Skip to content

Commit

Permalink
Yc/carbon black/ciac 9132 (#35202)
Browse files Browse the repository at this point in the history 
* Existing commands migration to the new endpoints

* cbd-find-processes polling command added

* added cbd-find-observation-details polling command

* new version all existing commands including polling commands

* added validations for required args, and cleaning

* device commands added

* added docs string in client functions

* added docs string to all comands

* description file added

* mapper updated to the new response format

* docs and type ignore

* update and set policy commands added

* done

* readme file added for all commands

* Migration notes added

* removed -dev

* test file with all commands tests

* fixed build

* added RN and tests

* pre-commit

* pre commit

* format

* added release note and updated docker image

* rewrite

* handle priority_level in CamelCase arg

* docs review

* docs review

* deleted unneeded duplicates

* Update Packs/CarbonBlackDefense/ReleaseNotes/4_0_0.md

Co-authored-by: JudithB <[email protected]>

* format fixed

---------

Co-authored-by: JudithB <[email protected]>
  • Loading branch information
@yedidyacohenpalo @jbabazadeh
yedidyacohenpalo and jbabazadeh authored Jul 15, 2024
1 parent 55d0025 commit fc7412d
Show file tree
Hide file tree
Showing 9 changed files with 10,883 additions and 46 deletions.
53 changes: 8 additions & 45 deletions ...lassifiers/classifier-mapper-incoming-Carbon_Black_Endpoint_Standard_Incoming_Mapper.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,116 +10,79 @@
"Carbon Black Endpoint Standard": {
"dontMapEventToLabels": true,
"internalMapping": {
"Alert Category": {
"complex": null,
"simple": "category"
},
"Alert ID": {
"complex": null,
"simple": "id"
},
"Carbon Black ES Alert Severity": {
"complex": null,
"simple": "severity"
},
"Carbon Black ES First Event Time": {
"complex": null,
"simple": "first_event_time"
"simple": "first_event_timestamp"
},
"Carbon Black ES IOC Hit": {
"complex": null,
"simple": "ioc_hit"
},
"Carbon Black ES IOC Id": {
"complex": null,
"simple": "ioc_id"
},
"Carbon Black ES Last Event Time": {
"complex": null,
"simple": "last_event_time"
"simple": "last_event_timestamp"
},
"Carbon Black ES Process Id": {
"complex": null,
"simple": "process_guid"
},
"Carbon Black ES Process Name": {
"complex": null,
"simple": "process_name"
},
"Carbon Black ES Report Name": {
"complex": null,
"simple": "report_name"
},
"Carbon Black ES Reputation": {
"complex": null,
"simple": "threat_cause_reputation"
"simple": "process_reputation"
},
"Carbon Black ES Target Value": {
"complex": null,
"simple": "target_value"
},
"Carbon Black ES Threat Category": {
"complex": null,
"simple": "threat_cause_threat_category"
"simple": "device_target_value"
},
"Carbon Black ES Threat Id": {
"complex": null,
"simple": "threat_id"
},
"Carbon Black ES Vector": {
"complex": null,
"simple": "threat_cause_vector"
},
"Changed": {
"complex": null,
"simple": "workflow.changed_by"
},
"Description": {
"complex": null,
"simple": "reason"
},
"Device Id": {
"complex": null,
"simple": "device_id"
},
"Device Name": {
"complex": null,
"simple": "device_name"
},
"Device Username": {
"complex": null,
"simple": "device_username"
},
"Last Update Time": {
"complex": null,
"simple": "last_update_time"
"simple": "backend_update_timestamp"
},
"OS": {
"complex": null,
"simple": "device_os"
},
"OS Version": {
"complex": null,
"simple": "device_os_version"
},
"Policy ID": {
"complex": null,
"simple": "policy_id"
"simple": "device_policy_id"
},
"Carbon Black ES Report ID": {
"complex": null,
"simple": "report_id"
},
"SHA256": {
"complex": null,
"simple": "threat_cause_actor_sha256"
"simple": "process_sha256"
},
"State": {
"complex": null,
"simple": "workflow.state"
"simple": "workflow.status"
},
"Tags": {
"complex": null,
"simple": "tags"
}
}
Expand Down
Loading

0 comments on commit fc7412d

Please sign in to comment.