RedCanary: Fixed an issue where the same detection was fetched multip…

…le times. (#27459) * Fixed an issue where the same detection was fetched multiple times. * update Docker image
demisto · Jun 16, 2023 · 6db9946 · 6db9946
1 parent 1f266b2
commit 6db9946
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 6 deletions.
diff --git a/Packs/RedCanary/Integrations/RedCanary/RedCanary.py b/Packs/RedCanary/Integrations/RedCanary/RedCanary.py
@@ -232,14 +232,14 @@ def process_timeline(detection_id):
                         'attributes', {}).get('command_line'),
                 }
                 files.append({
-                    'Name': os.path.basename(image.get('path')),
+                    'Name': os.path.basename(image.get('path', '')),
                     'MD5': image.get('md5'),
                     'SHA256': image.get('sha256'),
                     'Path': image.get('path'),
-                    'Extension': os.path.splitext(image['path'])[-1],
+                    'Extension': os.path.splitext(image.get('path', ''))[-1],
                 })
                 processes.append({
-                    'Name': os.path.basename(image.get('path')),
+                    'Name': os.path.basename(image.get('path', '')),
                     'Path': image.get('path'),
                     'MD5': image.get('md5'),
                     'SHA256': image.get('sha256'),
@@ -571,7 +571,7 @@ def fetch_incidents(last_run):
         if incident_id not in last_incidents_ids:
             # makes sure that the incident wasn't fetched before
             incidents.append(incident)
-            new_incidents_ids.append(incident_id)
+        new_incidents_ids.append(incident_id)
 
     if incidents:
         last_fetch = max([get_time_obj(incident['occurred']) for incident in incidents])  # noqa:F812

diff --git a/Packs/RedCanary/Integrations/RedCanary/RedCanary.yml b/Packs/RedCanary/Integrations/RedCanary/RedCanary.yml
@@ -43,7 +43,7 @@ script:
   script: ''
   type: python
   subtype: python3
-  dockerimage: demisto/python3:3.10.11.61265
+  dockerimage: demisto/python3:3.10.12.62631
   commands:
   - name: redcanary-acknowledge-detection
     arguments:

diff --git a/Packs/RedCanary/ReleaseNotes/1_1_14.md b/Packs/RedCanary/ReleaseNotes/1_1_14.md
@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### Red Canary
+- Fixed an issue where the same detection was fetched multiple times.
+- Updated the Docker image to: *demisto/python3:3.10.12.62631*.
diff --git a/Packs/RedCanary/pack_metadata.json b/Packs/RedCanary/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Red Canary",
     "description": "Red Canary collects endpoint data using Carbon Black Response and CrowdStrike Falcon.  The collected data is standardized into a common schema which allows teams to detect, analyze and respond to security incidents.",
     "support": "xsoar",
-    "currentVersion": "1.1.13",
+    "currentVersion": "1.1.14",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",