diff --git a/Packs/Code42/Integrations/Code42/Code42.py b/Packs/Code42/Integrations/Code42/Code42.py index 3497946763f4..45b93d331387 100644 --- a/Packs/Code42/Integrations/Code42/Code42.py +++ b/Packs/Code42/Integrations/Code42/Code42.py @@ -152,7 +152,7 @@ def _get_all_high_risk_employees_from_page(page, risk_tags): def _try_convert_str_list_to_list(str_list): if isinstance(str_list, str): - return str_list.split() + return str_list.split(",") return str_list @@ -952,9 +952,10 @@ def user_reactivate_command(client, args): def download_file_command(client, args): file_hash = args.get("hash") + filename = args.get("filename") or file_hash response = client.download_file(file_hash) file_chunks = [c for c in response.iter_content(chunk_size=128) if c] - return fileResult(file_hash, data=b"".join(file_chunks)) + return fileResult(filename, data=b"".join(file_chunks)) """Fetching""" @@ -1117,7 +1118,7 @@ def get_command_map(): "code42-user-block": user_block_command, "code42-user-unblock": user_unblock_command, "code42-user-deactivate": user_deactivate_command, - "code42_user-reactivate": user_reactivate_command, + "code42-user-reactivate": user_reactivate_command, "code42-download-file": download_file_command, } diff --git a/Packs/Code42/Integrations/Code42/Code42.yml b/Packs/Code42/Integrations/Code42/Code42.yml index b16f1aa93348..f40ea109dc97 100644 --- a/Packs/Code42/Integrations/Code42/Code42.yml +++ b/Packs/Code42/Integrations/Code42/Code42.yml @@ -419,11 +419,20 @@ script: description: The username of the High Risk Employee. type: Unknown - arguments: - - default: false - description: To filter results by employees who have these risk tags. Space + - auto: PREDEFINED + default: false + description: To filter results by employees who have these risk tags. Comma delimited. isArray: false name: risktags + predefined: + - PERFORMANCE_CONCERNS + - PERFORMANCE_CONCERNS + - POOR_SECURITY_PRACTICES + - HIGH_IMPACT_EMPLOYEE + - ELEVATED_ACCESS_PRIVILEGES + - FLIGHT_RISK + - CONTRACT_EMPLOYEE required: false secret: false - default: false @@ -453,10 +462,19 @@ script: name: username required: true secret: false - - default: false - description: Space-delimited risk tags to associate with the High Risk Employee. + - auto: PREDEFINED + default: false + description: Comma-delimited risk tags to associate with the High Risk Employee. isArray: false name: risktags + predefined: + - PERFORMANCE_CONCERNS + - PERFORMANCE_CONCERNS + - POOR_SECURITY_PRACTICES + - HIGH_IMPACT_EMPLOYEE + - ELEVATED_ACCESS_PRIVILEGES + - FLIGHT_RISK + - CONTRACT_EMPLOYEE required: true secret: false deprecated: false @@ -480,10 +498,19 @@ script: name: username required: true secret: false - - default: false - description: Space-delimited risk tags to disassociate from the High Risk Employee. + - auto: PREDEFINED + default: false + description: Comma-delimited risk tags to disassociate from the High Risk Employee. isArray: false name: risktags + predefined: + - PERFORMANCE_CONCERNS + - PERFORMANCE_CONCERNS + - POOR_SECURITY_PRACTICES + - HIGH_IMPACT_EMPLOYEE + - ELEVATED_ACCESS_PRIVILEGES + - FLIGHT_RISK + - CONTRACT_EMPLOYEE required: true secret: false deprecated: false @@ -604,6 +631,12 @@ script: name: hash required: true secret: false + - default: false + description: The filename to save the file as. + isArray: false + name: filename + required: false + secret: false deprecated: false description: Downloads a file from Code42 servers. execution: false diff --git a/Packs/Code42/Integrations/Code42/Code42_test.py b/Packs/Code42/Integrations/Code42/Code42_test.py index 43ea9043687e..99b8ded2c230 100644 --- a/Packs/Code42/Integrations/Code42/Code42_test.py +++ b/Packs/Code42/Integrations/Code42/Code42_test.py @@ -70,8 +70,8 @@ "deviceUserName":"test@example.com", "osHostName":"HOSTNAME", "domainName":"host.docker.internal", - "publicIpAddress":"162.222.47.183", - "privateIpAddresses":["172.20.128.36","127.0.0.1"], + "publicIpAddress":"255.255.255.255", + "privateIpAddresses":["255.255.255.255","127.0.0.1"], "deviceUid":"935873453596901068", "userUid":"912098363086307495", "actor":null, @@ -134,7 +134,7 @@ "deviceUserName":"test@example.com", "osHostName":"TEST'S MAC", "domainName":"host.docker.internal", - "publicIpAddress":"162.222.47.183", + "publicIpAddress":"255.255.255.255", "privateIpAddresses":["127.0.0.1"], "deviceUid":"935873453596901068", "userUid":"912098363086307495", @@ -198,7 +198,7 @@ "deviceUserName":"test@example.com", "osHostName":"Test's Windows", "domainName":"host.docker.internal", - "publicIpAddress":"162.222.47.183", + "publicIpAddress":"255.255.255.255", "privateIpAddresses":["0:0:0:0:0:0:0:1","127.0.0.1"], "deviceUid":"935873453596901068", "userUid":"912098363086307495", @@ -248,7 +248,7 @@ MOCK_CODE42_EVENT_CONTEXT = [ { "ApplicationTabURL": "example.com", - "DevicePrivateIPAddress": ["172.20.128.36", "127.0.0.1"], + "DevicePrivateIPAddress": ["255.255.255.255", "127.0.0.1"], "DeviceUsername": "test@example.com", "EndpointID": "935873453596901068", "EventID": "0_1d71796f-af5b-4231-9d8e-df6434da4663_935873453596901068_956171635867906205_5", @@ -1380,7 +1380,7 @@ def test_departingemployee_get_all_command_when_no_employees( no_employees_response ) client = create_client(code42_departing_employee_mock) - cmd_res = departingemployee_get_all_command(client,{}) + cmd_res = departingemployee_get_all_command(client, {}) assert cmd_res.outputs_prefix == "Code42.DepartingEmployee" assert cmd_res.outputs_key_field == "UserID" assert cmd_res.raw_response == {} @@ -1456,7 +1456,7 @@ def test_highriskemployee_get_all_command_when_given_risk_tags_only_gets_employe client = create_client(code42_high_risk_employee_mock) cmd_res = highriskemployee_get_all_command( client, - {"risktags": "PERFORMANCE_CONCERNS SUSPICIOUS_SYSTEM_ACTIVITY POOR_SECURITY_PRACTICES"}, + {"risktags": "PERFORMANCE_CONCERNS,SUSPICIOUS_SYSTEM_ACTIVITY,POOR_SECURITY_PRACTICES"}, ) expected_response = [json.loads(MOCK_GET_ALL_HIGH_RISK_EMPLOYEES_RESPONSE)["items"][0]] assert cmd_res.outputs_prefix == "Code42.HighRiskEmployee" @@ -1494,7 +1494,7 @@ def test_highriskemployee_get_all_command_when_no_employees(code42_high_risk_emp client = create_client(code42_high_risk_employee_mock) cmd_res = highriskemployee_get_all_command( client, - {"risktags": "PERFORMANCE_CONCERNS SUSPICIOUS_SYSTEM_ACTIVITY POOR_SECURITY_PRACTICES"}, + {"risktags": "PERFORMANCE_CONCERNS,SUSPICIOUS_SYSTEM_ACTIVITY,POOR_SECURITY_PRACTICES"}, ) assert cmd_res.outputs_prefix == "Code42.HighRiskEmployee" assert cmd_res.outputs_key_field == "UserID" @@ -1507,7 +1507,7 @@ def test_highriskemployee_add_risk_tags_command(code42_sdk_mock): tags = "FLIGHT_RISK" client = create_client(code42_sdk_mock) cmd_res = highriskemployee_add_risk_tags_command( - client, {"username": _TEST_USERNAME, "risktags": "FLIGHT_RISK"} + client, {"username": _TEST_USERNAME, "risktags": tags} ) assert cmd_res.raw_response == _TEST_USER_ID assert cmd_res.outputs_prefix == "Code42.HighRiskEmployee" @@ -1516,21 +1516,21 @@ def test_highriskemployee_add_risk_tags_command(code42_sdk_mock): assert cmd_res.outputs["Username"] == _TEST_USERNAME assert cmd_res.outputs["RiskTags"] == tags code42_sdk_mock.detectionlists.add_user_risk_tags.assert_called_once_with( - _TEST_USER_ID, ["FLIGHT_RISK"] + _TEST_USER_ID, [tags] ) def test_highriskemployee_remove_risk_tags_command(code42_sdk_mock): client = create_client(code42_sdk_mock) cmd_res = highriskemployee_remove_risk_tags_command( - client, {"username": _TEST_USERNAME, "risktags": "FLIGHT_RISK CONTRACT_EMPLOYEE"} + client, {"username": _TEST_USERNAME, "risktags": "FLIGHT_RISK,CONTRACT_EMPLOYEE"} ) assert cmd_res.raw_response == _TEST_USER_ID assert cmd_res.outputs_prefix == "Code42.HighRiskEmployee" assert cmd_res.outputs_key_field == "UserID" assert cmd_res.outputs["UserID"] == _TEST_USER_ID assert cmd_res.outputs["Username"] == _TEST_USERNAME - assert cmd_res.outputs["RiskTags"] == "FLIGHT_RISK CONTRACT_EMPLOYEE" + assert cmd_res.outputs["RiskTags"] == "FLIGHT_RISK,CONTRACT_EMPLOYEE" code42_sdk_mock.detectionlists.remove_user_risk_tags.assert_called_once_with( _TEST_USER_ID, ["FLIGHT_RISK", "CONTRACT_EMPLOYEE"] ) diff --git a/Packs/Code42/Integrations/Code42/README.md b/Packs/Code42/Integrations/Code42/README.md index 02c75bdbd7de..d9f6ed54fcb5 100644 --- a/Packs/Code42/Integrations/Code42/README.md +++ b/Packs/Code42/Integrations/Code42/README.md @@ -420,7 +420,7 @@ Get all employees on the High Risk Employee List. | **Argument Name** | **Description** | **Required** | | --- | --- | --- | -| risktags | To filter results by employees who have these risk tags. Space delimited. | Optional | +| risktags | To filter results by employees who have these risk tags. Comma delimited. | Optional | | results | The number of items to return. | Optional | diff --git a/Packs/Code42/Playbooks/playbook-Code42_Change_Blocked_Status.yml b/Packs/Code42/Playbooks/playbook-Code42_Change_Blocked_Status.yml deleted file mode 100644 index 9f150de37e6e..000000000000 --- a/Packs/Code42/Playbooks/playbook-Code42_Change_Blocked_Status.yml +++ /dev/null @@ -1,245 +0,0 @@ -id: Code42 Change Blocked Status -description: A simple playbook for blocking or unblocking a user in Code42. -inputs: -- description: Either the string "block" or "unblock". - key: Action - playbookInputQuery: - required: false - value: {} -- description: The username of the user to block or unblock in Code42. - key: username - playbookInputQuery: - required: false - value: {} -name: Code42 Change Blocked Status -outputs: [] -starttaskid: "0" -tasks: - "0": - id: "0" - ignoreworker: false - nexttasks: - '#none#': - - "1" - note: false - quietmode: 0 - separatecontext: false - skipunavailable: false - task: - brand: "" - id: 9a342074-7df0-4dd1-8a82-d7804e6082b3 - iscommand: false - name: "" - version: -1 - description: "" - taskid: 9a342074-7df0-4dd1-8a82-d7804e6082b3 - timertriggers: [] - type: start - view: |- - { - "position": { - "x": 602.5, - "y": 50 - } - } - "1": - id: "1" - ignoreworker: false - nexttasks: - '#default#': - - "5" - "yes": - - "2" - note: false - quietmode: 0 - scriptarguments: - brandname: - simple: Code42 - separatecontext: false - skipunavailable: false - task: - brand: "" - description: Returns 'yes' if integration brand is available. Otherwise returns - 'no' - id: a63a96d0-a534-48ce-8e6f-83861753e106 - iscommand: false - name: Is Code42 Available? - script: IsIntegrationAvailable - type: condition - version: -1 - taskid: a63a96d0-a534-48ce-8e6f-83861753e106 - timertriggers: [] - type: condition - view: |- - { - "position": { - "x": 602.5, - "y": 195 - } - } - "2": - conditions: - - condition: - - - left: - iscontext: true - value: - complex: - root: inputs.action - transformers: - - operator: toUpperCase - operator: isEqualString - right: - value: - simple: BLOCK - label: block - - condition: - - - left: - iscontext: true - value: - complex: - root: inputs.action - transformers: - - operator: toUpperCase - operator: isEqualString - right: - value: - simple: UNBLOCK - label: unblock - id: "2" - ignoreworker: false - nexttasks: - '#default#': - - "5" - block: - - "3" - unblock: - - "4" - note: false - quietmode: 0 - separatecontext: false - skipunavailable: false - task: - brand: "" - id: 435ab4db-7c90-42fe-8c5c-4d195b5d52a4 - iscommand: false - name: Is Block or Unblock? - type: condition - version: -1 - description: "" - taskid: 435ab4db-7c90-42fe-8c5c-4d195b5d52a4 - timertriggers: [] - type: condition - view: |- - { - "position": { - "x": 480, - "y": 370 - } - } - "3": - id: "3" - ignoreworker: false - nexttasks: - '#none#': - - "5" - note: false - quietmode: 0 - scriptarguments: - username: - simple: ${inputs.username} - separatecontext: false - skipunavailable: false - task: - brand: Code42 - description: Blocks a user in Code42. A blocked user is not allowed to log - in or restore files. Backups will continue if the user is still active. - id: fcfd80be-6e52-409f-8d89-8d38a18b56c9 - iscommand: true - name: Block User - script: Code42|||code42-user-block - type: regular - version: -1 - taskid: fcfd80be-6e52-409f-8d89-8d38a18b56c9 - timertriggers: [] - type: regular - view: |- - { - "position": { - "x": 50, - "y": 545 - } - } - "4": - id: "4" - ignoreworker: false - nexttasks: - '#none#': - - "5" - note: false - quietmode: 0 - scriptarguments: - username: - simple: ${inputs.username} - separatecontext: false - skipunavailable: false - task: - brand: Code42 - description: Removes a block, if one exists, on the user with the given user - ID. Unblocked users are allowed to log in and restore. - id: a92925e8-749c-4d05-8ef1-f68f72ed4d98 - iscommand: true - name: Unblock User - script: Code42|||code42-user-unblock - type: regular - version: -1 - taskid: a92925e8-749c-4d05-8ef1-f68f72ed4d98 - timertriggers: [] - type: regular - view: |- - { - "position": { - "x": 480, - "y": 545 - } - } - "5": - id: "5" - ignoreworker: false - note: false - quietmode: 0 - separatecontext: false - skipunavailable: false - task: - brand: "" - id: d9a6c88f-b5e1-4c92-850a-99b4f59908aa - iscommand: false - name: Done - type: title - version: -1 - description: "" - taskid: d9a6c88f-b5e1-4c92-850a-99b4f59908aa - timertriggers: [] - type: title - view: |- - { - "position": { - "x": 490, - "y": 720 - } - } -version: -1 -fromversion: 5.0.0 -tests: -- No Test -view: |- - { - "linkLabelsPosition": {}, - "paper": { - "dimensions": { - "height": 735, - "width": 932.5, - "x": 50, - "y": 50 - } - } - } diff --git a/Packs/Code42/Playbooks/playbook-Code42_Change_Blocked_Status_CHANGELOG.md b/Packs/Code42/Playbooks/playbook-Code42_Change_Blocked_Status_CHANGELOG.md deleted file mode 100644 index cfe7a08d89dc..000000000000 --- a/Packs/Code42/Playbooks/playbook-Code42_Change_Blocked_Status_CHANGELOG.md +++ /dev/null @@ -1,2 +0,0 @@ -## [Unreleased] -A simple playbook for blocking or unblocking a user in Code42. diff --git a/Packs/Code42/Playbooks/playbook-Code42_Change_Blocked_Status_README.md b/Packs/Code42/Playbooks/playbook-Code42_Change_Blocked_Status_README.md deleted file mode 100644 index 85a73e984686..000000000000 --- a/Packs/Code42/Playbooks/playbook-Code42_Change_Blocked_Status_README.md +++ /dev/null @@ -1,33 +0,0 @@ -A simple playbook for blocking or unblocking a user in Code42. - -## Dependencies -This playbook uses the following sub-playbooks, integrations, and scripts. - -### Sub-playbooks -This playbook does not use any sub-playbooks. - -### Integrations -* Code42 - -### Scripts -This playbook does not use any scripts. - -### Commands -* code42-user-unblock -* code42-user-block - -## Playbook Inputs ---- - -| **Name** | **Description** | **Default Value** | **Required** | -| --- | --- | --- | --- | -| Action | Either the string "block" or "unblock". | | Optional | -| username | The username of the user to block or unblock in Code42. | | Optional | - -## Playbook Outputs ---- -There are no outputs for this playbook. - -## Playbook Image ---- -![Code42 Change Blocked Status](../Integrations/Code42/Code42_image.png) \ No newline at end of file diff --git a/Packs/Code42/Playbooks/playbook-Code42_Change_User_Activation.yml b/Packs/Code42/Playbooks/playbook-Code42_Change_User_Activation.yml deleted file mode 100644 index 25f43943ea4a..000000000000 --- a/Packs/Code42/Playbooks/playbook-Code42_Change_User_Activation.yml +++ /dev/null @@ -1,248 +0,0 @@ -id: Code42 Change User Activation -description: A simple playbook for deactivating or reactivating a user in Code42. -inputs: -- description: Either "deactivate" or "reactivate"; the action you want to be done - to the user. - key: Action - playbookInputQuery: null - required: true - value: {} -- description: The username of the user to deactivate or reactivate. - key: Username - playbookInputQuery: null - required: true - value: {} -name: Code42 Change User Activation -outputs: [] -starttaskid: "0" -tasks: - "0": - id: "0" - ignoreworker: false - nexttasks: - '#none#': - - "1" - note: false - quietmode: 0 - separatecontext: false - skipunavailable: false - task: - brand: "" - id: 94f6760d-eacc-498d-8b1c-0d9aff499a08 - iscommand: false - name: "" - version: -1 - description: "" - taskid: 94f6760d-eacc-498d-8b1c-0d9aff499a08 - timertriggers: [] - type: start - view: |- - { - "position": { - "x": 152.5, - "y": 50 - } - } - "1": - id: "1" - ignoreworker: false - nexttasks: - "no": - - "3" - "yes": - - "2" - note: false - quietmode: 0 - scriptarguments: - brandname: - simple: Code42 - separatecontext: false - skipunavailable: false - task: - brand: "" - description: Returns 'yes' if integration brand is available. Otherwise returns - 'no' - id: 38d4eed0-6ed4-4720-8c7f-7ea2f73f26d3 - iscommand: false - name: Is Code42 Available? - script: IsIntegrationAvailable - type: condition - version: -1 - taskid: 38d4eed0-6ed4-4720-8c7f-7ea2f73f26d3 - timertriggers: [] - type: condition - view: |- - { - "position": { - "x": 152.5, - "y": 195 - } - } - "2": - conditions: - - condition: - - - left: - iscontext: true - value: - complex: - root: inputs.Action - transformers: - - operator: toUpperCase - operator: isEqualString - right: - value: - simple: DEACTIVATE - label: DEACTIVATE - - condition: - - - left: - iscontext: true - value: - complex: - root: inputs.Action - transformers: - - operator: toUpperCase - operator: isEqualString - right: - value: - simple: REACTIVATE - label: REACTIVATE - id: "2" - ignoreworker: false - nexttasks: - '#default#': - - "3" - DEACTIVATE: - - "5" - REACTIVATE: - - "4" - note: false - quietmode: 0 - separatecontext: false - skipunavailable: false - task: - brand: "" - id: 013b9275-f36c-49f4-8ad5-d3989cd6b088 - iscommand: false - name: Is Deactivate or Reactivate? - type: condition - version: -1 - description: "" - taskid: 013b9275-f36c-49f4-8ad5-d3989cd6b088 - timertriggers: [] - type: condition - view: |- - { - "position": { - "x": 480, - "y": 370 - } - } - "3": - id: "3" - ignoreworker: false - note: false - quietmode: 0 - separatecontext: false - skipunavailable: false - task: - brand: "" - id: 7d22084e-bc48-4c9c-8af9-1e83d8901002 - iscommand: false - name: Done - type: title - version: -1 - description: "" - taskid: 7d22084e-bc48-4c9c-8af9-1e83d8901002 - timertriggers: [] - type: title - view: |- - { - "position": { - "x": 265, - "y": 720 - } - } - "4": - id: "4" - ignoreworker: false - nexttasks: - '#none#': - - "3" - note: false - quietmode: 0 - scriptarguments: - username: - simple: ${inputs.Username} - separatecontext: false - skipunavailable: false - task: - brand: Code42 - description: Reactivates the user with the given username. - id: acd35060-92e6-4b7e-86b1-a2445679689a - iscommand: true - name: Code42 Reactivate User - script: Code42|||code42-user-reactivate - type: regular - version: -1 - taskid: acd35060-92e6-4b7e-86b1-a2445679689a - timertriggers: [] - type: regular - view: |- - { - "position": { - "x": 50, - "y": 545 - } - } - "5": - id: "5" - ignoreworker: false - nexttasks: - '#none#': - - "3" - note: false - quietmode: 0 - scriptarguments: - username: - simple: ${inputs.Username} - separatecontext: false - skipunavailable: false - task: - brand: Code42 - description: Deactivate a user in Code42; signing them out of their devices. - Backups discontinue for a deactivated user, and their archives go to cold - storage. - id: 410c35b8-5506-4b98-89e8-1f7602cc66bd - iscommand: true - name: Code42 Deactivate User - script: Code42|||code42-user-deactivate - type: regular - version: -1 - taskid: 410c35b8-5506-4b98-89e8-1f7602cc66bd - timertriggers: [] - type: regular - view: |- - { - "position": { - "x": 480, - "y": 545 - } - } -version: -1 -fromversion: 5.0.0 -tests: -- No Test -view: |- - { - "linkLabelsPosition": { - "1_2_yes": 0.83 - }, - "paper": { - "dimensions": { - "height": 735, - "width": 810, - "x": 50, - "y": 50 - } - } - } diff --git a/Packs/Code42/Playbooks/playbook-Code42_Change_User_Activation_CHANGELOG.md b/Packs/Code42/Playbooks/playbook-Code42_Change_User_Activation_CHANGELOG.md deleted file mode 100644 index 9625441480af..000000000000 --- a/Packs/Code42/Playbooks/playbook-Code42_Change_User_Activation_CHANGELOG.md +++ /dev/null @@ -1,2 +0,0 @@ -## [Unreleased] -A simple playbook for deactivating or reactivating a user in Code42. diff --git a/Packs/Code42/Playbooks/playbook-Code42_Change_User_Activation_README.md b/Packs/Code42/Playbooks/playbook-Code42_Change_User_Activation_README.md deleted file mode 100644 index b2f5151306ab..000000000000 --- a/Packs/Code42/Playbooks/playbook-Code42_Change_User_Activation_README.md +++ /dev/null @@ -1,33 +0,0 @@ -A simple playbook for deactivating or reactivating a user in Code42. - -## Dependencies -This playbook uses the following sub-playbooks, integrations, and scripts. - -### Sub-playbooks -This playbook does not use any sub-playbooks. - -### Integrations -* Code42 - -### Scripts -This playbook does not use any scripts. - -### Commands -* code42-user-reactivate -* code42-user-deactivate - -## Playbook Inputs ---- - -| **Name** | **Description** | **Default Value** | **Required** | -| --- | --- | --- | --- | -| Action | Either "deactivate" or "reactivate"; the action you want to be done to the user. | | Required | -| Username | The username of the user to deactivate or reactivate. | | Required | - -## Playbook Outputs ---- -There are no outputs for this playbook. - -## Playbook Image ---- -![Code42 Change User Activation](../Integrations/Code42/Code42_image.png) \ No newline at end of file diff --git a/Packs/Code42/Playbooks/playbook-Code42_Create_User_Playbook.yml b/Packs/Code42/Playbooks/playbook-Code42_Create_User_Playbook.yml deleted file mode 100644 index 84da67c4b6b4..000000000000 --- a/Packs/Code42/Playbooks/playbook-Code42_Create_User_Playbook.yml +++ /dev/null @@ -1,159 +0,0 @@ -id: Code42 Create User Playbook -description: A simple playbook for creating a user in Code42. -inputs: -- description: The username to give to the newly created user. - key: Username - playbookInputQuery: - required: true - value: {} -- description: The email of the user to create. - key: Email - playbookInputQuery: - required: true - value: {} -- description: The name of the Code42 organization to create the user in. - key: OrgName - playbookInputQuery: - required: true - value: {} -name: Code42 Create User Playbook -outputs: [] -starttaskid: "0" -tasks: - "0": - id: "0" - ignoreworker: false - nexttasks: - '#none#': - - "1" - note: false - quietmode: 0 - separatecontext: false - skipunavailable: false - task: - brand: "" - id: b1876bae-e1fa-400e-8bd3-97ed9762ce39 - iscommand: false - name: "" - version: -1 - description: "" - taskid: b1876bae-e1fa-400e-8bd3-97ed9762ce39 - timertriggers: [] - type: start - view: |- - { - "position": { - "x": 450, - "y": 50 - } - } - "1": - id: "1" - ignoreworker: false - nexttasks: - '#none#': - - "2" - note: false - quietmode: 0 - scriptarguments: - brandname: - simple: Code42 - separatecontext: false - skipunavailable: false - task: - brand: "" - description: Returns 'yes' if integration brand is available. Otherwise returns - 'no' - id: 35bc6954-feef-4e12-86b7-f57173635f0b - iscommand: false - name: Is Code42 Available? - script: IsIntegrationAvailable - type: condition - version: -1 - taskid: 35bc6954-feef-4e12-86b7-f57173635f0b - timertriggers: [] - type: condition - view: |- - { - "position": { - "x": 450, - "y": 210 - } - } - "2": - id: "2" - ignoreworker: false - nexttasks: - '#none#': - - "3" - note: false - quietmode: 0 - scriptarguments: - email: - simple: ${inputs.Email} - orgname: - simple: ${inputs.OrgName} - username: - simple: ${inputs.Username} - separatecontext: false - skipunavailable: false - task: - brand: Code42 - description: Creates a Code42 user. - id: 4734acef-5883-4e4b-85a1-0e36008c2ced - iscommand: true - name: Create User - script: Code42|||code42-user-create - type: regular - version: -1 - taskid: 4734acef-5883-4e4b-85a1-0e36008c2ced - timertriggers: [] - type: regular - view: |- - { - "position": { - "x": 450, - "y": 410 - } - } - "3": - id: "3" - ignoreworker: false - note: false - quietmode: 0 - separatecontext: false - skipunavailable: false - task: - brand: "" - id: 532d230b-7312-4430-8f2a-e1c8108c17fa - iscommand: false - name: Done - type: title - version: -1 - description: "" - taskid: 532d230b-7312-4430-8f2a-e1c8108c17fa - timertriggers: [] - type: title - view: |- - { - "position": { - "x": 450, - "y": 580 - } - } -version: -1 -fromversion: 5.0.0 -tests: -- No Test -view: |- - { - "linkLabelsPosition": {}, - "paper": { - "dimensions": { - "height": 595, - "width": 380, - "x": 450, - "y": 50 - } - } - } diff --git a/Packs/Code42/Playbooks/playbook-Code42_Create_User_Playbook_CHANGELOG.md b/Packs/Code42/Playbooks/playbook-Code42_Create_User_Playbook_CHANGELOG.md deleted file mode 100644 index 9c2e275d34ca..000000000000 --- a/Packs/Code42/Playbooks/playbook-Code42_Create_User_Playbook_CHANGELOG.md +++ /dev/null @@ -1,2 +0,0 @@ -## [Unreleased] -A simple playbook for creating a user in Code42. diff --git a/Packs/Code42/Playbooks/playbook-Code42_Create_User_Playbook_README.md b/Packs/Code42/Playbooks/playbook-Code42_Create_User_Playbook_README.md deleted file mode 100644 index 02e8452d243e..000000000000 --- a/Packs/Code42/Playbooks/playbook-Code42_Create_User_Playbook_README.md +++ /dev/null @@ -1,33 +0,0 @@ -A simple playbook for creating a user in Code42. - -## Dependencies -This playbook uses the following sub-playbooks, integrations, and scripts. - -### Sub-playbooks -This playbook does not use any sub-playbooks. - -### Integrations -* Code42 - -### Scripts -This playbook does not use any scripts. - -### Commands -* code42-user-create - -## Playbook Inputs ---- - -| **Name** | **Description** | **Default Value** | **Required** | -| --- | --- | --- | --- | -| Username | The username to give to the newly created user. | | Required | -| Email | The email of the user to create. | | Required | -| OrgName | The name of the Code42 organization to create the user in. | | Required | - -## Playbook Outputs ---- -There are no outputs for this playbook. - -## Playbook Image ---- -![Code42 Create User Playbook](../Integrations/Code42/Code42_image.png) \ No newline at end of file diff --git a/Packs/Code42/Playbooks/playbook-Code42_Exfiltration_Playbook.yml b/Packs/Code42/Playbooks/playbook-Code42_Exfiltration_Playbook.yml index 9509d8b59e87..30ab3833930f 100644 --- a/Packs/Code42/Playbooks/playbook-Code42_Exfiltration_Playbook.yml +++ b/Packs/Code42/Playbooks/playbook-Code42_Exfiltration_Playbook.yml @@ -867,21 +867,32 @@ tasks: quietmode: 0 "34": id: "34" - taskid: 8ef0e565-aa9b-4866-8cae-ec8dcc9a15c9 + taskid: 136e95ff-4954-4036-89c4-503b5298c61f type: playbook task: - id: 8ef0e565-aa9b-4866-8cae-ec8dcc9a15c9 + id: 136e95ff-4954-4036-89c4-503b5298c61f version: -1 name: Code42 File Download + description: This playbook downloads a file via Code42 by either MD5 or SHA256 + hash. playbookName: Code42 File Download type: playbook iscommand: false brand: "" - description: "" nexttasks: '#none#': - "5" scriptarguments: + Filename: + complex: + root: incident + accessor: code42fileevents + transformers: + - operator: getField + args: + field: + value: + simple: filename MD5: complex: root: incident diff --git a/Packs/Code42/Playbooks/playbook-Code42_File_Download.yml b/Packs/Code42/Playbooks/playbook-Code42_File_Download.yml index e93c2e3fd235..39c6242fab1c 100644 --- a/Packs/Code42/Playbooks/playbook-Code42_File_Download.yml +++ b/Packs/Code42/Playbooks/playbook-Code42_File_Download.yml @@ -21,6 +21,11 @@ inputs: root: File transformers: - operator: uniq +- description: The name of the file to save as. + key: Filename + playbookInputQuery: + required: false + value: {} name: Code42 File Download outputs: [] sourceplaybookid: Code42 File Search @@ -38,12 +43,12 @@ tasks: skipunavailable: false task: brand: "" - id: d045a003-2e7f-4f47-80c7-3882baf399b6 + id: 6d1ecdee-78b1-4275-8411-f802589a0a45 iscommand: false name: "" - description: "" version: -1 - taskid: d045a003-2e7f-4f47-80c7-3882baf399b6 + description: "" + taskid: 6d1ecdee-78b1-4275-8411-f802589a0a45 timertriggers: [] type: start view: |- @@ -91,13 +96,13 @@ tasks: skipunavailable: false task: brand: "" - id: 746c1a4e-7084-45f1-86e6-e9764ffbbf5c + description: Checks to see if a Code42 Integration is active. + id: dc6b6ed4-b67e-46b2-8bf5-b2fbbc2e0d8e iscommand: false name: Is Code42 Integration Active? - description: "Checks to see if a Code42 Integration is active." type: condition version: -1 - taskid: 746c1a4e-7084-45f1-86e6-e9764ffbbf5c + taskid: dc6b6ed4-b67e-46b2-8bf5-b2fbbc2e0d8e timertriggers: [] type: condition view: |- @@ -129,13 +134,13 @@ tasks: skipunavailable: false task: brand: "" - id: 935cb1d6-e328-4a8e-888f-347c3b33ce11 + description: Checks to see if a SHA256 hash exists in the inputs. + id: 7b90d431-46df-45ae-8e2c-d2e888bd6d9c iscommand: false name: Does SHA256 Exist? - description: "Checks to see if a SHA256 hash exists in the inputs." type: condition version: -1 - taskid: 935cb1d6-e328-4a8e-888f-347c3b33ce11 + taskid: 7b90d431-46df-45ae-8e2c-d2e888bd6d9c timertriggers: [] type: condition view: |- @@ -167,13 +172,13 @@ tasks: skipunavailable: false task: brand: "" - id: 1d0dfb1f-6874-41e9-8593-fca2a96c58c4 + description: Checks to see if a MD5 hash exists in the inputs. + id: a6ccfe5a-31b5-4bb1-81c4-6eeadf53420e iscommand: false name: Does MD5 Exist? - description: "Checks to see if a MD5 hash exists in the inputs." type: condition version: -1 - taskid: 1d0dfb1f-6874-41e9-8593-fca2a96c58c4 + taskid: a6ccfe5a-31b5-4bb1-81c4-6eeadf53420e timertriggers: [] type: condition view: |- @@ -197,6 +202,8 @@ tasks: note: false quietmode: 0 scriptarguments: + filename: + simple: ${inputs.Filename} hash: simple: ${inputs.SHA256} separatecontext: false @@ -204,13 +211,13 @@ tasks: task: brand: Code42 description: Downloads a file from Code42 servers. - id: c83baa5d-207c-44de-868c-8b131dc0357b + id: 577615d3-3345-4ecc-8a37-a7d36ae6f898 iscommand: true name: Code42 Download by SHA256 script: Code42|||code42-download-file type: regular version: -1 - taskid: c83baa5d-207c-44de-868c-8b131dc0357b + taskid: 577615d3-3345-4ecc-8a37-a7d36ae6f898 timertriggers: [] type: regular view: |- @@ -234,6 +241,8 @@ tasks: note: false quietmode: 0 scriptarguments: + filename: + simple: ${inputs.Filename} hash: simple: ${inputs.MD5} separatecontext: false @@ -241,13 +250,13 @@ tasks: task: brand: Code42 description: Downloads a file from Code42 servers. - id: 687edce2-d09d-4ad1-845e-a3ed7b7b7d4a + id: c1c84eb4-4b64-41d0-8b07-99be768b4c53 iscommand: true name: Code42 Download by MD5 script: Code42|||code42-download-file type: regular version: -1 - taskid: 687edce2-d09d-4ad1-845e-a3ed7b7b7d4a + taskid: c1c84eb4-4b64-41d0-8b07-99be768b4c53 timertriggers: [] type: regular view: |- @@ -266,13 +275,13 @@ tasks: skipunavailable: false task: brand: "" - id: 7f03d6ab-3bb8-4bd5-867b-fe853fa38684 + id: 05d51ceb-6a80-4e24-8264-f43e2865ffdb iscommand: false name: Complete - description: "" type: title version: -1 - taskid: 7f03d6ab-3bb8-4bd5-867b-fe853fa38684 + description: "" + taskid: 05d51ceb-6a80-4e24-8264-f43e2865ffdb timertriggers: [] type: title view: |- @@ -283,9 +292,6 @@ tasks: } } version: -1 -fromversion: 5.0.0 -tests: -- No Test view: |- { "linkLabelsPosition": {}, @@ -298,3 +304,6 @@ view: |- } } } +fromversion: 5.0.0 +tests: +- No Test