Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed an issue where proxy wasn't ignored when configured #10620

Merged
merged 3 commits into from
Jan 4, 2021
Merged

Fixed an issue where proxy wasn't ignored when configured #10620

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8370268
Fixed an issue where proxy wasn't ignored when configured
Dec 27, 2020
0b90fe2
CR fixes
Dec 27, 2020
b015e88
Update 2_7_3.md
roysagi Dec 31, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 1 addition & 3 deletions Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,9 +48,7 @@ def __init__(self, params: Dict):
self._base_url: str = urljoin(params.get('url'), '/public_api/v1/indicators/')
self._verify_cert: bool = not params.get('insecure', False)
self._headers: Dict = get_headers(params)
self._proxy = params.get('proxy', False)
if self._proxy:
self._proxy = handle_proxy()
handle_proxy()

def http_request(self, url_suffix: str, requests_kwargs) -> Dict:
url: str = f'{self._base_url}{url_suffix}'
Expand Down
32 changes: 20 additions & 12 deletions Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,14 @@ configuration:
required: false
type: 8
- defaultvalue: 'true'
additionalinfo: When enabled, indicators will be synced from Cortex XSOAR to Cortex XDR. Disable if you prefer to use a playbook to sync indicators.
additionalinfo: When enabled, indicators will be synced from Cortex XSOAR to Cortex
XDR. Disable if you prefer to use a playbook to sync indicators.
display: Auto Sync
name: autoSync
required: false
type: 8
- additionalinfo: Map the severity of each indicator that will be synced to Cortex XDR.
- additionalinfo: Map the severity of each indicator that will be synced to Cortex
XDR.
display: Cortex XDR Severity
hidden: false
name: severity
Expand All @@ -44,7 +46,8 @@ configuration:
name: feedTags
required: false
type: 0
- additionalinfo: The query used to collect indicators to sync from Cortex XSOAR to Cortex XDR.
- additionalinfo: The query used to collect indicators to sync from Cortex XSOAR to
Cortex XDR.
defaultvalue: reputation:Bad and (type:File or type:Domain or type:IP)
display: Sync Query
hidden: false
Expand Down Expand Up @@ -83,7 +86,8 @@ configuration:
- F - Reliability cannot be judged
required: true
type: 15
- additionalinfo: The Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feed
- additionalinfo: The Traffic Light Protocol (TLP) designation to apply to indicators
fetched from the feed
display: Traffic Light Protocol Color
name: tlp_color
options:
Expand All @@ -96,17 +100,17 @@ configuration:
- display: ''
name: feedExpirationPolicy
options:
- never
- interval
- indicatorType
- suddenDeath
- never
- interval
- indicatorType
- suddenDeath
required: false
type: 17
- display: ''
name: feedExpirationInterval
required: false
type: 1
- display: ''
- display: Incremental Feed
defaultvalue: 'true'
hidden: true
name: feedIncremental
Expand All @@ -124,7 +128,10 @@ configuration:
name: feedBypassExclusionList
required: false
type: 8
description: Use the Cortex XDR - IOCs feed integration to sync indicators from Cortex XSOAR to Cortex XDR and back to Cortex XSOAR. Cortex XDR is the world's first detection and response app that natively integrates network, endpoint and cloud data to stop sophisticated attacks.
description: Use the Cortex XDR - IOCs feed integration to sync indicators from Cortex
XSOAR to Cortex XDR and back to Cortex XSOAR. Cortex XDR is the world's first detection
and response app that natively integrates network, endpoint and cloud data to stop
sophisticated attacks.
display: Cortex XDR - IOC
name: Cortex XDR - IOC
script:
Expand All @@ -149,7 +156,8 @@ script:
name: xdr-iocs-sync
- arguments:
- default: false
description: IOCs to push. leave empty to push all recently modified IOCs.the indicators
description: IOCs to push. leave empty to push all recently modified IOCs.the
indicators
isArray: true
name: indicator
required: false
Expand Down Expand Up @@ -180,7 +188,7 @@ script:
description: Disables IOCs in the XDR server.
execution: false
name: xdr-iocs-disable
dockerimage: demisto/python3:3.8.6.12176
dockerimage: demisto/python3:3.8.6.14516
feed: true
isfetch: false
longRunning: false
Expand Down
5 changes: 5 additions & 0 deletions Packs/CortexXDR/ReleaseNotes/2_7_3.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@

#### Integrations
##### Cortex XDR - IOC
- Fixed an issue where the proxy was not ignored even when the *Use system proxy settings* integration parameter was unchecked.
- Upgraded the Docker image to demisto/python3:3.8.6.14516.
4 changes: 2 additions & 2 deletions Packs/CortexXDR/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Palo Alto Networks Cortex XDR - Investigation and Response",
"description": "This Content Pack automates Cortex XDR incident response, and includes custom Cortex XDR incident views and layouts to aid analyst investigations.",
"support": "xsoar",
"currentVersion": "2.7.2",
"currentVersion": "2.7.3",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down Expand Up @@ -79,4 +79,4 @@
"display_name": "Port Scan"
}
}
}
}