Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Edl enhancements #30664

Merged
merged 7 commits into from
Nov 7, 2023
+20 −5
Merged

Edl enhancements #30664

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
9b0b811
edl enhancements
adi88d Nov 5, 2023
3b9e409
update RN
adi88d Nov 5, 2023
77002b1
update hidden value
adi88d Nov 5, 2023
1cb60f5
add xsoar_saas to hidden
adi88d Nov 6, 2023
e582cba
Merge branch 'master' into edl-updates
adi88d Nov 6, 2023
34790e3
Update Packs/EDL/ReleaseNotes/3_2_13.md
adi88d Nov 6, 2023
7c61b63
Merge branch 'master' into edl-updates
adi88d Nov 6, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 8 additions & 5 deletions Packs/EDL/Integrations/EDL/EDL.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,7 @@ configuration:
display: Indicator Query
name: indicators_query
type: 0
section: Collect
advanced: true
advanced: false
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why remove from Collect?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i reverted it

required: false
- additionalinfo: The format of the exported list.
defaultvalue: PAN-OS (text)
Expand Down Expand Up @@ -62,6 +61,8 @@ configuration:
type: 0
section: Connect
required: false
hidden:
- marketplacev2
- additionalinfo: (For Cortex XSOAR 6.x) For use with HTTPS - the certificate that the service should use. (For Cortex XSOAR 8 and Cortex XSIAM) Custom certificates are not supported.
display: Certificate (Required for HTTPS)
name: certificate
Expand All @@ -82,6 +83,8 @@ configuration:
type: 9
section: Connect
required: false
hidden:
- marketplacev2
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have you tested this?
Last time I checked this wasn't showing as expected.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tested in xsoar saas:
image

- additionalinfo: If selected, the comment "# Empty list" is added to an empty list.
defaultvalue: 'true'
display: Add comment to empty list
Expand Down Expand Up @@ -251,8 +254,8 @@ configuration:
section: Connect
advanced: true
required: false
- additionalinfo: 'This parameter will be deprecated from September 2023. Make sure to adjust your default queries accordingly..'
display: 'Advanced: Use Legacy Queries (Deprecated)'
- additionalinfo: 'When enabled, the integration queries the server using full queries (overwrites the "Exported Fields" parameter). Advanced configuration to be used only if instructed by Cortex XSOAR Support, or you have encountered log errors in the form of: msgpack: invalid code.'
display: 'Advanced: Use Legacy Queries'
name: use_legacy_query
type: 8
section: Collect
Expand Down Expand Up @@ -428,7 +431,7 @@ script:
- 'False'
- 'True'
description: Updates values stored in the List (only available On-Demand).
dockerimage: demisto/flask-nginx:1.0.0.75066
dockerimage: demisto/flask-nginx:1.0.0.79973
longRunning: true
longRunningPort: true
script: '-'
Expand Down
9 changes: 9 additions & 0 deletions Packs/EDL/ReleaseNotes/3_2_13.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@

#### Integrations

##### Generic Export Indicators Service

- Undeprecated the *Legacy Query* parameter.
- Removed *Listen Port* and *credentials* parameters from cortex XSIAM.
adi88d marked this conversation as resolved.
Show resolved Hide resolved
- Move out from `Advanced settings` the *query* parameter.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure what this means? Is it no longer part of the Advanced settings but it is part of the regular settings? Was it just removed?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It means that the Indicator Query params was inside the Advanced settings and now we move it out from there to Collect section

image

- Updated the Docker image to: *demisto/flask-nginx:1.0.0.79973*.
2 changes: 1 addition & 1 deletion Packs/EDL/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Generic Export Indicators Service",
"description": "Use this pack to generate a list based on your Threat Intel Library, and export it to ANY other product in your network, such as your firewall, agent or SIEM. This pack is built for ongoing distribution of indicators from XSOAR to other products in the network, by creating an endpoint with a list of indicators that can be pulled by external vendors.",
"support": "xsoar",
"currentVersion": "3.2.12",
"currentVersion": "3.2.13",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
Loading