From 2a7a7a83d15859fb0374e7b3b1e21d9a40bb3edf Mon Sep 17 00:00:00 2001
From: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com>
Date: Mon, 27 May 2024 15:04:51 +0300
Subject: [PATCH] CyberArk EPM get-events fix query (#34556)

* get-events fix query

* RN

* CR fixes
---
 .../CyberArkEPMEventCollector/CyberArkEPMEventCollector.py  | 4 ++--
 Packs/CyberArkEPM/ReleaseNotes/1_0_1.md                     | 6 ++++++
 Packs/CyberArkEPM/pack_metadata.json                        | 6 ++++--
 3 files changed, 12 insertions(+), 4 deletions(-)
 create mode 100644 Packs/CyberArkEPM/ReleaseNotes/1_0_1.md

diff --git a/Packs/CyberArkEPM/Integrations/CyberArkEPMEventCollector/CyberArkEPMEventCollector.py b/Packs/CyberArkEPM/Integrations/CyberArkEPMEventCollector/CyberArkEPMEventCollector.py
index 1c485aabfe14..eb36d6e400b9 100644
--- a/Packs/CyberArkEPM/Integrations/CyberArkEPMEventCollector/CyberArkEPMEventCollector.py
+++ b/Packs/CyberArkEPM/Integrations/CyberArkEPMEventCollector/CyberArkEPMEventCollector.py
@@ -97,7 +97,7 @@ def get_policy_audits(self, set_id: str, from_date: str = '', limit: int = MAX_L
         url_suffix = f'Sets/{set_id}/policyaudits/search?nextCursor={next_cursor}&limit={min(limit, MAX_LIMIT)}'
         filter_params = f'arrivalTime GE {from_date}'
         if self.policy_audits_event_type:
-            filter_params += f'{filter_params} AND eventType IN {",".join(self.policy_audits_event_type)}'
+            filter_params += f' AND eventType IN {",".join(self.policy_audits_event_type)}'
         data = assign_params(
             filter=filter_params,
         )
@@ -107,7 +107,7 @@ def get_events(self, set_id: str, from_date: str = '', limit: int = MAX_LIMIT, n
         url_suffix = f'Sets/{set_id}/Events/Search?nextCursor={next_cursor}&limit={min(limit, MAX_LIMIT)}'
         filter_params = f'arrivalTime GE {from_date}'
         if self.raw_events_event_type:
-            filter_params += f'{filter_params} AND eventType IN {",".join(self.raw_events_event_type)}'
+            filter_params += f' AND eventType IN {",".join(self.raw_events_event_type)}'
         data = assign_params(
             filter=filter_params,
         )
diff --git a/Packs/CyberArkEPM/ReleaseNotes/1_0_1.md b/Packs/CyberArkEPM/ReleaseNotes/1_0_1.md
new file mode 100644
index 000000000000..ae56bbf9fdb4
--- /dev/null
+++ b/Packs/CyberArkEPM/ReleaseNotes/1_0_1.md
@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### CyberArk EPM Event Collector
+
+Fixed an issue where the ***fetch-incidents*** command returned an internal server error.
diff --git a/Packs/CyberArkEPM/pack_metadata.json b/Packs/CyberArkEPM/pack_metadata.json
index 8a4410cd73c8..8f3b28dd26c6 100644
--- a/Packs/CyberArkEPM/pack_metadata.json
+++ b/Packs/CyberArkEPM/pack_metadata.json
@@ -2,11 +2,13 @@
     "name": "CyberArk EPM",
     "description": "Endpoint Privilege Manager helps remove local admin rights while improving user experience and optimizing IT operations.",
     "support": "xsoar",
-    "currentVersion": "1.0.0",
+    "currentVersion": "1.0.1",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",
-    "categories": ["Analytics & SIEM"],
+    "categories": [
+        "Analytics & SIEM"
+    ],
     "tags": [],
     "useCases": [],
     "keywords": [],