Merge branch 'master' into dashboardfix

demisto · Jul 9, 2024 · 24aaf8c · 24aaf8c
2 parents 25e7030 + 3edbc9d
commit 24aaf8c
Show file tree

Hide file tree

Showing 456 changed files with 5,065 additions and 2,069 deletions.
diff --git a/Packs/AWS_WAF/Integrations/AWSWAF/AWSWAF.yml b/Packs/AWS_WAF/Integrations/AWSWAF/AWSWAF.yml
diff --git a/Packs/AWS_WAF/ReleaseNotes/1_0_7.md b/Packs/AWS_WAF/ReleaseNotes/1_0_7.md
@@ -0,0 +1,7 @@
+
+#### Integrations
+
+##### AWS-WAF
+
+- Fixed an issue where some regions were missing from the *Regions* parameter.
+- Updated the Docker image to *demisto/boto3py3:1.0.0.101500*.
diff --git a/Packs/AWS_WAF/pack_metadata.json b/Packs/AWS_WAF/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "AWS WAF",
     "description": "Amazon Web Services Web Application Firewall (WAF)",
     "support": "xsoar",
-    "currentVersion": "1.0.6",
+    "currentVersion": "1.0.7",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

diff --git a/Packs/Aella_StarLight/Integrations/AellaStarLight/AellaStarLight.yml b/Packs/Aella_StarLight/Integrations/AellaStarLight/AellaStarLight.yml
@@ -8,12 +8,12 @@ description: Aella Star Light Integration
 configuration:
 - display: Server URL (e.g. https://starlight.companyname.com:8889)
   name: url
-  defaultvalue: ""
+  defaultvalue: ''
   type: 0
   required: true
 - display: User name
   name: credentials
-  defaultvalue: ""
+  defaultvalue: ''
   type: 9
   required: true
 - display: Fetch incidents
@@ -26,17 +26,17 @@ configuration:
   required: false
 - display: Fetching interval in minutes (default is 15, minimum is 15 )
   name: fetch_interval
-  defaultvalue: "15"
+  defaultvalue: '15'
   type: 0
   required: false
 - display: The specific security event to look for. Default is all events
   name: event_name
-  defaultvalue: ""
+  defaultvalue: ''
   type: 0
   required: false
 - display: Security event severity threshold, between 0-100
   name: severity
-  defaultvalue: "50"
+  defaultvalue: '50'
   type: 0
   required: false
 - display: Trust any certificate (not secure)
@@ -45,7 +45,7 @@ configuration:
   required: false
 - display: Use system proxy settings
   name: proxy
-  defaultvalue: "false"
+  defaultvalue: 'false'
   type: 8
   required: false
 script:
@@ -87,7 +87,7 @@ script:
     description: Query the details for a specific Start Light event
   isfetch: true
   runonce: false
-  dockerimage: demisto/python3:3.10.12.63474
+  dockerimage: demisto/python3:3.10.14.100715
 tests:
 - No test
 fromversion: 6.5.0
diff --git a/Packs/Aella_StarLight/ReleaseNotes/1_0_14.md b/Packs/Aella_StarLight/ReleaseNotes/1_0_14.md
@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### Aella Star Light
+
+- Updated the Docker image to: *demisto/python3:3.10.14.100715*.
diff --git a/Packs/Aella_StarLight/pack_metadata.json b/Packs/Aella_StarLight/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Aella Star Light",
     "description": "Aella Star Light Integration",
     "support": "community",
-    "currentVersion": "1.0.13",
+    "currentVersion": "1.0.14",
     "author": "Aella Star Light",
     "url": "",
     "email": "",

diff --git a/Packs/AlphaVantage/Integrations/AlphaVantage/AlphaVantage.yml b/Packs/AlphaVantage/Integrations/AlphaVantage/AlphaVantage.yml
@@ -29,79 +29,79 @@ script:
     name: alphavantage-stock-data-get
     outputs:
     - contextPath: AlphaVantage.StockData.symbol
-      description: 'Stock symbol'
+      description: Stock symbol
       type: String
     - contextPath: AlphaVantage.StockData.open
-      description: 'Open price'
+      description: Open price
       type: String
     - contextPath: AlphaVantage.StockData.high
-      description: 'Day high price'
+      description: Day high price
       type: String
     - contextPath: AlphaVantage.StockData.low
-      description: 'Day low price'
+      description: Day low price
       type: String
     - contextPath: AlphaVantage.StockData.price
-      description: 'Last price recorded'
+      description: Last price recorded
       type: String
     - contextPath: AlphaVantage.StockData.volume
-      description: 'Trade volume'
+      description: Trade volume
       type: String
     - contextPath: AlphaVantage.StockData.latest trading day
-      description: 'Last trade day date'
+      description: Last trade day date
       type: Date
     - contextPath: AlphaVantage.StockData.previous close
-      description: 'Last day close price'
+      description: Last day close price
       type: String
     - contextPath: AlphaVantage.StockData.change
-      description: 'Change since last close'
+      description: Change since last close
       type: String
     - contextPath: AlphaVantage.StockData.change percent
-      description: 'Change since last close in %'
+      description: Change since last close in %
       type: String
   - arguments:
     - description: Symbols of stocksto fetch
       isArray: true
       name: symbol
       required: true
     - auto: PREDEFINED
-      defaultValue: '60min'
+      defaultValue: 60min
       description: Time interval between two data points
       name: interval
       predefined:
-      - '1min'
-      - '5min'
-      - '15min'
-      - '30min'
-      - '60min'
+      - 1min
+      - 5min
+      - 15min
+      - 30min
+      - 60min
     - auto: PREDEFINED
       defaultValue: compact
       description: Amount of data return
       name: output_size
       predefined:
-      - 'compact'
-      - 'full'
+      - compact
+      - full
     description: Gets historical data for a stock
     name: alphavantage-stock-history-get
     outputs:
     - contextPath: AlphaVantage.StockHistory.Information
-      description: 'Info about each time series'
+      description: Info about each time series
       type: String
     - contextPath: AlphaVantage.StockHistory.Interval
-      description: 'Time interval between two data samples'
+      description: Time interval between two data samples
       type: String
     - contextPath: AlphaVantage.StockHistory.Last Refreshed
-      description: 'Last time the API  data was refreshed'
+      description: Last time the API  data was refreshed
       type: String
     - contextPath: AlphaVantage.StockHistory.Output Size
-      description: 'Amount of data. Either last 100 samples or as much as possible'
+      description: Amount of data. Either last 100 samples or as much as possible
       type: String
     - contextPath: AlphaVantage.StockHistory.Symbol
-      description: 'Stock symbol'
+      description: Stock symbol
       type: String
     - contextPath: AlphaVantage.StockHistory.Time Series
-      description: 'List of all stock data samples'
+      description: List of all stock data samples
       type: Unknown
-  dockerimage: demisto/python3:3.10.12.63474
+  dockerimage: demisto/python3:3.10.14.100715
   runonce: false
   script: '-'
   subtype: python3

diff --git a/Packs/AlphaVantage/ReleaseNotes/1_0_13.md b/Packs/AlphaVantage/ReleaseNotes/1_0_13.md
@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### AlphaVantage
+
+- Updated the Docker image to: *demisto/python3:3.10.14.100715*.
diff --git a/Packs/AlphaVantage/pack_metadata.json b/Packs/AlphaVantage/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "AlphaVantage",
     "description": "The Alpha Vantage content pack provides accessible APIs for financial market data such as stock prices. Utilize this pack to get open stock prices, high/low price, trade volume, and so on.",
     "support": "community",
-    "currentVersion": "1.0.12",
+    "currentVersion": "1.0.13",
     "author": "Ohad Valtzer",
     "url": "https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/bd-p/Cortex_XSOAR_Discussions",
     "email": "",

diff --git a/Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.py b/Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.py
@@ -184,8 +184,7 @@ def __init__(self, base_url, user_name, api_key, verify, proxy, reliability, sho
         self.reliability = reliability
         self.should_create_relationships = should_create_relationships
         self.credentials = {
-            'username': user_name,
-            'api_key': api_key
+            'Authorization': f"apikey {user_name}:{api_key}",
         }
         self.remote_api = remote_api
 
@@ -198,9 +197,9 @@ def http_request(self, method,
         """
             A wrapper for requests lib to send our requests and handle requests and responses better.
         """
-        params = params or {}
+        headers = headers or {}
         if not without_credentials:
-            params.update(self.credentials)
+            headers.update(self.credentials)
         res = super()._http_request(
             method=method,
             url_suffix=url_suffix,

diff --git a/Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml b/Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml
@@ -6431,7 +6431,7 @@ script:
       isArray: true
     description: Remove tags from the indicators.
     name: threatstream-remove-indicator-tag
-  dockerimage: demisto/py3-tools:1.0.0.93223
+  dockerimage: demisto/py3-tools:1.0.0.99035
   runonce: false
   script: '-'
   subtype: python3

diff --git a/Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3_test.py b/Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3_test.py
@@ -38,8 +38,8 @@ def util_tmp_json_file(mock_object, file_name: str):
 def mock_client():
     return Client(
         base_url='',
-        user_name='',
-        api_key='',
+        user_name='user',
+        api_key='key',
         proxy=False,
         should_create_relationships=True,
         verify=False,
@@ -1869,7 +1869,7 @@ def test_remove_indicator_tag_command_success(
 @pytest.mark.parametrize(
     "without_credentials, expected_params",
     [
-        (False, {'username': '', 'api_key': ''}),
+        (False, {'Authorization': 'apikey user:key'}),
         (True, {}),
     ],
 )
@@ -1882,5 +1882,6 @@ def test_http_request_without_credentials(mocker, without_credentials: bool, exp
     from AnomaliThreatStreamv3 import BaseClient
     http_request = mocker.patch.object(BaseClient, "_http_request", return_value={})
     client: BaseClient = mock_client()
+
     client.http_request("GET", "/hello", without_credentials=without_credentials)
-    assert http_request.call_args.kwargs["params"] == expected_params
+    assert http_request.call_args.kwargs["headers"] == expected_params
diff --git a/Packs/Anomali_ThreatStream/ReleaseNotes/2_2_21.md b/Packs/Anomali_ThreatStream/ReleaseNotes/2_2_21.md
@@ -0,0 +1,7 @@
+
+#### Integrations
+
+##### Anomali ThreatStream v3
+
+- Updated the Authorization flow due to changes on Anomali API side.
+- Updated the Docker image to *demisto/py3-tools:1.0.0.99035*.
diff --git a/Packs/Anomali_ThreatStream/pack_metadata.json b/Packs/Anomali_ThreatStream/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Anomali ThreatStream",
     "description": "Use Anomali ThreatStream to query and submit threats.",
     "support": "xsoar",
-    "currentVersion": "2.2.20",
+    "currentVersion": "2.2.21",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

diff --git a/Packs/ApiModules/Scripts/CoreIRApiModule/CoreIRApiModule.py b/Packs/ApiModules/Scripts/CoreIRApiModule/CoreIRApiModule.py
@@ -2968,23 +2968,23 @@ def resolve_xdr_close_reason(xsoar_close_reason: str) -> str:
     """
     # Initially setting the close reason according to the default mapping.
     xdr_close_reason = XSOAR_RESOLVED_STATUS_TO_XDR.get(xsoar_close_reason, 'resolved_other')
+
     # Reading custom XSOAR->XDR close-reason mapping.
     custom_xsoar_to_xdr_close_reason_mapping = comma_separated_mapping_to_dict(
         demisto.params().get("custom_xsoar_to_xdr_close_reason_mapping")
     )
 
     # Overriding default close-reason mapping if there exists a custom one.
     if xsoar_close_reason in custom_xsoar_to_xdr_close_reason_mapping:
-        xdr_close_reason_candidate = custom_xsoar_to_xdr_close_reason_mapping[xsoar_close_reason]
+        xdr_close_reason_candidate = custom_xsoar_to_xdr_close_reason_mapping.get(xsoar_close_reason)
         # Transforming resolved close-reason into snake_case format with known prefix to match XDR status format.
-        demisto.debug(
-            f"resolve_xdr_close_reason XSOAR->XDR custom close-reason exists, using {xsoar_close_reason}={xdr_close_reason}")
         xdr_close_reason_candidate = "resolved_" + "_".join(xdr_close_reason_candidate.lower().split(" "))
-
         if xdr_close_reason_candidate not in XDR_RESOLVED_STATUS_TO_XSOAR:
             demisto.debug("Warning: Provided XDR close-reason does not exist. Using default XDR close-reason mapping. ")
         else:
             xdr_close_reason = xdr_close_reason_candidate
+            demisto.debug(
+                f"resolve_xdr_close_reason XSOAR->XDR custom close-reason exists, using {xsoar_close_reason}={xdr_close_reason}")
     else:
         demisto.debug(f"resolve_xdr_close_reason using default mapping {xsoar_close_reason}={xdr_close_reason}")
 

diff --git a/Packs/ApiModules/Scripts/CoreIRApiModule/CoreIRApiModule.yml b/Packs/ApiModules/Scripts/CoreIRApiModule/CoreIRApiModule.yml
@@ -12,7 +12,7 @@ comment: Common Core IR Client, provides generic Infrastructure.
 scripttarget: 0
 dependson: {}
 timeout: 0s
-dockerimage: demisto/python3:3.10.14.99865
+dockerimage: demisto/python3:3.11.9.101916
 fromversion: 5.0.0
 tests:
 - No tests (auto formatted)
diff --git a/Packs/Arduino/Integrations/Arduino/Arduino.yml b/Packs/Arduino/Integrations/Arduino/Arduino.yml
@@ -9,7 +9,7 @@ configuration:
   required: true
   type: 0
 - additionalinfo: Port number
-  defaultvalue: "9090"
+  defaultvalue: '9090'
   display: Port number
   name: port
   required: true
@@ -123,7 +123,7 @@ script:
     - contextPath: Arduino.DataSend.Received
       description: The data received
       type: string
-  dockerimage: demisto/python3:3.10.12.63474
+  dockerimage: demisto/python3:3.10.14.100715
   script: ''
   subtype: python3
   type: python

diff --git a/Packs/Arduino/ReleaseNotes/1_0_12.md b/Packs/Arduino/ReleaseNotes/1_0_12.md
@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### Arduino
+
+- Updated the Docker image to: *demisto/python3:3.10.14.100715*.
diff --git a/Packs/Arduino/pack_metadata.json b/Packs/Arduino/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Arduino",
     "description": "Communicate with an Arduino over a network. Sample code for the Arduino is provided to get up and running. There are functions in the Arduino code to handle setting and getting pin values as well as arbitrary data.",
     "support": "community",
-    "currentVersion": "1.0.11",
+    "currentVersion": "1.0.12",
     "author": "Adam Burt",
     "url": "",
     "email": "",

diff --git a/...racuda/Integrations/BarracudaReputationBlockListBRBL/BarracudaReputationBlockListBRBL.yml b/...racuda/Integrations/BarracudaReputationBlockListBRBL/BarracudaReputationBlockListBRBL.yml
@@ -75,7 +75,7 @@ script:
       description: A description explaining why the IP address was reported as malicious.
       type: String
     description: Get IP Reputation
-  dockerimage: demisto/python3:3.10.12.63474
+  dockerimage: demisto/python3:3.10.14.100715
   runonce: false
   subtype: python3
 fromversion: 6.0.0

diff --git a/Packs/Barracuda/ReleaseNotes/1_0_11.md b/Packs/Barracuda/ReleaseNotes/1_0_11.md
@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### Barracuda Reputation Block List (BRBL)
+
+- Updated the Docker image to: *demisto/python3:3.10.14.100715*.
diff --git a/Packs/Barracuda/pack_metadata.json b/Packs/Barracuda/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Barracuda",
     "description": "Barracuda Reputation Block List (BRBL)",
     "support": "community",
-    "currentVersion": "1.0.10",
+    "currentVersion": "1.0.11",
     "author": "Harri Ruuttila",
     "url": "https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/bd-p/Cortex_XSOAR_Discussions",
     "email": "",

diff --git a/Packs/Base/ReleaseNotes/1_34_27.md b/Packs/Base/ReleaseNotes/1_34_27.md
@@ -0,0 +1,6 @@
+
+#### Scripts
+
+##### CommonServerPython
+
+Added a functionality to read server configuration.