Add CrowdStrike Falcon to XSIAM Marketplace #37854

kamalq97 · 2024-12-26T14:49:58Z

Related Issues

Description

Update CrowdStrike Falcon pack:

Made the pack available in the Cortex XSIAM marketplace.
Improved documentation and metadata.
Ensure playbooks only appear in Cortex XSOAR.
[XSIAM] Add ability to fetch events and create a new cs-falcon-get-events command.

github-actions · 2024-12-29T09:06:25Z

Coverage Report

File	Stmts	Miss	Cover	Missing
Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon
CrowdStrikeFalcon.py	3026	763	74%	494, 519, 559, 571, 605–606, 608–609, 627, 818–820, 835, 838, 866–875, 896, 971, 1009–1010, 1012, 1015–1017, 1065, 1095, 1154–1155, 1157, 1162, 1165–1166, 1181–1183, 1188, 1191–1192, 1207–1208, 1210, 1215, 1218–1219, 1247, 1249, 1254–1255, 1265, 1267, 1272–1273, 1383, 1504, 1506, 1534, 1536, 1558–1561, 1596, 1646, 1650, 1752, 1764–1765, 1767–1768, 1771, 1773, 1777–1778, 1814, 1823, 1828, 1857, 1859, 1887, 1891, 1923, 1925, 2055, 2061, 2072–2075, 2084–2088, 2142, 2146, 2155, 2158–2159, 2162, 2171, 2174–2175, 2178, 2194, 2226, 2232–2235, 2238, 2242, 2294–2295, 2297, 2301, 2304, 2307, 2311–2312, 2315, 2330, 2493–2497, 2502, 2505, 2508–2509, 2512–2514, 2516, 2525, 2527, 2607–2609, 2611–2613, 2730, 2735, 2739, 2743, 2783–2786, 2789, 2792, 2794–2795, 2838–2840, 2843–2845, 2847, 2868, 2972, 2998–2999, 3007, 3009, 3062–3063, 3072, 3074, 3115, 3193–3196, 3198, 3208–3211, 3213, 3262, 3265, 3272, 3274, 3453–3454, 3639, 3743–3744, 3746, 3784–3789, 3839–3842, 3911, 3918, 3956, 4045, 4083, 4101, 4115, 4129–4132, 4145–4149, 4151–4152, 4154–4155, 4167–4170, 4193, 4237–4239, 4268, 4274, 4309–4317, 4319–4320, 4328–4341, 4343–4344, 4346, 4348–4349, 4351–4353, 4355–4358, 4360, 4362, 4364, 4376–4384, 4386–4399, 4407–4410, 4418–4421, 4457–4460, 4479–4484, 4486–4487, 4489–4496, 4506–4507, 4510, 4727–4729, 4737, 4759–4762, 4774, 4805–4808, 4824, 4856–4859, 4879–4880, 4890, 4903–4904, 4906, 4915–4918, 4959–4960, 4978–4981, 5026–5029, 5065, 5070–5071, 5113, 5115–5116, 5156–5157, 5163, 5184–5185, 5201–5202, 5217, 5231, 5234–5235, 5243, 5246–5247, 5258, 5262, 5301–5303, 5311–5313, 5315, 5342–5351, 5382, 5449–5452, 5455–5456, 5460–5463, 5466–5467, 5476–5477, 5479, 5481, 5483, 5485–5487, 5491, 5505–5509, 5574–5576, 5578, 5581, 5583, 5586, 5588–5590, 5592, 5594–5595, 5599–5603, 5608, 5610–5611, 5615–5616, 5618–5622, 5626, 5687, 5790, 6101, 6142, 6153, 6224, 6226, 6235, 6241, 6308, 6315, 6320, 6322, 6332, 6338, 6343, 6345–6346, 6348–6350, 6352, 6360, 6378, 6387, 6393, 6411, 6419, 6424, 6426–6427, 6429–6431, 6433, 6441, 6471, 6477, 6482, 6484, 6493, 6499, 6504, 6506–6507, 6509–6511, 6513, 6521, 6575, 6577–6578, 6580–6581, 6583, 6627–6628, 6630–6631, 6638, 6640, 6645, 6724, 6753–6754, 6762–6763, 6767, 6831, 6883, 6936, 7060, 7134–7135, 7137, 7139, 7156–7158, 7160–7163, 7165–7170, 7172–7177, 7179–7185, 7187–7250, 7252–7263, 7270–7283, 7285–7286, 7288–7289, 7297–7298, 7300–7301, 7303–7304, 7306–7307, 7309–7313, 7317–7321, 7325–7326, 7328–7333, 7335–7338, 7340–7389, 7391–7406, 7408, 7410–7411
TOTAL	3026	763	74%

Tests	Skipped	Failures	Errors	Time
1396	0 💤	0 ❌	0 🔥	24.077s ⏱️

kamalq97 added 2 commits December 26, 2024 16:04

Hide Crowdstrike Falcon integration playbooks from XSIAM marketplace

1534b23

Add non-deprecated CloudStrike packs to MarketplaceV2

ba4e139

kamalq97 added the inprogress It means the PR is still on progress, and should not be merged even if the build is green or approve label Dec 26, 2024

kamalq97 self-assigned this Dec 26, 2024

Add release notes

6688962

kamalq97 added 24 commits December 29, 2024 13:58

Fill empty README of packs containing supported integrations

8fbdd48

Ensure deprecated integration remains in XSOAR marketplace

0277d97

Improve CrowdStrike FalconX docs

7aa4115

Update README.md

b974c2f

Update README.md

aed3032

Support XSIAM fetch-events in CrowdStrike Falcon

00deaac

Update CrowdStrikeFalcon.yml

d06f02e

Remove CrowdStrike Falcon Streaming from marketplacev2

79f632a

Update README.md

8bb1982

Update pack_metadata.json

b7b72c8

Update README.md

59cc169

Update CrowdStrikeFalcon_description.md

e459aa0

Update CrowdStrike Falcon docs

6eb3b16

Merge branch 'master' into CIAC-12439-crowdstrike-marketplacev2

9f28831

Update release notes

d890986

Implement cs-falcon-get-events

9bd749e

Update README.md

eea721f

Update and document fetch default

22ff568

Ensure CrowdStrike Falcon Streaming v2 is in XSOAR marketplace

326c79a

Update release notes

0a32f63

Update FQL links

1186901

Update README.md

bda1e23

Update VENDOR and PRODUCT

1c0b735

Update CrowdStrikeFalcon_description.md

3a62184

kamalq97 added 17 commits January 5, 2025 16:50

Delete falcon_upload.sh

18155e3

Remove changes to deprecated FalconHost

0f364aa

Update 2_1_2.md

757741e

Update CrowdStrikeFalcon.yml

f5100e1

Update docs

71c61f8

Add logic to transform incidents into events

c0ad3be

Revert changes to other CrowdStrike packs

346caa4

Merge branch 'master' into CIAC-12439-crowdstrike-marketplacev2

583dbc6

Create 2_1_3md

0cb17a3

Update pack_metadata.json

6b3ad06

Fix release notes

f629409

Update CrowdStrikeFalcon.py

251d0b1

Revert change to IOA Incident context

41a951f

Improve documentation and update defaults

1ecb788

Fix pylint issues

3100861

Update YML

132fae6

Update CrowdStrikeFalcon.yml

89bb1c7

kamalq97 requested a review from JasBeilin January 9, 2025 07:58

kamalq97 marked this pull request as ready for review January 9, 2025 07:58

kamalq97 added python Pull requests that update Python code enhancement and removed inprogress It means the PR is still on progress, and should not be merged even if the build is green or approve labels Jan 9, 2025

kamalq97 changed the title ~~Add CrowdStrike packs to XSIAM Marketplace [DRAFT]~~ Add CrowdStrike Falcon to XSIAM Marketplace Jan 9, 2025

kamalq97 added 2 commits January 9, 2025 15:35

Update hidden config params

fadcdbb

Update pack_metadata.json

92acdc4

kamalq97 removed the request for review from JasBeilin January 9, 2025 15:09

kamalq97 marked this pull request as draft January 9, 2025 15:10

kamalq97 added 3 commits January 9, 2025 17:12

Update hiding of params and arguments

14b4123

Merge branch 'master' into CIAC-12439-crowdstrike-marketplacev2

eeaa2e6

Create 2_1_5.md

268ab24

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add CrowdStrike Falcon to XSIAM Marketplace #37854

Add CrowdStrike Falcon to XSIAM Marketplace #37854

kamalq97 commented Dec 26, 2024 •

edited

Loading

github-actions bot commented Dec 29, 2024 •

edited

Loading

Add CrowdStrike Falcon to XSIAM Marketplace #37854

Are you sure you want to change the base?

Add CrowdStrike Falcon to XSIAM Marketplace #37854

Conversation

kamalq97 commented Dec 26, 2024 • edited Loading

Related Issues

Description

github-actions bot commented Dec 29, 2024 • edited Loading

kamalq97 commented Dec 26, 2024 •

edited

Loading

github-actions bot commented Dec 29, 2024 •

edited

Loading