Skip to content

Commit

Permalink
Align credentials stores - part 22 (#27683)
Browse files Browse the repository at this point in the history
* Align credentials stores - part 22

* fix

* fix

* cr note
  • Loading branch information
maimorag authored and MosheEichler committed Jul 2, 2023
1 parent 7bb0d68 commit 5acef60
Show file tree
Hide file tree
Showing 14 changed files with 70 additions and 23 deletions.
2 changes: 1 addition & 1 deletion Packs/CarbonBlackEnterpriseEDR/.pack-ignore
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
[file:CarbonBlackEnterpriseEDR.yml]
ignore=IN126,IN145
ignore=IN126

[file:README.md]
ignore=RM104
Original file line number Diff line number Diff line change
Expand Up @@ -1295,8 +1295,10 @@ def main():
"""
PARSE AND VALIDATE INTEGRATION PARAMS
"""
cb_custom_key = demisto.params().get('custom_key')
cb_custom_id = demisto.params().get('custom_id')
cb_custom_key = demisto.params().get('credentials_custom', {}).get('password') or demisto.params().get('custom_key')
cb_custom_id = demisto.params().get('credentials_custom', {}).get('identifier') or demisto.params().get('custom_id')
if not (cb_custom_key and cb_custom_id):
raise DemistoException('Custom ID and Custom key must be provided.')
cb_org_key = demisto.params().get('organization_key')
token = f'{cb_custom_key}/{cb_custom_id}'
# get the service API url
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,14 +18,22 @@ configuration:
section: Connect
- display: Custom Key
name: custom_key
required: true
required: false
type: 4
section: Connect
hidden: true
- display: Custom ID
name: custom_id
required: true
required: false
type: 0
section: Connect
hidden: true
- display: Custom ID
name: credentials_custom
required: false
type: 9
displaypassword: Custom Key
section: Connect
- display: Fetch incidents
name: isFetch
required: false
Expand All @@ -48,7 +56,7 @@ configuration:
type: 8
section: Connect
advanced: true
- defaultvalue: 3 days
- defaultvalue: '3 days'
display: First fetch timestamp (<number> <time unit>, e.g., 12 hours, 7 days, 3 months, 1 year)
name: fetch_time
required: false
Expand Down Expand Up @@ -1793,7 +1801,7 @@ script:
- contextPath: CarbonBlackEEDR.SearchProcess.results.scriptload_count
description: The cumulative count of loaded scripts since process tracking started.
type: Number
dockerimage: demisto/python3:3.10.11.54132
dockerimage: demisto/python3:3.10.12.63474
feed: false
isfetch: true
longRunning: false
Expand Down
6 changes: 6 additions & 0 deletions Packs/CarbonBlackEnterpriseEDR/ReleaseNotes/1_1_29.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@

#### Integrations

##### VMware Carbon Black Enterprise EDR
- Added the *Custom ID* and *Custom Key* integration parameters to support credentials fetching object.
- Updated the Docker image to: *demisto/python3:3.10.12.63474*.
2 changes: 1 addition & 1 deletion Packs/CarbonBlackEnterpriseEDR/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Carbon Black Cloud Enterprise EDR",
"description": "Advanced threat hunting and incident response solution.",
"support": "xsoar",
"currentVersion": "1.1.28",
"currentVersion": "1.1.29",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,14 +9,16 @@ let SLEEP_BETWEEN_RETRIES = 1000 * 5;
let DEFAULT_WAIT_TIMEOUT = 1000 * 60 * 2;
let ERROR_MESSAGE = 'Use Live Response for Cb Defense or Cb Response.\nFor Cb Defense: Provide \'Live Response\' API key and connector.\nFor Cb Response: Provide API Token.';
//validate the credentials are provided to match only one of the products
if (params.apitoken && (params.apikey || params.connector) ) {
let API_TOKEN = (params.credentials_api_token)? params.credentials_api_token.password : params.apitoken;
let API_KEY = (params.credentials_api_key)? params.credentials_api_key.password : params.apikey;
if (API_TOKEN && (API_KEY || params.connector) ) {
throw ERROR_MESSAGE;
}
//determain Cb product
if (params.apitoken) {
if (API_TOKEN) {
CB_PRODUCT = 'Response';
BASE_URL = `${params.serverurl}/api/v1/cblr`;
AUTH = params.apitoken;
AUTH = API_TOKEN;
COMMAND_DATA = [
{to: 'CbSensorID', from: 'sensor_id'},
{to: 'CbSessionID', from: 'session_id'},
Expand All @@ -30,10 +32,10 @@ if (params.apitoken) {
{to: 'Result.Type', from: 'result_type'},
{to: 'Result.Code', from: 'result_code'}
];
} else if (params.apikey && params.connector){
} else if (API_KEY && params.connector){
CB_PRODUCT = 'Defense';
BASE_URL = `${params.serverurl}/integrationServices/v3/cblr`
AUTH = params.apikey + '/' + params.connector;
AUTH = API_KEY + '/' + params.connector;
COMMAND_DATA = [
{to: 'CbSensorID', from: 'sensor_id'},
{to: 'CbSessionID', from: 'session_id'},
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,23 @@ configuration:
defaultvalue: ""
type: 4
required: false
hidden: true
- displaypassword: API Token (CB Response)
name: credentials_api_token
required: false
hiddenusername: true
type: 9
- display: API Key (CB Defense)
name: apikey
defaultvalue: ""
type: 4
required: false
hidden: true
- displaypassword: API Key (CB Defense)
name: credentials_api_key
required: false
hiddenusername: true
type: 9
- display: Connector ID (CB Defense)
name: connector
defaultvalue: ""
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@

#### Integrations

##### VMware Carbon Black EDR (Live Response API)
- Added the *API Key* and the *API Token* integration parameters to support credentials fetching object.
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Carbon Black Enterprise Live Response",
"description": "Collect information and take action on remote endpoints in real time with Carbon Black Enterprise Live Response.",
"support": "xsoar",
"currentVersion": "1.1.4",
"currentVersion": "1.1.5",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
3 changes: 0 additions & 3 deletions Packs/DuoAdminApi/.pack-ignore
Original file line number Diff line number Diff line change
@@ -1,6 +1,3 @@
[file:DuoAdminApi.yml]
ignore=IN145

[file:DuoAdminApi_image.png]
ignore=IM111

Expand Down
6 changes: 4 additions & 2 deletions Packs/DuoAdminApi/Integrations/DuoAdminApi/DuoAdminApi.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@
# Setup

HOST = demisto.getParam('hostname')
INTEGRATION_KEY = demisto.getParam('integration_key')
SECRET_KEY = demisto.getParam('secret_key')
INTEGRATION_KEY = demisto.params().get('credentials_key', {}).get('identifier') or demisto.getParam('integration_key')
SECRET_KEY = demisto.params().get('credentials_key', {}).get('password') or demisto.getParam('secret_key')
USE_SSL = not demisto.params().get('insecure', False)
USE_PROXY = demisto.params().get('proxy', False)

Expand Down Expand Up @@ -397,6 +397,8 @@ def main() -> None: # pragma: no cover
args = demisto.args()
command = demisto.command()
demisto.debug(f'Command being called is {command}')
if not (SECRET_KEY and INTEGRATION_KEY):
raise DemistoException('Secret Key and Integration Key must be provided.')
try:
admin_api = create_api_call()
set_proxy(admin_api)
Expand Down
13 changes: 10 additions & 3 deletions Packs/DuoAdminApi/Integrations/DuoAdminApi/DuoAdminApi.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,19 @@ configuration:
type: 0
- display: Integration Key
name: integration_key
required: true
required: false
type: 0
hidden: true
- display: Secret Key
name: secret_key
required: true
required: false
type: 4
hidden: true
- displaypassword: Secret Key
name: credentials_key
required: false
display: Integration Key
type: 9
- display: Trust any certificate (not secure)
name: insecure
required: false
Expand Down Expand Up @@ -333,7 +340,7 @@ script:
outputs: []
description: Modify the user account.
name: duoadmin-modify-user
dockerimage: demisto/duoadmin3:1.0.0.61875
dockerimage: demisto/duoadmin3:1.0.0.63681
runonce: false
script: ''
type: python
Expand Down
6 changes: 6 additions & 0 deletions Packs/DuoAdminApi/ReleaseNotes/4_0_3.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@

#### Integrations

##### DUO Admin
- Updated the Docker image to: *demisto/duoadmin3:1.0.0.63681*.
- Added the *Secret Key* and *Integration Key* integration parameters to support credentials fetching object.
2 changes: 1 addition & 1 deletion Packs/DuoAdminApi/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "DUO Admin",
"description": "DUO for admins.\nMust have access to the admin api in order to use this",
"support": "xsoar",
"currentVersion": "4.0.2",
"currentVersion": "4.0.3",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down

0 comments on commit 5acef60

Please sign in to comment.