Skip to content

Commit 49418bd

Browse files
slavikmDeanArbel
authored andcommitted
Zoom support within Demisto (#1757)
* Zoom support within Demisto * fix typo * - added test playbook to test zoom commands - added automation script to generate a random email * fixed 2 bugs in the zoom-fetch-recording: 1. Fetch recording didn't work because the wrong arg key was used (id instead of meeting_id) 2. Recording delete didn't work because params and headers weren't passed to the delete request * Updated zoom test playbook * changes requested in code review * changes requested in code review * Removed obsolete file that made tests fail * Added description to zoom integration * Handle tanium/vmware timeout on errors issue (#1751) * handle errors from tanium integration * handle errors from vmware integration * unskip tests * vmware - verify logout is done even if there is an error * vmware - verify logout is done even if there is an error * added release notes * skip vmware test * Script helper python arg order fix (#1754) * fix arg order of args in pythoncommonserver doc * set automationOnly tag for commonServer commands using executeCommand * fix null argument descriptions in script helper * releasenotes * Fix circleci2 (#1759) * try fix curl bad characters * try fix curl bad characters * fix space * skip anomali test (#1763) * Hybrid Analysis Integration (#1745) * Hybrid Analysis Integration * fixed fromversion * Made requested changes * Single-setup adjustments (#1752) * Wildfire getReport bug fix (#1753) * getReport bug fix getReport bug fix * Added empty RN * Improved implementation * Cylance Protect v2 device data context path fix (#1661) * Cylance Protect v2 device data context path fix * Made requested changes * Made requested changes * Fixed test according to context changes * use the added command (#1761) * use the added command * deprecate * Postgres fix error (#1765) * fix error on no rows returned * test playbook * fix exception * Fixed move-between-mailboxes using impersonation (#1766) * Archer add fields checks and full results for get-records-by-report (#1744) * Archer add fields checks and full results for get-records-by-report * CR fixes * Access Investigation - Generic (#1760) * Access Investigation - Generic New playbooks: * Access Investigation - Generic * Access Investigation - QRadar Updated playbooks: * IP Enrichment - Generic New script: * IPToHost Updated script: * EmailAskUser * Add description * add description * Update task scheme * CR fixes * add systemAssociatedTypes (#1758) * Vulnerability Management - Nexpose: (#1762) * Vulnerability Management - Nexpose: New playbooks: * Vulnerability Handling - Nexpose * Vulnerability Management - Nexpose (Job) Updated playbooks: * Calculate Severity - Generic * Calculate Severity - 3rd-party integrations New scriptL * NexposeCreateIncidentsFromAssets * CR fixes * Add description * bug fix * Email sender in Python with embedded images (#1671) * Email sender in Python with embedded images * Added template variables in ugly way * Changed default value for sender address at email sender integration * removed empty lines at EOF * added Mail Sender (New) integration & playbook * added Mail Sender (New) integration & playbook * removed old integration file (difference only in name of integration) * changed email sender python (new) ID * fixed playbook trying to activate script by old name and failing * changed deletecontext script back to original * added google apps integration for mail sender (new) * Added newline support for base64 images in html * Fix missing release notes (#1767) * print commands outputs * check if files exist * refactor * print files * add prints * check if file is empty * grep error * update git hash * add missing rn * revert config.yml * remove prints * add missing space * removed palo alto from conf.json (#1771) * removed palo alto from conf.json * add running-playbooks widget (#1755) * add running-playbooks widget * Update widget-RunningPlaybooks.json * Crowdstrike falcon intel v2 support (#1768) * added crowdstrike intel test playbook + v2 indicator integration * fixed format (whitespace missing) * extended playbook cs-indicators * added test-module by version, more documentation * added releaseNotes to crowdstrike falcon intel * remove approve action from tanium playbook (#1769) * TruSTAR integration enhancements (#1772) * Enhanced Trustar integration (#1706) * Enhanced trustar integration * Enhanced trustar integration * Enhanced trustar integration * Revert "Enhanced trustar integration" This reverts commit c7aa5c9. * Enhanced trustar integration * Incorporated review comments for trustar integration * Incorporated review comment - added priority level in entry context * Added priority level to software indicator & in output parameter * Priority level key error handled for treding and search indicators command * Added RN * new widget should be predfined (#1773) * Recorded Future integration (#1764) * Recorded Future integration * Made requested changes * Skip Intezer test (#1777) * Add delay to intezer test playbook * Skip Intezer test * avoid error in domain format script (#1774) * AWS ec2 (#1770) * AWS EC2 Integration * add get-latest-ami outputs * added aws connection function * add test playbooks * fix test playbook location * Fix describe instances context issue * fix #12097 & describe instances tags output * fix #12097 for all aws integrations * Added new commands * added release notes * Nexpose enhancements (#1714) * paste * python * add commands * fix char * reports * scans, fixes * outputs, login, scan wait * test playbook * image * fixes #1 * rn, fixed playbook test * add report formats * fix test playbook * fix test playbook * fix test playbook * merge * add cve output, add raw outputs, search by multiple hosts & ips * Removed start-scan commands * Clear release notes (#1780) * Clear release notes * Update git hash * Add fromversion field to relevant playbooks * Added empty RN * Enable Intezer test (#1779) * spelling fixes (#1781) * fix wether to whether * relase notes * Moved qualys test to skipped due to expired account issues (#1783) currently fails content build nightly * Demisto REST API - new commands to upload and download files (#1748) * added multipart and download commands * added multipart and download commands * added multipart and download commands * added multipart and download commands * added multipart and download commands * added scripts to download logs bundle, and upload files to war room * Convert Incident fields to array (#1784) * convert to list * skip validate * add import json * use seek and truncate * revert config yml * Fix domain rep (#1785) * domain fix reputation * fix RN * fix RN * Crowdstrike falcon intel (#1790) * crowdstrike falcon intel change report id to retrieve due to size * updating default value of API version to 2.0 (#1782) * updating default value of API version to 2.0 1.6 is no longer available, 2.0 is the default version in the hosted environment * Clear release notes (#1789) * Clear release notes * Update git hash * Add fromversion field to relevant playbooks * Added empty RN * clear release notes after 18.7.1 release * update git hash * Replace demisto lock logo (#1792) * Updated integration name source (#1775) * Ews readable errors (#1788) * Changed default authentication method to "Basic" in accordance with instance defaults for office365. * Beautified error messages in test_module * Handled case where no error message is set * secureworks add default url -https://api.secureworks.com (#1798) * secureworks add default url -https://api.secureworks.com - fixes demisto/etc#12378 * Update integration-SecureWorks.yml * fix ArcSight ESM addEntries (#1797) * fix ArcSight ESM addEntries - if entries had passed from context as JSON then we got exception * Update integration-ArcSightESM.yml * Added eventType fetch filter (#1796) * remove `runonce: true` from phish.ai (#1799) * remove `runonce: true` from phish.ai * add rn * scripts - deprecate checkwhitelist + add filterbywhite lists (#1708) * scripts - deprecate checkwhitelist + add filterbywhite lists * Change wording * add support for array input + change whitelist ot list * malicious ration reputation script (#1778) * malicious ration reputation script * change script logic to return score as reputation script & DBot score * disable TE test playbook (#1802) * disable TE test playbook * ignore right test * Top malicious ratio indicators (#1750) * Top malicious ratio indicators * Fix script schema validation * remove script schema validatiom * fix CR * add widget to display script results * add fromversion filter 0 malicious ratio * add widget from version * fix file format * Fix desc build (#1808) * adding RN * add desc * Replace integrations logos (#1807) * Replace integrations logos * Add release notes * Add release notes * Fixed logos * fix widget should be isPredefined (#1818) * fix widget should be isPredefined * Update widget-TopMaliciousRationIndicators.json * Validate widget isPredefined property is true (#1819) Output in case some widget has `isPredefined: false` ```bash Starting validate Widgets... Failed: Widgets/widget-IncidentInErrorNumber.json failed <SchemaError: error code 2: Schema validation failed: - Enum 'False' does not exist. Path: '/isPredefined'.: Path: '/'> Finished validate Widgets validate_files_structure.sh exiting with error ``` * Added traceback import (#1806) * Added traceback import * Moved redlock test to nightly (#1804) * check proxy parameter before client.connect() (#1824) * check proxy parameter before client.connect() Attempting to connect to the splunk server before checking for the proxy parameter causes a connection timeout if the splunk server is not accessible without using a proxy. * add release notes * Change the term investigation to incident in the layouts. (#1825) * FireEye URL submissions (#1743) (#1820) * FireEye URL submissions (#1743) * FireEye URL submissions Added functionality to submit URLs to FireEye and retrieve their status. Functions created are fe-submit-url and fe-submit-url-status * Modify integration description Modified integration description to aligh with naming standards and help user understand how certain parameters should be passed. * Reverted fe-submit and fe-submit-status back to original name Reverted fe-submit and fe-submit-status back to original name from fe-submit-file and fe-submit-status * deleting file that is not part of integration * Update integration-fireeye.yml * added predefined parameters for commands added predefined parameters for commands * Added release notes * Fixed Twilio test function (#1826) * Fixed Teilio test function Fixes demisto/etc#12214 * CR fixes * Feature/widgets for engine and workers (#1689) * Widgets for engine and workers * Fixed unnamed attachments bug (#1822) * Fixed unnamed attachments bug. * Handled possible case where attachment name is not a string. * Corrected comparison method according to PEP-8 recommendation. * enable TE again (#1828) * add note to schema (#1830) * Passive Total - added proxy and insecure parameters (#1814) * added insecure and proxy settings * proxy defaults to true and insecure defaults to false * Fixed URL command, added IP and Domain * Added to release notes * add widget description (#1823) * Recorded Future bug fix (#1832) * Vulnerability Management issue fix (#1815) * RTIR integration (#1833) * RTIR Integration * add return_error function * added docstring * Updated the regex (#1801) (#1834) * Updated the regex (#1801) Updated the regex to properly pull the detection ID. Sometimes the detection ID changes in length, but it's always a number from 0-9 * add release notes * RTIR Spanish support (#1835) * RTIR integration spanish support * RTIR integration spanish support * prettify common server doc python error (#1836) * limit fetch incidents from netwitness (#1800) - fixes demisto/etc#12195 * Update process email + phishing layout (#1813) * Update process email + phishing layout * And `HTML Rendered Image` MD field to phishing layout * Add Base64 output to the `rasterize-email` command * Update rasterized image to the Phishing summary page TODO: * Remove the HTML field mapping in the relevant integrations * Update incidentfields.json Change field name * Update layout-details-Phishing.json Change field name * Update playbook-Process_Email_-_Generic.yml change field name * Update playbook-Process_Email_-_Generic.yml big scheme issue * Update playbook-Process_Email_-_Generic.yml really fixing it * Update incidentfields.json typo fix * Add scheme * add missing tag * Add release notes * move note up (#1838) * Repopulate files (#1839) * Repopulate files adds the File context based on file entries * Removed some lines * Skipped redlock test (#1840) * Skipped redlock test * Removed duplicate test * rebased master
1 parent 4f1a804 commit 49418bd

File tree

3 files changed

+1012
-0
lines changed

3 files changed

+1012
-0
lines changed

0 commit comments

Comments
 (0)