[Marketplace Contribution] Abnormal Security - Content Pack Update (#…

…32959) * "contribution update to pack "Abnormal Security"" * Update Packs/AbnormalSecurity/ReleaseNotes/2_3_0.md * Rename 2_3_0.md to 2_2_7.md --------- Co-authored-by: JudithB <[email protected]>
demisto · Mar 21, 2024 · f96448e · f96448e
1 parent 7e1f456
commit f96448e
Show file tree

Hide file tree

Showing 5 changed files with 768 additions and 685 deletions.
diff --git a/Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.py b/Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.py
@@ -1,4 +1,7 @@
-from CommonServerPython import *
+import demistomock as demisto  # noqa: F401
+from CommonServerPython import *  # noqa: F401
+
+
 from typing import Dict, Any
 import logging
 from datetime import datetime
@@ -69,17 +72,19 @@ def get_a_list_of_abnormal_cases_identified_by_abnormal_security_request(self, f
         return response
 
     def get_a_list_of_campaigns_submitted_to_abuse_mailbox_request(self, filter_='', page_size=None, page_number=None,
-                                                                   subtenant=None):
-        params = assign_params(filter=filter_, pageSize=page_size, pageNumber=page_number, subtenant=subtenant)
+                                                                   subtenant=None, subject=None, sender=None, recipient=None, reporter=None, attackType=None, threatType=None):
+        params = assign_params(filter=filter_, pageSize=page_size, pageNumber=page_number, subtenant=subtenant, subject=subject,
+                               sender=sender, recipient=recipient, reporter=reporter, attackType=attackType, threatType=threatType)
 
         headers = self._headers
 
         response = self._http_request('get', 'abusecampaigns', params=params, headers=headers)
 
         return response
 
-    def get_a_list_of_threats_request(self, filter_='', page_size=None, page_number=None, source=None, subtenant=None):
-        params = assign_params(filter=filter_, pageSize=page_size, pageNumber=page_number, source=source, subtenant=subtenant)
+    def get_a_list_of_threats_request(self, filter_='', page_size=None, page_number=None, source=None, subtenant=None, subject=None, sender=None, recipient=None, topic=None, attackType=None, attackVector=None):
+        params = assign_params(filter=filter_, pageSize=page_size, pageNumber=page_number, source=source, subtenant=subtenant,
+                               subject=subject, sender=sender, recipient=recipient, topic=topic, attackType=attackType, attackVector=attackVector)
 
         headers = self._headers
 
@@ -335,8 +340,15 @@ def get_a_list_of_campaigns_submitted_to_abuse_mailbox_command(client, args):
     page_size = args.get('page_size', None)
     page_number = args.get('page_number', None)
     subtenant = args.get('subtenant', None)
-
-    response = client.get_a_list_of_campaigns_submitted_to_abuse_mailbox_request(filter_, page_size, page_number, subtenant)
+    subject = args.get('subject', None)
+    sender = args.get('sender', None)
+    recipient = args.get('recipient', None)
+    reporter = args.get('reporter', None)
+    attackType = args.get('attackType', None)
+    threatType = args.get('threatType', None)
+
+    response = client.get_a_list_of_campaigns_submitted_to_abuse_mailbox_request(
+        filter_, page_size, page_number, subtenant, subject, sender, recipient, reporter, attackType, threatType)
     markdown = tableToMarkdown('Campaign IDs', response.get('campaigns', []), headers=['campaignId'], removeNull=True)
 
     command_results = CommandResults(
@@ -356,8 +368,15 @@ def get_a_list_of_threats_command(client, args):
     page_number = args.get('page_number', None)
     source = str(args.get('source', ''))
     subtenant = args.get('subtenant', None)
-
-    response = client.get_a_list_of_threats_request(filter_, page_size, page_number, source, subtenant)
+    subject = args.get('subject', None)
+    sender = args.get('sender', None)
+    recipient = args.get('recipient', None)
+    topic = args.get('topic', None)
+    attackType = args.get('attackType', None)
+    attackVector = args.get('attackVector', None)
+
+    response = client.get_a_list_of_threats_request(
+        filter_, page_size, page_number, source, subtenant, subject, sender, recipient, topic, attackType, attackVector)
     markdown = tableToMarkdown('Threat IDs', response.get('threats'), headers=['threatId'], removeNull=True)
     command_results = CommandResults(
         readable_output=markdown,
@@ -455,7 +474,7 @@ def get_details_of_an_abuse_mailbox_campaign_command(client, args):
 
     response = client.get_details_of_an_abuse_mailbox_campaign_request(campaign_id, subtenant)
     command_results = CommandResults(
-        outputs_prefix='AbnormalSecurity.AbuseCampaign.campaigns',
+        outputs_prefix='AbnormalSecurity.AbuseCampaign',
         outputs_key_field='campaignId',
         outputs=response,
         raw_response=response