add space in unit tests * fix pr comments * fix pr comments * fix secret job Co-authored-by: Ariel Tobiana <[email protected]>

…valid value (demisto#34484) * [TAXII2 Server] Fixed issue handle request for File indicator with invalid value * Empty

* [feedly] Fix new intrusion set objects * [feedly] update image version * [feedly] parse vulnerabilities * [feedly] update version --------- Co-authored-by: Mathieu Béligon <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]>

* in openCTI pack filters object changed * in openCTI pack filters object changed and start_score, end_score default values changed to 0-100 * in openCTI pack filters object changed. start_score, end_score default values changed to 0-100 and no more NoneType error when inserting just end or just start. indicator_type default changed to ALL * in openCTI pack filters object changed. start_score, end_score default values changed to 0-100 and no more NoneType error when inserting just end or just start. indicator_type defulat changed to ALL * in openCTI pack filters object changed. start_score, end_score default values changed to 0-100 and no more NoneType error when inserting just end or just start. indicator_type defulat changed to ALL * in openCTI pack filters object changed. start_score, end_score default values changed to 0-100 and no more NoneType error when inserting just end or just start. indicator_type defulat changed to ALL * in openCTI pack filters object changed. start_score, end_score default values changed to 0-100 and no more NoneType error when inserting just end or just start. indicator_type defulat changed to ALL * in openCTI pack filters object changed. start_score, end_score default values changed to 0-100 and no more NoneType error when inserting just end or just start. indicator_type defulat changed to ALL * in openCTI pack filters object changed. start_score, end_score default values changed to 0-100 and no more NoneType error when inserting just end or just start. indicator_type default changed to ALL * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * in openCTI pack filters object changed. * added a relase note to Feed * added a relase note to Feed * added autoUpdateDockerImage=false to yml * readme changed --------- Co-authored-by: noy <nodavidi.paloaltonetworks.com>

…ayout (demisto#34460) * Use the same instance from the incident to run the scripts from the layout (demisto#34413) * Use the same instance from the incident to run the scripts from the layout * Increase test coverage for scripts * Improve release notes * Updated the docker image and the release notes accordingly * Updated docker image --------- Co-authored-by: Christian Gutierrez <[email protected]> Co-authored-by: sberman <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]>

* back all scripts for contribution * fix autoBump * autopep * move mypy.sh to .circleci folder * commit

…to#33946) * Testing polling implementation * Set integration id a testing value and name * Add poling key in yml * Fix pooling key in yml file * Remove redundant comment * Remove redundant code * Added guid argument for polling mechanism * Remove redundant comment * Add timeout_err_msg command argument; hide guid and timeout_err_msg arguments * Add version check to distinguish between v6/v8 logic * Update `NextRun` polling value * Remove dev name from yml * Update guid parameter description * Add debug logs * Update release notes * Update pack marketplace tags, fix invalid log * Update TPB * re-add marketplaces key in yml file * Extend TPB timeout value in conf.json

* fix * Update 6_1_38.md

* Updated the poetry log to the artifact folder * updated the username * removed redundant files * updated the username

* fix to test module * docker * rn * docker * Update Packs/AWS-NetworkFirewall/ReleaseNotes/1_0_7.md * docker * Update Packs/AWS-NetworkFirewall/ReleaseNotes/1_0_7.md

* [bug] - email attachment decode error * more logs * added debug logs * debug log * pre commit * added more tests * pre commit * debug logs * Update 1_0_54.md * Judah doc review * di

…4477) * Test for CIAC 10315 * Test for CIAC 10315 * Test for CIAC 10315 * Test for CIAC 10315

* Ignore ZipFile in native image * Add UT to ZipFile * Update Packs/CommonScripts/Scripts/ZipFile/ZipFile.py Co-authored-by: Judah Schwartz <[email protected]> * Address CR for ZipFile Script * Remove test-files from ZipFile * Fix bug in ZipFile * Add RN and update version for CommonScripts * Fix RN and and pre-commit changes * address validation errors * Address CR on ZipFile test * Add troubleshooting section to README * Fix pre-commit errors * Empty commit * Update docker image * Update docker image and fix validations error * Update RN and pack version for CommonScripts --------- Co-authored-by: Judah Schwartz <[email protected]>

* overwrite check method * remove unnecessary import * add log wrapper * add log msg * RN * docker * rn * cr fix * fix RN message * capture all logs * fix UT

* fixing bug artifacts from XDR missing * adding rl * add rl * remove debugging * fix default val * fix * Bump pack from version CortexXDR to 6.1.35. * Bump pack from version CortexXDR to 6.1.36. * Bump pack from version CortexXDR to 6.1.37. * cr * cr fix default values in functions * fix error * Update Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR.py Co-authored-by: EyalPintzov <[email protected]> * fix default * fix docker * fix tests * fix default * conflict fixes * pre-commit fixes * Empty commit * Bump pack from version CortexXDR to 6.1.39. * Empty commit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: EyalPintzov <[email protected]>

* kev fix * updated tests * Update Packs/FeedNVDv2/ReleaseNotes/1_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]>

…k Update (demisto#34530) (demisto#34540) * "contribution update to pack 'PAN-OS by Palo Alto Networks'" * pack resubmitted * resolved rebase conflicts * Merge from master * - * - * Updated docker image * Removed pack.zip * Fixed test --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: sberman <[email protected]>

* init pack and integration * first commit * del empty file * clean * del pip * added UT * playbook * img * metadata * docs * commit * readme and UT * docstring * revert gitlab change * UT - no_response * CR Fix- docstring, readme * fix * some checks * some checks * some changes * authentication * changes * search command * search command fixes times * changes * helper function * tests * tests update * test changes * tests * test fixes * fixes * new function * tests * tests * test * fixes * some fixes * pre commit fixes + test * generate readme * change * test playbook and conf json * build fixes * docs * pre commit fixes * fix * fromversion * default dates * headers * format * code review fixes * permission description * pre commit fixes * logout * login docs * pre-commit fixes * yml and description fixes * test fix * description and error for end time without start time * pre-commit * some * info * disable_warnings * exception * headers * get_limit test * pre-commit fixes * fixes * fromversion * fix * page_size limitation * demisto exceptions * pre-commit * pre-commit * doc review fixes * doc fixes * dots * version of TPB * exabeam logo * without logout - check build failure * logout * client init * desription fixes * table order * docker image * description * readme --------- Co-authored-by: Shmuel Kroizer <[email protected]>

* New exabeam sop pack * search function * pre-commit fixes * from query to filter * pre commit fixes * docs * search test * tests * tests and pre commit fixes * description * descriptions yml * validations * fix * playbook * playbook id * readme and command examples * image and version * some * some * version * description to integration * hr and yml changes * readme updates * required changes * yml * description spaces * description * yml * get_date fix * conf json * demisto.info * get_date exception * some * headers * get_limit+test * fixes and fromversion * pre-commit * doc review fixes * error recommendation * pre-commit fixes * DemistoException * pre-commit * code review * pre-commit * examples in doc string and version of test playbook * pre-commit fix * exabeam image * dockerimage * description fixes * description * test * description * descriptions fixes * dockerimage

* Use proxies in crwdstrike * PROXY bool. Add RN Update docker * Update Packs/CrowdStrikeFalcon/ReleaseNotes/1_13_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * Remove redundant handle_proxy calls * remove typo --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* Changing the create date from a system field to firstCreated * Update poetry * rename defaultDataSourceName * add defaultDataSourceName in upload * add datat source tag to packs with defaultDataSourceName * always add defaultDataSourceName * order integrations list * remove datasource from private * add defaultDataSourceName * run fix PA131 * add defaultDataSourceName to more packs * fix PA132 * fix build * change demisto-sdk rev * change demisto-sdk rev * update to display name * change salesforce datasource * override upload * update lock file * update sdk reference * update sdk reference * update sdk reference * change defaultDataSource to dict * update sdk ref * update sdk ref * add XSIAM bucket connecting info * update sdk ref * add test upload * add UT * sdk ref uses infra * sdk ref uses infra * run with infra branch * check exclude fix * check exclude fix * check alias fix * check rename fix * check null fix * update readmes * retrieve INFRA_BRANCH * fix readme --------- Co-authored-by: Amichai <[email protected]>

…leThreatIntelligence.yml Co-authored-by: Shelly Tzohar <[email protected]>

…ligence_Detonate_Test.yml Co-authored-by: Shelly Tzohar <[email protected]>

…igence/README.md Co-authored-by: Shelly Tzohar <[email protected]>

Commits on May 28, 2024

typo

pabloperezj committed May 28, 2024

Configuration menu

View commit details

Copy full SHA for 4e95b0e

Browse repository at this point

Copy the full SHA

4e95b0e View commit details

Browse the repository at this point in the history

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

testing release #107

testing release #107

Commits on May 1, 2024

Commits on May 2, 2024

Commits on May 3, 2024

Commits on May 5, 2024

Commits on May 6, 2024

Commits on May 7, 2024

Commits on May 8, 2024

Commits on May 9, 2024

Commits on May 10, 2024

Commits on May 12, 2024

Commits on May 13, 2024

Commits on May 14, 2024

Commits on May 15, 2024

Commits on May 16, 2024

Commits on May 17, 2024

Commits on May 18, 2024

Commits on May 19, 2024

Commits on May 20, 2024

Commits on May 21, 2024

Commits on May 22, 2024

Commits on May 23, 2024

Commits on May 24, 2024

Commits on May 26, 2024

Commits on May 27, 2024

Commits on May 28, 2024