TAXII2 Indicator Fields #32986
Merged
TAXII2 Indicator Fields #32986
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Coverage Report
|
||||||||||||||||||||||||||||||
sapirshuker
added a commit
that referenced
this pull request
Mar 4, 2024
jbabazadeh
approved these changes
Mar 21, 2024
# Conflicts: # Packs/FeedDHS/pack_metadata.json # Packs/FeedMitreAttackv2/pack_metadata.json # Packs/FeedTAXII/pack_metadata.json
dantavori
pushed a commit
that referenced
this pull request
Apr 2, 2024
* create stixparser class * fix tests, add init to super * revert tests * fix pre-commit * add unit42Feed * fix tests * rewrite create_attack_pattern_indicator * rewrite parse_reports_and_report_relationships * add RN * Bump pack from version FeedUnit42v2 to 1.0.49. * Bump pack from version FeedTAXII to 1.2.8. * Bump pack from version FeedDHS to 2.0.34. * add test * add changes from #32986 PR * add taxii2 tests,rewrite unit42 * made changes minimal * fix tests, add RN for unit 42 * add impoer for the stix creator * replace get_tlp feedmitreAttack * fix tests * add client,fix tests,add docker image * resolve conflicts * resolve conflicts * resolve conflicts * add ignore_external_id * fix tests * fix tests * add rn * fix tests * add RN * Bump pack from version CommonScripts to 1.14.13. * fix test * add docker image * update docker image * Bump pack from version CommonScripts to 1.14.14. * fix relationships anf check delete * change feed_data to fix tests * add rn * replace tests from taxiiserver to apimodule * fix tests taxii2server * replace asn with autonomous-system * replace tests * Bump pack from version CommonScripts to 1.14.15. * fix taxii2 server issue, add pragam no cover * add tests * Bump pack from version CommonScripts to 1.14.16. * Bump pack from version CommonScripts to 1.14.17. * add test to api module, add defult value, fix tests * add tests * add tests * fix flake8 mypy errors * add_tests * Bump pack from version TAXIIServer to 2.0.58. * delete comments add docstrings * Bump pack from version CommonScripts to 1.14.18. * fix rn, delete comments * Update FeedUnit42v2_test.py * Update 2_0_58.md * add required fields * fixes * Bump pack from version CommonScripts to 1.14.19. * fixes * delete comments * delete comments * fix confilcts * fixes demo * add rn add x509-certificate, add tests. add doc strings * fix fields * update RN * fix x509 * fix add rn * flake 8 errors * fix errors * fix flake 8 errors * fix test and add #33431 changes * fix flake8 errors add RN * Bump pack from version CommonScripts to 1.14.21. * docker image update * CR comments, replace docker image * fix uppercases name * fix RN review * Bump pack from version CommonScripts to 1.14.22. * Bump pack from version TAXIIServer to 2.0.59. * Update 2_0_59.md * add test * pre-commit update * pre-commit * Bump pack from version CommonScripts to 1.14.23. * edit secret-ignore * add memory_threshold * Bump pack from version CommonScripts to 1.14.24. * Bump pack from version Base to 1.33.45. * update docker image * Bump pack from version Base to 1.33.46. * replace import, change tpb from 100,000 to 99,990 * replace import * fix pre-commit error auto8 * fix pre-commit * reduce tpb indicators to 99,000 * update docker taxii2apimodule * reduce tpb indicators to 98,000 * Update 1_0_50.md * reduce tpb indicators to 95,000 * Bump pack from version Base to 1.33.47. * reduce tpb indicators to 90,000 --------- Co-authored-by: Content Bot <[email protected]>
pal-xmco
pushed a commit
to pal-xmco/content
that referenced
this pull request
Jun 19, 2024
* add default_fields and publications to indicator * add confidence and languages by default * Fix tests * add RN * add known_words * assign in one line * update versions
pal-xmco
pushed a commit
to pal-xmco/content
that referenced
this pull request
Jun 19, 2024
* create stixparser class * fix tests, add init to super * revert tests * fix pre-commit * add unit42Feed * fix tests * rewrite create_attack_pattern_indicator * rewrite parse_reports_and_report_relationships * add RN * Bump pack from version FeedUnit42v2 to 1.0.49. * Bump pack from version FeedTAXII to 1.2.8. * Bump pack from version FeedDHS to 2.0.34. * add test * add changes from demisto#32986 PR * add taxii2 tests,rewrite unit42 * made changes minimal * fix tests, add RN for unit 42 * add impoer for the stix creator * replace get_tlp feedmitreAttack * fix tests * add client,fix tests,add docker image * resolve conflicts * resolve conflicts * resolve conflicts * add ignore_external_id * fix tests * fix tests * add rn * fix tests * add RN * Bump pack from version CommonScripts to 1.14.13. * fix test * add docker image * update docker image * Bump pack from version CommonScripts to 1.14.14. * fix relationships anf check delete * change feed_data to fix tests * add rn * replace tests from taxiiserver to apimodule * fix tests taxii2server * replace asn with autonomous-system * replace tests * Bump pack from version CommonScripts to 1.14.15. * fix taxii2 server issue, add pragam no cover * add tests * Bump pack from version CommonScripts to 1.14.16. * Bump pack from version CommonScripts to 1.14.17. * add test to api module, add defult value, fix tests * add tests * add tests * fix flake8 mypy errors * add_tests * Bump pack from version TAXIIServer to 2.0.58. * delete comments add docstrings * Bump pack from version CommonScripts to 1.14.18. * fix rn, delete comments * Update FeedUnit42v2_test.py * Update 2_0_58.md * add required fields * fixes * Bump pack from version CommonScripts to 1.14.19. * fixes * delete comments * delete comments * fix confilcts * fixes demo * add rn add x509-certificate, add tests. add doc strings * fix fields * update RN * fix x509 * fix add rn * flake 8 errors * fix errors * fix flake 8 errors * fix test and add demisto#33431 changes * fix flake8 errors add RN * Bump pack from version CommonScripts to 1.14.21. * docker image update * CR comments, replace docker image * fix uppercases name * fix RN review * Bump pack from version CommonScripts to 1.14.22. * Bump pack from version TAXIIServer to 2.0.59. * Update 2_0_59.md * add test * pre-commit update * pre-commit * Bump pack from version CommonScripts to 1.14.23. * edit secret-ignore * add memory_threshold * Bump pack from version CommonScripts to 1.14.24. * Bump pack from version Base to 1.33.45. * update docker image * Bump pack from version Base to 1.33.46. * replace import, change tpb from 100,000 to 99,990 * replace import * fix pre-commit error auto8 * fix pre-commit * reduce tpb indicators to 99,000 * update docker taxii2apimodule * reduce tpb indicators to 98,000 * Update 1_0_50.md * reduce tpb indicators to 95,000 * Bump pack from version Base to 1.33.47. * reduce tpb indicators to 90,000 --------- Co-authored-by: Content Bot <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Status
Related Issues
fixes: https://jira-dc.paloaltonetworks.com/browse/XSUP-33088
Description
Added the "set_default_fields" and "get_indicator_publication" functions to the IOCs of type "indicator". The following fields are added here: stixid, firstseenbysource, modified, description, publications.
The "confidence" and "languages" fields were also added by default to all IOCs.
Must have