-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Commit 49418bd
Zoom support within Demisto (#1757)
* Zoom support within Demisto
* fix typo
* - added test playbook to test zoom commands
- added automation script to generate a random email
* fixed 2 bugs in the zoom-fetch-recording:
1. Fetch recording didn't work because the wrong arg key was used (id instead of meeting_id)
2. Recording delete didn't work because params and headers weren't passed to the delete request
* Updated zoom test playbook
* changes requested in code review
* changes requested in code review
* Removed obsolete file that made tests fail
* Added description to zoom integration
* Handle tanium/vmware timeout on errors issue (#1751)
* handle errors from tanium integration
* handle errors from vmware integration
* unskip tests
* vmware - verify logout is done even if there is an error
* vmware - verify logout is done even if there is an error
* added release notes
* skip vmware test
* Script helper python arg order fix (#1754)
* fix arg order of args in pythoncommonserver doc
* set automationOnly tag for commonServer commands using executeCommand
* fix null argument descriptions in script helper
* releasenotes
* Fix circleci2 (#1759)
* try fix curl bad characters
* try fix curl bad characters
* fix space
* skip anomali test (#1763)
* Hybrid Analysis Integration (#1745)
* Hybrid Analysis Integration
* fixed fromversion
* Made requested changes
* Single-setup adjustments (#1752)
* Wildfire getReport bug fix (#1753)
* getReport bug fix
getReport bug fix
* Added empty RN
* Improved implementation
* Cylance Protect v2 device data context path fix (#1661)
* Cylance Protect v2 device data context path fix
* Made requested changes
* Made requested changes
* Fixed test according to context changes
* use the added command (#1761)
* use the added command
* deprecate
* Postgres fix error (#1765)
* fix error on no rows returned
* test playbook
* fix exception
* Fixed move-between-mailboxes using impersonation (#1766)
* Archer add fields checks and full results for get-records-by-report (#1744)
* Archer add fields checks and full results for get-records-by-report
* CR fixes
* Access Investigation - Generic (#1760)
* Access Investigation - Generic
New playbooks:
* Access Investigation - Generic
* Access Investigation - QRadar
Updated playbooks:
* IP Enrichment - Generic
New script:
* IPToHost
Updated script:
* EmailAskUser
* Add description
* add description
* Update task scheme
* CR fixes
* add systemAssociatedTypes (#1758)
* Vulnerability Management - Nexpose: (#1762)
* Vulnerability Management - Nexpose:
New playbooks:
* Vulnerability Handling - Nexpose
* Vulnerability Management - Nexpose (Job)
Updated playbooks:
* Calculate Severity - Generic
* Calculate Severity - 3rd-party integrations
New scriptL
* NexposeCreateIncidentsFromAssets
* CR fixes
* Add description
* bug fix
* Email sender in Python with embedded images (#1671)
* Email sender in Python with embedded images
* Added template variables in ugly way
* Changed default value for sender address at email sender integration
* removed empty lines at EOF
* added Mail Sender (New) integration & playbook
* added Mail Sender (New) integration & playbook
* removed old integration file (difference only in name of integration)
* changed email sender python (new) ID
* fixed playbook trying to activate script by old name and failing
* changed deletecontext script back to original
* added google apps integration for mail sender (new)
* Added newline support for base64 images in html
* Fix missing release notes (#1767)
* print commands outputs
* check if files exist
* refactor
* print files
* add prints
* check if file is empty
* grep error
* update git hash
* add missing rn
* revert config.yml
* remove prints
* add missing space
* removed palo alto from conf.json (#1771)
* removed palo alto from conf.json
* add running-playbooks widget (#1755)
* add running-playbooks widget
* Update widget-RunningPlaybooks.json
* Crowdstrike falcon intel v2 support (#1768)
* added crowdstrike intel test playbook + v2 indicator integration
* fixed format (whitespace missing)
* extended playbook cs-indicators
* added test-module by version, more documentation
* added releaseNotes to crowdstrike falcon intel
* remove approve action from tanium playbook (#1769)
* TruSTAR integration enhancements (#1772)
* Enhanced Trustar integration (#1706)
* Enhanced trustar integration
* Enhanced trustar integration
* Enhanced trustar integration
* Revert "Enhanced trustar integration"
This reverts commit c7aa5c9.
* Enhanced trustar integration
* Incorporated review comments for trustar integration
* Incorporated review comment - added priority level in entry context
* Added priority level to software indicator & in output parameter
* Priority level key error handled for treding and search indicators command
* Added RN
* new widget should be predfined (#1773)
* Recorded Future integration (#1764)
* Recorded Future integration
* Made requested changes
* Skip Intezer test (#1777)
* Add delay to intezer test playbook
* Skip Intezer test
* avoid error in domain format script (#1774)
* AWS ec2 (#1770)
* AWS EC2 Integration
* add get-latest-ami outputs
* added aws connection function
* add test playbooks
* fix test playbook location
* Fix describe instances context issue
* fix #12097 & describe instances tags output
* fix #12097 for all aws integrations
* Added new commands
* added release notes
* Nexpose enhancements (#1714)
* paste
* python
* add commands
* fix char
* reports
* scans, fixes
* outputs, login, scan wait
* test playbook
* image
* fixes #1
* rn, fixed playbook test
* add report formats
* fix test playbook
* fix test playbook
* fix test playbook
* merge
* add cve output, add raw outputs, search by multiple hosts & ips
* Removed start-scan commands
* Clear release notes (#1780)
* Clear release notes
* Update git hash
* Add fromversion field to relevant playbooks
* Added empty RN
* Enable Intezer test (#1779)
* spelling fixes (#1781)
* fix wether to whether
* relase notes
* Moved qualys test to skipped due to expired account issues (#1783)
currently fails content build nightly
* Demisto REST API - new commands to upload and download files (#1748)
* added multipart and download commands
* added multipart and download commands
* added multipart and download commands
* added multipart and download commands
* added multipart and download commands
* added scripts to download logs bundle, and upload files to war room
* Convert Incident fields to array (#1784)
* convert to list
* skip validate
* add import json
* use seek and truncate
* revert config yml
* Fix domain rep (#1785)
* domain fix reputation
* fix RN
* fix RN
* Crowdstrike falcon intel (#1790)
* crowdstrike falcon intel change report id to retrieve due to size
* updating default value of API version to 2.0 (#1782)
* updating default value of API version to 2.0
1.6 is no longer available, 2.0 is the default version in the hosted environment
* Clear release notes (#1789)
* Clear release notes
* Update git hash
* Add fromversion field to relevant playbooks
* Added empty RN
* clear release notes after 18.7.1 release
* update git hash
* Replace demisto lock logo (#1792)
* Updated integration name source (#1775)
* Ews readable errors (#1788)
* Changed default authentication method to "Basic" in accordance with instance defaults for office365.
* Beautified error messages in test_module
* Handled case where no error message is set
* secureworks add default url -https://api.secureworks.com (#1798)
* secureworks add default url -https://api.secureworks.com
- fixes demisto/etc#12378
* Update integration-SecureWorks.yml
* fix ArcSight ESM addEntries (#1797)
* fix ArcSight ESM addEntries
- if entries had passed from context as JSON then we got exception
* Update integration-ArcSightESM.yml
* Added eventType fetch filter (#1796)
* remove `runonce: true` from phish.ai (#1799)
* remove `runonce: true` from phish.ai
* add rn
* scripts - deprecate checkwhitelist + add filterbywhite lists (#1708)
* scripts - deprecate checkwhitelist + add filterbywhite lists
* Change wording
* add support for array input + change whitelist ot list
* malicious ration reputation script (#1778)
* malicious ration reputation script
* change script logic to return score as reputation script & DBot score
* disable TE test playbook (#1802)
* disable TE test playbook
* ignore right test
* Top malicious ratio indicators (#1750)
* Top malicious ratio indicators
* Fix script schema validation
* remove script schema validatiom
* fix CR
* add widget to display script results
* add fromversion
filter 0 malicious ratio
* add widget from version
* fix file format
* Fix desc build (#1808)
* adding RN
* add desc
* Replace integrations logos (#1807)
* Replace integrations logos
* Add release notes
* Add release notes
* Fixed logos
* fix widget should be isPredefined (#1818)
* fix widget should be isPredefined
* Update widget-TopMaliciousRationIndicators.json
* Validate widget isPredefined property is true (#1819)
Output in case some widget has
`isPredefined: false`
```bash
Starting validate Widgets...
Failed: Widgets/widget-IncidentInErrorNumber.json failed
<SchemaError: error code 2: Schema validation failed:
- Enum 'False' does not exist. Path: '/isPredefined'.: Path: '/'>
Finished validate Widgets
validate_files_structure.sh exiting with error
```
* Added traceback import (#1806)
* Added traceback import
* Moved redlock test to nightly (#1804)
* check proxy parameter before client.connect() (#1824)
* check proxy parameter before client.connect()
Attempting to connect to the splunk server before checking for the proxy parameter causes a connection timeout if the splunk server is not accessible without using a proxy.
* add release notes
* Change the term investigation to incident in the layouts. (#1825)
* FireEye URL submissions (#1743) (#1820)
* FireEye URL submissions (#1743)
* FireEye URL submissions
Added functionality to submit URLs to FireEye and retrieve their status.
Functions created are fe-submit-url and fe-submit-url-status
* Modify integration description
Modified integration description to aligh with naming standards and help user understand how certain parameters should be passed.
* Reverted fe-submit and fe-submit-status back to original name
Reverted fe-submit and fe-submit-status back to original name from fe-submit-file and fe-submit-status
* deleting file that is not part of integration
* Update integration-fireeye.yml
* added predefined parameters for commands
added predefined parameters for commands
* Added release notes
* Fixed Twilio test function (#1826)
* Fixed Teilio test function
Fixes demisto/etc#12214
* CR fixes
* Feature/widgets for engine and workers (#1689)
* Widgets for engine and workers
* Fixed unnamed attachments bug (#1822)
* Fixed unnamed attachments bug.
* Handled possible case where attachment name is not a string.
* Corrected comparison method according to PEP-8 recommendation.
* enable TE again (#1828)
* add note to schema (#1830)
* Passive Total - added proxy and insecure parameters (#1814)
* added insecure and proxy settings
* proxy defaults to true and insecure defaults to false
* Fixed URL command, added IP and Domain
* Added to release notes
* add widget description (#1823)
* Recorded Future bug fix (#1832)
* Vulnerability Management issue fix (#1815)
* RTIR integration (#1833)
* RTIR Integration
* add return_error function
* added docstring
* Updated the regex (#1801) (#1834)
* Updated the regex (#1801)
Updated the regex to properly pull the detection ID.
Sometimes the detection ID changes in length, but it's always a number from 0-9
* add release notes
* RTIR Spanish support (#1835)
* RTIR integration spanish support
* RTIR integration spanish support
* prettify common server doc python error (#1836)
* limit fetch incidents from netwitness (#1800)
- fixes demisto/etc#12195
* Update process email + phishing layout (#1813)
* Update process email + phishing layout
* And `HTML Rendered Image` MD field to phishing layout
* Add Base64 output to the `rasterize-email` command
* Update rasterized image to the Phishing summary page
TODO:
* Remove the HTML field mapping in the relevant integrations
* Update incidentfields.json
Change field name
* Update layout-details-Phishing.json
Change field name
* Update playbook-Process_Email_-_Generic.yml
change field name
* Update playbook-Process_Email_-_Generic.yml
big scheme issue
* Update playbook-Process_Email_-_Generic.yml
really fixing it
* Update incidentfields.json
typo fix
* Add scheme
* add missing tag
* Add release notes
* move note up (#1838)
* Repopulate files (#1839)
* Repopulate files adds the File context based on file entries
* Removed some lines
* Skipped redlock test (#1840)
* Skipped redlock test
* Removed duplicate test
* rebased master1 parent 4f1a804 commit 49418bdCopy full SHA for 49418bd
File tree
Expand file treeCollapse file tree
3 files changed
+1012
-0
lines changedFilter options
- Integrations
- TestPlaybooks
Expand file treeCollapse file tree
3 files changed
+1012
-0
lines changed
0 commit comments