From 384123106adf1eb0c783abe0ca08d90bd7a5b17f Mon Sep 17 00:00:00 2001 From: Mike Beauchamp Date: Thu, 9 Nov 2023 00:51:33 -0700 Subject: [PATCH] XSOAR Simple Dev to Prod Update - Oct 2023 (#30534) * updating to add core rest api support * removed from xsiam marketplace * updated descriptions on incident fields to include core rest api * adding email to pack metadata * updated release notes for 1.0.6 * Updated release notes to remove the layout and type * added if113 to the pack ignore for the fields * Apply suggestions from code review * updated docker container in readme * fix release notes validation --------- Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> --- Packs/XSOAR-SimpleDevToProd/.pack-ignore | 11 +- ...incidentfield-XSOAR_Dev_Instance_Name.json | 56 +- ...ncidentfield-XSOAR_Dev_to_Prod_Method.json | 56 +- ...ncidentfield-XSOAR_Prod_Instance_Name.json | 56 +- .../incidenttype-XSOAR_Dev_to_Prod.json | 58 +- .../layoutscontainer-XSOAR_Dev_to_Prod.json | 1434 ++++++++--------- ...XSOAR_-_Export_Selected_Custom_Content.yml | 628 +------- ...-_Export_Selected_Custom_Content_README.md | 9 +- ...ybook-JOB_-_XSOAR_-_Simple_Dev_to_Prod.yml | 649 +------- ...JOB_-_XSOAR_-_Simple_Dev_to_Prod_README.md | 9 +- Packs/XSOAR-SimpleDevToProd/README.md | 11 +- .../ReleaseNotes/1_0_6.md | 41 + .../CustomContentBundleWizardry.yml | 4 +- .../CustomContentBundleWizardry/README.md | 3 + .../IsDemistoRestAPIInstanceAvailable.py | 4 +- .../IsDemistoRestAPIInstanceAvailable.yml | 6 +- .../README.md | 5 +- .../XSOAR-SimpleDevToProd/pack_metadata.json | 11 +- 18 files changed, 935 insertions(+), 2116 deletions(-) create mode 100644 Packs/XSOAR-SimpleDevToProd/ReleaseNotes/1_0_6.md diff --git a/Packs/XSOAR-SimpleDevToProd/.pack-ignore b/Packs/XSOAR-SimpleDevToProd/.pack-ignore index f6c8e92bd35f..b7efac892d5c 100644 --- a/Packs/XSOAR-SimpleDevToProd/.pack-ignore +++ b/Packs/XSOAR-SimpleDevToProd/.pack-ignore @@ -11,4 +11,13 @@ ignore=RM106 ignore=RM106 [file:README.md] -ignore=RM106 \ No newline at end of file +ignore=RM106 + +[file:incidentfield-XSOAR_Dev_Instance_Name.json] +ignore=IF113 + +[file:incidentfield-XSOAR_Dev_to_Prod_Method.json] +ignore=IF113 + +[file:incidentfield-XSOAR_Prod_Instance_Name.json] +ignore=IF113 \ No newline at end of file diff --git a/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Dev_Instance_Name.json b/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Dev_Instance_Name.json index 4dfbafc8b7be..ecc5dd5b2973 100644 --- a/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Dev_Instance_Name.json +++ b/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Dev_Instance_Name.json @@ -1,30 +1,30 @@ { - "associatedToAll": false, - "associatedTypes": [ - "XSOAR Dev to Prod" - ], - "caseInsensitive": true, - "cliName": "xsoardevinstancename", - "closeForm": false, - "content": true, - "description": "Name of the Dev Demisto REST API Instance in the simple Dev to Prod setup", - "editForm": true, - "group": 0, - "hidden": false, - "id": "incident_xsoardevinstancename", - "isReadOnly": false, - "locked": false, - "name": "XSOAR Dev Instance Name", - "neverSetAsRequired": false, - "ownerOnly": false, - "required": false, - "sla": 0, - "system": false, - "threshold": 72, - "type": "shortText", - "unmapped": false, - "unsearchable": true, - "useAsKpi": false, - "version": -1, - "fromVersion": "6.0.0" + "associatedToAll": false, + "associatedTypes": [ + "XSOAR Dev to Prod" + ], + "caseInsensitive": true, + "cliName": "xsoardevinstancename", + "closeForm": false, + "content": true, + "description": "Name of the Dev Core or Demisto REST API Instance in the simple Dev to Prod setup", + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_xsoardevinstancename", + "isReadOnly": false, + "locked": false, + "name": "XSOAR Dev Instance Name", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": true, + "useAsKpi": false, + "version": -1, + "fromVersion": "6.0.0" } \ No newline at end of file diff --git a/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Dev_to_Prod_Method.json b/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Dev_to_Prod_Method.json index 8dbdf86c953d..467dc76ef1c0 100644 --- a/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Dev_to_Prod_Method.json +++ b/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Dev_to_Prod_Method.json @@ -1,30 +1,30 @@ { - "associatedToAll": false, - "associatedTypes": [ - "XSOAR Dev to Prod" - ], - "caseInsensitive": true, - "cliName": "xsoardevtoprodmethod", - "closeForm": false, - "content": true, - "description": "The method used in the XSOAR Dev to Prod playbook, (Manual or Automated)", - "editForm": true, - "group": 0, - "hidden": false, - "id": "incident_xsoardevtoprodmethod", - "isReadOnly": false, - "locked": false, - "name": "XSOAR Dev to Prod Method", - "neverSetAsRequired": false, - "ownerOnly": false, - "required": false, - "sla": 0, - "system": false, - "threshold": 72, - "type": "shortText", - "unmapped": false, - "unsearchable": true, - "useAsKpi": false, - "version": -1, - "fromVersion": "6.0.0" + "associatedToAll": false, + "associatedTypes": [ + "XSOAR Dev to Prod" + ], + "caseInsensitive": true, + "cliName": "xsoardevtoprodmethod", + "closeForm": false, + "content": true, + "description": "The method used in the XSOAR Dev to Prod playbook, (Manual or Automated)", + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_xsoardevtoprodmethod", + "isReadOnly": false, + "locked": false, + "name": "XSOAR Dev to Prod Method", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": true, + "useAsKpi": false, + "version": -1, + "fromVersion": "6.0.0" } \ No newline at end of file diff --git a/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Prod_Instance_Name.json b/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Prod_Instance_Name.json index c291dc18116c..e7d4d166701f 100644 --- a/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Prod_Instance_Name.json +++ b/Packs/XSOAR-SimpleDevToProd/IncidentFields/incidentfield-XSOAR_Prod_Instance_Name.json @@ -1,30 +1,30 @@ { - "associatedToAll": false, - "associatedTypes": [ - "XSOAR Dev to Prod" - ], - "caseInsensitive": true, - "cliName": "xsoarprodinstancename", - "closeForm": false, - "content": true, - "description": "Name of the Prod Demisto REST API Instance in the simple Dev to Prod setup", - "editForm": true, - "group": 0, - "hidden": false, - "id": "incident_xsoarprodinstancename", - "isReadOnly": false, - "locked": false, - "name": "XSOAR Prod Instance Name", - "neverSetAsRequired": false, - "ownerOnly": false, - "required": false, - "sla": 0, - "system": false, - "threshold": 72, - "type": "shortText", - "unmapped": false, - "unsearchable": true, - "useAsKpi": false, - "version": -1, - "fromVersion": "6.0.0" + "associatedToAll": false, + "associatedTypes": [ + "XSOAR Dev to Prod" + ], + "caseInsensitive": true, + "cliName": "xsoarprodinstancename", + "closeForm": false, + "content": true, + "description": "Name of the Prod Core or Demisto REST API Instance in the simple Dev to Prod setup", + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_xsoarprodinstancename", + "isReadOnly": false, + "locked": false, + "name": "XSOAR Prod Instance Name", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": true, + "useAsKpi": false, + "version": -1, + "fromVersion": "6.0.0" } \ No newline at end of file diff --git a/Packs/XSOAR-SimpleDevToProd/IncidentTypes/incidenttype-XSOAR_Dev_to_Prod.json b/Packs/XSOAR-SimpleDevToProd/IncidentTypes/incidenttype-XSOAR_Dev_to_Prod.json index b43ccb23ed7f..b91b8e1438e1 100644 --- a/Packs/XSOAR-SimpleDevToProd/IncidentTypes/incidenttype-XSOAR_Dev_to_Prod.json +++ b/Packs/XSOAR-SimpleDevToProd/IncidentTypes/incidenttype-XSOAR_Dev_to_Prod.json @@ -1,31 +1,31 @@ { - "autorun": true, - "color": "#F06292", - "days": 0, - "daysR": 0, - "default": false, - "detached": false, - "disabled": false, - "extractSettings": { - "fieldCliNameToExtractSettings": { - - }, - "mode": "All" - }, - "hours": 0, - "hoursR": 0, - "id": "XSOAR Dev to Prod", - "layout": "XSOAR Dev to Prod", - "locked": false, - "name": "XSOAR Dev to Prod", - "onChangeRepAlg": 1, - "playbookId": "JOB - XSOAR - Export Selected Custom Content", - "readonly": false, - "reputationCalc": 1, - "system": false, - "version": -1, - "weeks": 0, - "weeksR": 0, - "fromVersion": "6.0.0", - "marketplaces": ["xsoar"] + "autorun": true, + "color": "#F06292", + "days": 0, + "daysR": 0, + "default": false, + "detached": false, + "disabled": false, + "extractSettings": { + "fieldCliNameToExtractSettings": {}, + "mode": "All" + }, + "hours": 0, + "hoursR": 0, + "id": "XSOAR Dev to Prod", + "layout": "XSOAR Dev to Prod", + "locked": false, + "name": "XSOAR Dev to Prod", + "onChangeRepAlg": 1, + "playbookId": "JOB - XSOAR - Export Selected Custom Content", + "readonly": false, + "reputationCalc": 1, + "system": false, + "version": -1, + "weeks": 0, + "weeksR": 0, + "fromVersion": "6.0.0", + "marketplaces": [ + "xsoar" + ] } \ No newline at end of file diff --git a/Packs/XSOAR-SimpleDevToProd/Layouts/layoutscontainer-XSOAR_Dev_to_Prod.json b/Packs/XSOAR-SimpleDevToProd/Layouts/layoutscontainer-XSOAR_Dev_to_Prod.json index 2f156fda9fec..64f9d213b7e5 100644 --- a/Packs/XSOAR-SimpleDevToProd/Layouts/layoutscontainer-XSOAR_Dev_to_Prod.json +++ b/Packs/XSOAR-SimpleDevToProd/Layouts/layoutscontainer-XSOAR_Dev_to_Prod.json @@ -1,727 +1,711 @@ { - "close": { - "sections": [ - { - "description": "", - "fields": [ - { - "fieldId": "incident_closereason", - "isVisible": true - }, - { - "fieldId": "incident_closenotes", - "isVisible": true - } - ], - "isVisible": true, - "name": "Basic Information", - "query": null, - "queryType": "", - "readOnly": false, - "type": "" - } - ] - }, - "detailsV2": { - "tabs": [ - { - "id": "summary", - "name": "Legacy Summary", - "type": "summary" - }, - { - "id": "caseinfoid", - "name": "Incident Info", - "sections": [ - { - "displayType": "ROW", - "h": 2, - "i": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", - "isVisible": true, - "items": [ - { - "endCol": 2, - "fieldId": "severity", - "height": 22, - "id": "incident-severity-field", - "index": 0, - "sectionItemType": "field", - "startCol": 0 - }, - { - "endCol": 2, - "fieldId": "type", - "height": 22, - "id": "incident-type-field", - "index": 1, - "sectionItemType": "field", - "startCol": 0 - }, - { - "dropEffect": "move", - "endCol": 2, - "fieldId": "owner", - "height": 22, - "id": "incident-owner-field", - "index": 2, - "listId": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", - "sectionItemType": "field", - "startCol": 0 - }, - { - "endCol": 2, - "fieldId": "roles", - "height": 22, - "id": "73a95920-a6ae-11ea-ae9d-8553407179ff", - "index": 3, - "sectionItemType": "field", - "startCol": 0 - }, - { - "dropEffect": "move", - "endCol": 2, - "fieldId": "dbotcreated", - "height": 22, - "id": "incident-created-field", - "index": 4, - "listId": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", - "sectionItemType": "field", - "startCol": 0 - }, - { - "dropEffect": "move", - "endCol": 2, - "fieldId": "occurred", - "height": 22, - "id": "incident-occurred-field", - "index": 5, - "listId": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", - "sectionItemType": "field", - "startCol": 0 - }, - { - "dropEffect": "move", - "endCol": 2, - "fieldId": "dbotmodified", - "height": 22, - "id": "incident-modified-field", - "index": 7, - "listId": "caseinfoid-ac32f620-a0b0-11e9-b27f-13ae1773d289", - "sectionItemType": "field", - "startCol": 0 - }, - { - "dropEffect": "move", - "endCol": 2, - "fieldId": "dbotclosed", - "height": 22, - "id": "eda146a0-a1ba-11ea-8efe-d92f013a0581", - "index": 8, - "listId": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", - "sectionItemType": "field", - "startCol": 0 - }, - { - "dropEffect": "move", - "endCol": 2, - "fieldId": "dbottotaltime", - "height": 22, - "id": "c57778a0-a5e0-11ea-beb5-2996637e1d9e", - "index": 9, - "listId": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", - "sectionItemType": "field", - "startCol": 0 - }, - { - "dropEffect": "move", - "endCol": 2, - "fieldId": "dbotduedate", - "height": 22, - "id": "incident-dueDate-field", - "index": 10, - "listId": "caseinfoid-ac32f620-a0b0-11e9-b27f-13ae1773d289", - "sectionItemType": "field", - "startCol": 0 - } - ], - "maxH": null, - "maxW": 1, - "minH": 1, - "minW": 1, - "moved": false, - "name": "Case Details", - "static": false, - "w": 1, - "x": 0, - "y": 0 - }, - { - "displayType": "ROW", - "h": 2, - "hideName": false, - "i": "caseinfoid-7717e580-9bed-11e9-9a3f-8b4b2158e260", - "maxH": null, - "maxW": 1, - "minH": 1, - "minW": 1, - "moved": false, - "name": "Team Members", - "static": false, - "type": "team", - "w": 1, - "x": 0, - "y": 4 - }, - { - "displayType": "ROW", - "h": 2, - "i": "caseinfoid-88e6bf70-a0b1-11e9-b27f-13ae1773d289", - "isVisible": true, - "items": [ - { - "endCol": 2, - "fieldId": "dbotclosed", - "height": 22, - "id": "incident-dbotClosed-field", - "index": 0, - "sectionItemType": "field", - "startCol": 0 - }, - { - "endCol": 2, - "fieldId": "closereason", - "height": 22, - "id": "incident-closeReason-field", - "index": 1, - "sectionItemType": "field", - "startCol": 0 - }, - { - "endCol": 2, - "fieldId": "closenotes", - "height": 44, - "id": "incident-closeNotes-field", - "index": 2, - "sectionItemType": "field", - "startCol": 0 - }, - { - "endCol": 2, - "fieldId": "closinguserid", - "height": 22, - "id": "85c48b10-a1be-11ea-8efe-d92f013a0581", - "index": 3, - "sectionItemType": "field", - "startCol": 0 - } - ], - "maxH": null, - "maxW": 1, - "minH": 1, - "minW": 1, - "moved": false, - "name": "Closing Information", - "static": false, - "w": 1, - "x": 1, - "y": 4 - }, - { - "description": "**Reminder**: Please ensure to install any required Marketplace Packs on the production server as well! Customizations to OOTB Incident types, configuration, etc, should be applied after uploading the custom content.\n\nDev to Prod tab has the content bundles for this run.", - "displayType": "ROW", - "h": 2, - "i": "caseinfoid-e54b1770-a0b1-11e9-b27f-13ae1773d289", - "isVisible": true, - "items": [ - { - "endCol": 4, - "fieldId": "xsoardevtoprodmethod", - "height": 22, - "id": "7b9c34e0-5dc4-11eb-8940-ff9baa520e4a", - "index": 0, - "sectionItemType": "field", - "startCol": 0 - }, - { - "endCol": 4, - "fieldId": "xsoardevinstancename", - "height": 22, - "id": "76d955a0-5dc4-11eb-8940-ff9baa520e4a", - "index": 1, - "sectionItemType": "field", - "startCol": 0 - }, - { - "endCol": 4, - "fieldId": "xsoarprodinstancename", - "height": 22, - "id": "7f1fdd60-5dc4-11eb-8940-ff9baa520e4a", - "index": 2, - "sectionItemType": "field", - "startCol": 0 - }, - { - "dropEffect": "move", - "endCol": 4, - "fieldId": "playbookid", - "height": 22, - "id": "incident-playbookId-field", - "index": 3, - "listId": "caseinfoid-e54b1770-a0b1-11e9-b27f-13ae1773d289", - "sectionItemType": "field", - "startCol": 0 - } - ], - "maxH": null, - "maxW": 2, - "minH": 1, - "minW": 2, - "moved": false, - "name": "XSOAR Dev to Prod", - "static": false, - "w": 2, - "x": 1, - "y": 0 - }, - { - "h": 2, - "i": "caseinfoid-f9dd0ce0-60b6-11eb-a207-edb36f37e8f5", - "items": [ - - ], - "maxH": null, - "maxW": 1, - "minH": 1, - "minW": 1, - "moved": false, - "name": "Work Plan", - "static": false, - "type": "workplan", - "w": 1, - "x": 0, - "y": 2 - }, - { - "h": 2, - "i": "caseinfoid-083a1d00-60b7-11eb-a207-edb36f37e8f5", - "items": [ - - ], - "maxH": null, - "maxW": 2, - "minH": 1, - "minW": 2, - "moved": false, - "name": "Notes", - "static": false, - "type": "notes", - "w": 2, - "x": 1, - "y": 2 - }, - { - "description": "Quick view of content bundles from this run, see the Dev to Prod tab for more information.", - "h": 2, - "i": "caseinfoid-d22b0b10-60b7-11eb-a207-edb36f37e8f5", - "items": [ - - ], - "maxH": null, - "maxW": 1, - "minH": 1, - "minW": 1, - "moved": false, - "name": "Content Bundles", - "query": { - "tags": [ - "devcontent", - "prodbackup", - "selectedcontent" - ] - }, - "queryType": "warRoomFilter", - "static": false, - "type": "invTimeline", - "w": 1, - "x": 2, - "y": 4 - } - ], - "type": "custom" - }, - { - "hidden": false, - "id": "ixxpcd2rip", - "name": "Dev to Prod ", - "sections": [ - { - "description": "The downloaded dev custom content bundle", - "h": 2, - "i": "ixxpcd2rip-fcbf10e0-5dc6-11eb-ae45-310ec9c1f911", - "items": [ - - ], - "maxH": null, - "maxW": 3, - "minH": 1, - "minW": 3, - "moved": false, - "name": "Dev Content Bundle", - "query": { - "categories": [ - - ], - "tags": [ - "devcontent" - ] - }, - "queryType": "warRoomFilter", - "static": false, - "type": "invTimeline", - "w": 3, - "x": 0, - "y": 0 - }, - { - "description": "The selected custom content bundle, this can be downloaded and uploaded to prod. Or if using the dev to prod this is what will be uploaded to prod.", - "h": 2, - "i": "ixxpcd2rip-0b7df010-5dc7-11eb-ae45-310ec9c1f911", - "items": [ - - ], - "maxH": null, - "maxW": 3, - "minH": 1, - "minW": 3, - "moved": false, - "name": "Selected Custom Content", - "query": { - "categories": [ - - ], - "tags": [ - "selectedcontent" - ] - }, - "queryType": "warRoomFilter", - "static": false, - "type": "invTimeline", - "w": 3, - "x": 0, - "y": 2 - }, - { - "description": "This is the backup of the production custom content prior to uploading the selected bundle above.", - "h": 2, - "i": "ixxpcd2rip-2bc11000-5dc7-11eb-ae45-310ec9c1f911", - "items": [ - - ], - "maxH": null, - "maxW": 3, - "minH": 1, - "minW": 3, - "moved": false, - "name": "Production Backup of Custom Content", - "query": { - "categories": [ - - ], - "tags": [ - "prodbackup" - ] - }, - "queryType": "warRoomFilter", - "static": false, - "type": "invTimeline", - "w": 3, - "x": 0, - "y": 4 - } - ], - "type": "custom" - }, - { - "id": "workPlan", - "name": "Work Plan", - "type": "workPlan" - }, - { - "id": "warRoom", - "name": "War Room", - "type": "warRoom" - }, - { - "hidden": true, - "id": "evidenceBoard", - "name": "Evidence Board", - "type": "evidenceBoard" - }, - { - "hidden": true, - "id": "relatedIncidents", - "name": "Related Incidents", - "type": "relatedIncidents" - }, - { - "hidden": true, - "id": "canvas", - "name": "Canvas", - "type": "canvas" - } - ] - }, - "edit": { - "sections": [ - { - "description": "", - "fields": [ - { - "fieldId": "incident_name", - "isVisible": true - }, - { - "fieldId": "incident_details", - "isVisible": true - }, - { - "fieldId": "incident_type", - "isVisible": true - }, - { - "fieldId": "incident_owner", - "isVisible": true - }, - { - "fieldId": "incident_severity", - "isVisible": true - }, - { - "fieldId": "incident_occurred", - "isVisible": true - }, - { - "fieldId": "incident_reminder", - "isVisible": true - }, - { - "fieldId": "incident_labels", - "isVisible": true - }, - { - "fieldId": "incident_roles", - "isVisible": true - }, - { - "fieldId": "incident_playbookid", - "isVisible": true - }, - { - "fieldId": "incident_attachment", - "isVisible": true - } - ], - "isVisible": true, - "name": "Basic Information", - "query": null, - "queryType": "", - "readOnly": false, - "type": "" - } - ] - }, - "group": "incident", - "id": "XSOAR Dev to Prod", - "mobile": { - "sections": [ - { - "description": "", - "fields": [ - { - "fieldId": "incident_type", - "isVisible": true - }, - { - "fieldId": "incident_name", - "isVisible": true - }, - { - "fieldId": "incident_details", - "isVisible": true - }, - { - "fieldId": "incident_severity", - "isVisible": true - }, - { - "fieldId": "incident_dbotstatus", - "isVisible": true - }, - { - "fieldId": "incident_owner", - "isVisible": true - }, - { - "fieldId": "incident_roles", - "isVisible": true - }, - { - "fieldId": "incident_playbookid", - "isVisible": true - } - ], - "isVisible": true, - "name": "Basic Information", - "query": null, - "queryType": "", - "readOnly": false, - "type": "" - }, - { - "description": "", - "fields": [ - { - "fieldId": "incident_dbotcreated", - "isVisible": true - }, - { - "fieldId": "incident_occurred", - "isVisible": true - }, - { - "fieldId": "incident_dbotduedate", - "isVisible": true - }, - { - "fieldId": "incident_dbotmodified", - "isVisible": true - }, - { - "fieldId": "incident_dbottotaltime", - "isVisible": true - } - ], - "isVisible": true, - "name": "Timeline Information", - "query": null, - "queryType": "", - "readOnly": false, - "type": "" - }, - { - "description": "", - "fields": [ - { - "fieldId": "incident_labels", - "isVisible": true - } - ], - "isVisible": true, - "name": "Labels", - "query": null, - "queryType": "", - "readOnly": true, - "type": "labels" - } - ] - }, - "name": "XSOAR Dev to Prod", - "quickView": { - "sections": [ - { - "description": "", - "fields": [ - { - "fieldId": "incident_type", - "isVisible": true - }, - { - "fieldId": "incident_name", - "isVisible": true - }, - { - "fieldId": "incident_details", - "isVisible": true - }, - { - "fieldId": "incident_severity", - "isVisible": true - }, - { - "fieldId": "incident_dbotstatus", - "isVisible": true - }, - { - "fieldId": "incident_owner", - "isVisible": true - }, - { - "fieldId": "incident_roles", - "isVisible": true - }, - { - "fieldId": "incident_playbookid", - "isVisible": true - } - ], - "isVisible": true, - "name": "Basic Information", - "query": null, - "queryType": "", - "readOnly": false, - "type": "" - }, - { - "description": "", - "fields": [ - { - "fieldId": "incident_dbotcreated", - "isVisible": true - }, - { - "fieldId": "incident_occurred", - "isVisible": true - }, - { - "fieldId": "incident_dbotduedate", - "isVisible": true - }, - { - "fieldId": "incident_dbotmodified", - "isVisible": true - }, - { - "fieldId": "incident_dbottotaltime", - "isVisible": true - } - ], - "isVisible": true, - "name": "Timeline Information", - "query": null, - "queryType": "", - "readOnly": false, - "type": "" - }, - { - "description": "", - "fields": [ - { - "fieldId": "incident_labels", - "isVisible": true - } - ], - "isVisible": true, - "name": "Labels", - "query": null, - "queryType": "", - "readOnly": true, - "type": "labels" - } - ] - }, - "system": false, - "version": -1, - "fromVersion": "6.0.0", - "description": "XSOAR Simple Dev to Prod layout", - "marketplaces": ["xsoar"] + "close": { + "sections": [ + { + "description": "", + "fields": [ + { + "fieldId": "incident_closereason", + "isVisible": true + }, + { + "fieldId": "incident_closenotes", + "isVisible": true + } + ], + "isVisible": true, + "name": "Basic Information", + "query": null, + "queryType": "", + "readOnly": false, + "type": "" + } + ] + }, + "detailsV2": { + "tabs": [ + { + "id": "summary", + "name": "Legacy Summary", + "type": "summary" + }, + { + "id": "caseinfoid", + "name": "Incident Info", + "sections": [ + { + "displayType": "ROW", + "h": 2, + "i": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", + "isVisible": true, + "items": [ + { + "endCol": 2, + "fieldId": "severity", + "height": 22, + "id": "incident-severity-field", + "index": 0, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "type", + "height": 22, + "id": "incident-type-field", + "index": 1, + "sectionItemType": "field", + "startCol": 0 + }, + { + "dropEffect": "move", + "endCol": 2, + "fieldId": "owner", + "height": 22, + "id": "incident-owner-field", + "index": 2, + "listId": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "roles", + "height": 22, + "id": "73a95920-a6ae-11ea-ae9d-8553407179ff", + "index": 3, + "sectionItemType": "field", + "startCol": 0 + }, + { + "dropEffect": "move", + "endCol": 2, + "fieldId": "dbotcreated", + "height": 22, + "id": "incident-created-field", + "index": 4, + "listId": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", + "sectionItemType": "field", + "startCol": 0 + }, + { + "dropEffect": "move", + "endCol": 2, + "fieldId": "occurred", + "height": 22, + "id": "incident-occurred-field", + "index": 5, + "listId": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", + "sectionItemType": "field", + "startCol": 0 + }, + { + "dropEffect": "move", + "endCol": 2, + "fieldId": "dbotmodified", + "height": 22, + "id": "incident-modified-field", + "index": 7, + "listId": "caseinfoid-ac32f620-a0b0-11e9-b27f-13ae1773d289", + "sectionItemType": "field", + "startCol": 0 + }, + { + "dropEffect": "move", + "endCol": 2, + "fieldId": "dbotclosed", + "height": 22, + "id": "eda146a0-a1ba-11ea-8efe-d92f013a0581", + "index": 8, + "listId": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", + "sectionItemType": "field", + "startCol": 0 + }, + { + "dropEffect": "move", + "endCol": 2, + "fieldId": "dbottotaltime", + "height": 22, + "id": "c57778a0-a5e0-11ea-beb5-2996637e1d9e", + "index": 9, + "listId": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", + "sectionItemType": "field", + "startCol": 0 + }, + { + "dropEffect": "move", + "endCol": 2, + "fieldId": "dbotduedate", + "height": 22, + "id": "incident-dueDate-field", + "index": 10, + "listId": "caseinfoid-ac32f620-a0b0-11e9-b27f-13ae1773d289", + "sectionItemType": "field", + "startCol": 0 + } + ], + "maxH": null, + "maxW": 1, + "minH": 1, + "minW": 1, + "moved": false, + "name": "Case Details", + "static": false, + "w": 1, + "x": 0, + "y": 0 + }, + { + "displayType": "ROW", + "h": 2, + "hideName": false, + "i": "caseinfoid-7717e580-9bed-11e9-9a3f-8b4b2158e260", + "maxH": null, + "maxW": 1, + "minH": 1, + "minW": 1, + "moved": false, + "name": "Team Members", + "static": false, + "type": "team", + "w": 1, + "x": 0, + "y": 4 + }, + { + "displayType": "ROW", + "h": 2, + "i": "caseinfoid-88e6bf70-a0b1-11e9-b27f-13ae1773d289", + "isVisible": true, + "items": [ + { + "endCol": 2, + "fieldId": "dbotclosed", + "height": 22, + "id": "incident-dbotClosed-field", + "index": 0, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "closereason", + "height": 22, + "id": "incident-closeReason-field", + "index": 1, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "closenotes", + "height": 44, + "id": "incident-closeNotes-field", + "index": 2, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "closinguserid", + "height": 22, + "id": "85c48b10-a1be-11ea-8efe-d92f013a0581", + "index": 3, + "sectionItemType": "field", + "startCol": 0 + } + ], + "maxH": null, + "maxW": 1, + "minH": 1, + "minW": 1, + "moved": false, + "name": "Closing Information", + "static": false, + "w": 1, + "x": 1, + "y": 4 + }, + { + "description": "**Reminder**: Please ensure to install any required Marketplace Packs on the production server as well! Customizations to OOTB Incident types, configuration, etc, should be applied after uploading the custom content.\n\nDev to Prod tab has the content bundles for this run.", + "displayType": "ROW", + "h": 2, + "i": "caseinfoid-e54b1770-a0b1-11e9-b27f-13ae1773d289", + "isVisible": true, + "items": [ + { + "endCol": 4, + "fieldId": "xsoardevtoprodmethod", + "height": 22, + "id": "7b9c34e0-5dc4-11eb-8940-ff9baa520e4a", + "index": 0, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 4, + "fieldId": "xsoardevinstancename", + "height": 22, + "id": "76d955a0-5dc4-11eb-8940-ff9baa520e4a", + "index": 1, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 4, + "fieldId": "xsoarprodinstancename", + "height": 22, + "id": "7f1fdd60-5dc4-11eb-8940-ff9baa520e4a", + "index": 2, + "sectionItemType": "field", + "startCol": 0 + }, + { + "dropEffect": "move", + "endCol": 4, + "fieldId": "playbookid", + "height": 22, + "id": "incident-playbookId-field", + "index": 3, + "listId": "caseinfoid-e54b1770-a0b1-11e9-b27f-13ae1773d289", + "sectionItemType": "field", + "startCol": 0 + } + ], + "maxH": null, + "maxW": 2, + "minH": 1, + "minW": 2, + "moved": false, + "name": "XSOAR Dev to Prod", + "static": false, + "w": 2, + "x": 1, + "y": 0 + }, + { + "h": 2, + "i": "caseinfoid-f9dd0ce0-60b6-11eb-a207-edb36f37e8f5", + "items": [], + "maxH": null, + "maxW": 1, + "minH": 1, + "minW": 1, + "moved": false, + "name": "Work Plan", + "static": false, + "type": "workplan", + "w": 1, + "x": 0, + "y": 2 + }, + { + "h": 2, + "i": "caseinfoid-083a1d00-60b7-11eb-a207-edb36f37e8f5", + "items": [], + "maxH": null, + "maxW": 2, + "minH": 1, + "minW": 2, + "moved": false, + "name": "Notes", + "static": false, + "type": "notes", + "w": 2, + "x": 1, + "y": 2 + }, + { + "description": "Quick view of content bundles from this run, see the Dev to Prod tab for more information.", + "h": 2, + "i": "caseinfoid-d22b0b10-60b7-11eb-a207-edb36f37e8f5", + "items": [], + "maxH": null, + "maxW": 1, + "minH": 1, + "minW": 1, + "moved": false, + "name": "Content Bundles", + "query": { + "tags": [ + "devcontent", + "prodbackup", + "selectedcontent" + ] + }, + "queryType": "warRoomFilter", + "static": false, + "type": "invTimeline", + "w": 1, + "x": 2, + "y": 4 + } + ], + "type": "custom" + }, + { + "hidden": false, + "id": "ixxpcd2rip", + "name": "Dev to Prod ", + "sections": [ + { + "description": "The downloaded dev custom content bundle", + "h": 2, + "i": "ixxpcd2rip-fcbf10e0-5dc6-11eb-ae45-310ec9c1f911", + "items": [], + "maxH": null, + "maxW": 3, + "minH": 1, + "minW": 3, + "moved": false, + "name": "Dev Content Bundle", + "query": { + "categories": [], + "tags": [ + "devcontent" + ] + }, + "queryType": "warRoomFilter", + "static": false, + "type": "invTimeline", + "w": 3, + "x": 0, + "y": 0 + }, + { + "description": "The selected custom content bundle, this can be downloaded and uploaded to prod. Or if using the dev to prod this is what will be uploaded to prod.", + "h": 2, + "i": "ixxpcd2rip-0b7df010-5dc7-11eb-ae45-310ec9c1f911", + "items": [], + "maxH": null, + "maxW": 3, + "minH": 1, + "minW": 3, + "moved": false, + "name": "Selected Custom Content", + "query": { + "categories": [], + "tags": [ + "selectedcontent" + ] + }, + "queryType": "warRoomFilter", + "static": false, + "type": "invTimeline", + "w": 3, + "x": 0, + "y": 2 + }, + { + "description": "This is the backup of the production custom content prior to uploading the selected bundle above.", + "h": 2, + "i": "ixxpcd2rip-2bc11000-5dc7-11eb-ae45-310ec9c1f911", + "items": [], + "maxH": null, + "maxW": 3, + "minH": 1, + "minW": 3, + "moved": false, + "name": "Production Backup of Custom Content", + "query": { + "categories": [], + "tags": [ + "prodbackup" + ] + }, + "queryType": "warRoomFilter", + "static": false, + "type": "invTimeline", + "w": 3, + "x": 0, + "y": 4 + } + ], + "type": "custom" + }, + { + "id": "workPlan", + "name": "Work Plan", + "type": "workPlan" + }, + { + "id": "warRoom", + "name": "War Room", + "type": "warRoom" + }, + { + "hidden": true, + "id": "evidenceBoard", + "name": "Evidence Board", + "type": "evidenceBoard" + }, + { + "hidden": true, + "id": "relatedIncidents", + "name": "Related Incidents", + "type": "relatedIncidents" + }, + { + "hidden": true, + "id": "canvas", + "name": "Canvas", + "type": "canvas" + } + ] + }, + "edit": { + "sections": [ + { + "description": "", + "fields": [ + { + "fieldId": "incident_name", + "isVisible": true + }, + { + "fieldId": "incident_details", + "isVisible": true + }, + { + "fieldId": "incident_type", + "isVisible": true + }, + { + "fieldId": "incident_owner", + "isVisible": true + }, + { + "fieldId": "incident_severity", + "isVisible": true + }, + { + "fieldId": "incident_occurred", + "isVisible": true + }, + { + "fieldId": "incident_reminder", + "isVisible": true + }, + { + "fieldId": "incident_labels", + "isVisible": true + }, + { + "fieldId": "incident_roles", + "isVisible": true + }, + { + "fieldId": "incident_playbookid", + "isVisible": true + }, + { + "fieldId": "incident_attachment", + "isVisible": true + } + ], + "isVisible": true, + "name": "Basic Information", + "query": null, + "queryType": "", + "readOnly": false, + "type": "" + } + ] + }, + "group": "incident", + "id": "XSOAR Dev to Prod", + "mobile": { + "sections": [ + { + "description": "", + "fields": [ + { + "fieldId": "incident_type", + "isVisible": true + }, + { + "fieldId": "incident_name", + "isVisible": true + }, + { + "fieldId": "incident_details", + "isVisible": true + }, + { + "fieldId": "incident_severity", + "isVisible": true + }, + { + "fieldId": "incident_dbotstatus", + "isVisible": true + }, + { + "fieldId": "incident_owner", + "isVisible": true + }, + { + "fieldId": "incident_roles", + "isVisible": true + }, + { + "fieldId": "incident_playbookid", + "isVisible": true + } + ], + "isVisible": true, + "name": "Basic Information", + "query": null, + "queryType": "", + "readOnly": false, + "type": "" + }, + { + "description": "", + "fields": [ + { + "fieldId": "incident_dbotcreated", + "isVisible": true + }, + { + "fieldId": "incident_occurred", + "isVisible": true + }, + { + "fieldId": "incident_dbotduedate", + "isVisible": true + }, + { + "fieldId": "incident_dbotmodified", + "isVisible": true + }, + { + "fieldId": "incident_dbottotaltime", + "isVisible": true + } + ], + "isVisible": true, + "name": "Timeline Information", + "query": null, + "queryType": "", + "readOnly": false, + "type": "" + }, + { + "description": "", + "fields": [ + { + "fieldId": "incident_labels", + "isVisible": true + } + ], + "isVisible": true, + "name": "Labels", + "query": null, + "queryType": "", + "readOnly": true, + "type": "labels" + } + ] + }, + "name": "XSOAR Dev to Prod", + "quickView": { + "sections": [ + { + "description": "", + "fields": [ + { + "fieldId": "incident_type", + "isVisible": true + }, + { + "fieldId": "incident_name", + "isVisible": true + }, + { + "fieldId": "incident_details", + "isVisible": true + }, + { + "fieldId": "incident_severity", + "isVisible": true + }, + { + "fieldId": "incident_dbotstatus", + "isVisible": true + }, + { + "fieldId": "incident_owner", + "isVisible": true + }, + { + "fieldId": "incident_roles", + "isVisible": true + }, + { + "fieldId": "incident_playbookid", + "isVisible": true + } + ], + "isVisible": true, + "name": "Basic Information", + "query": null, + "queryType": "", + "readOnly": false, + "type": "" + }, + { + "description": "", + "fields": [ + { + "fieldId": "incident_dbotcreated", + "isVisible": true + }, + { + "fieldId": "incident_occurred", + "isVisible": true + }, + { + "fieldId": "incident_dbotduedate", + "isVisible": true + }, + { + "fieldId": "incident_dbotmodified", + "isVisible": true + }, + { + "fieldId": "incident_dbottotaltime", + "isVisible": true + } + ], + "isVisible": true, + "name": "Timeline Information", + "query": null, + "queryType": "", + "readOnly": false, + "type": "" + }, + { + "description": "", + "fields": [ + { + "fieldId": "incident_labels", + "isVisible": true + } + ], + "isVisible": true, + "name": "Labels", + "query": null, + "queryType": "", + "readOnly": true, + "type": "labels" + } + ] + }, + "system": false, + "version": -1, + "fromVersion": "6.0.0", + "description": "XSOAR Simple Dev to Prod layout", + "marketplaces": [ + "xsoar" + ] } \ No newline at end of file diff --git a/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Export_Selected_Custom_Content.yml b/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Export_Selected_Custom_Content.yml index 6dd611517b16..64b10a6bdfcd 100644 --- a/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Export_Selected_Custom_Content.yml +++ b/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Export_Selected_Custom_Content.yml @@ -58,7 +58,7 @@ tasks: skipunavailable: false task: brand: '' - description: Download files from Demisto server + description: Download files from XSOAR server id: 3fb995fa-a0bf-4054-8f8c-d829a5ceb5d2 iscommand: true name: Download Custom Content Bundle from Dev @@ -122,8 +122,7 @@ tasks: skipunavailable: false task: brand: "" - description: Checks if the provided Demisto REST API instance is available for - the XSOAR Simple Dev to Prod workflow. + description: Checks if the provided REST API (Core or Demisto) instance is available for the XSOAR Simple Dev to Prod workflow. id: 7f36491b-0d32-469e-8a27-fd14a6f045c5 iscommand: false name: Is the Demisto Dev REST API integration instance enabled? @@ -152,13 +151,10 @@ tasks: skipunavailable: false task: brand: "" - description: "# Setup Demisto Dev\n\nPlease setup a single instance of the Demisto\ - \ REST API Integration for your Development server to continue using this\ - \ playbook. \n\nThis instance must be named **Demisto Dev**.\n\nRerun this\ - \ playbook once completed. \n" + description: "# Setup Demisto Dev\n\nPlease setup a single instance of the Core REST API or Demisto REST API Integration for your Development server to continue using this playbook. \n\nThis instance must be named **Demisto Dev**.\n\nRerun this playbook once completed. \n" id: e09f3cae-5301-451b-85ca-138e4ca93bbf iscommand: false - name: Enable Demisto Dev - Demisto REST API integration instance to continue + name: Enable Demisto Dev - Core or Demisto REST API integration instance to continue type: regular version: -1 taskid: e09f3cae-5301-451b-85ca-138e4ca93bbf @@ -460,626 +456,12 @@ tasks: note: false quietmode: 0 scriptarguments: - accountgroups: {} - accountid: {} - accountinformationbreached: {} - accountname: {} - addLabels: {} - addcctoemail: {} - affecteddata: {} - affecteddatatype: {} - affectedindividualscontactinformation: {} - agentid: {} - alertid: {} - alertname: {} - app: {} - appchannelname: {} - appendMultiSelect: {} - appendTags: {} - applicationid: {} - applicationname: {} - appmessage: {} - approximatenumberofaffecteddatasubjects: {} - assetid: {} - assettable: {} - assigneduser: {} - assignmentgroup: {} - associatedmaliciousdomains: {} - attachmentcount: {} - attachmentextension: {} - attachmenthash: {} - attachmentid: {} - attachmentname: {} - attachmentsize: {} - attachmenttype: {} - attackerhostisolated: {} - attackeripblocked: {} - attorneygeneralnotification: {} - behaviourobjective: {} - behaviourscenario: {} - behaviourtactic: {} - blockedaction: {} - blockedusers: {} - boxsourcecreatedbyid: {} - boxsourcecreatedbyname: {} - boxsourceownerid: {} - boxsourceownername: {} - boxsourceparentid: {} - boxsourceparentname: {} - breachconfirmation: {} - bugtraq: {} - caller: {} - categorycount: {} - city: {} - closeNotes: {} - closeReason: {} - closetime: {} - closingreason: {} - closinguser: {} - cloudservice: {} - commandline: {} - companyaddress: {} - companycity: {} - companycountry: {} - companyhasinsuranceforthebreach: {} - companyname: {} - companypostalcode: {} - compliancenotes: {} - consumerreportingagenciesnotification: {} - contactaddress: {} - contactemailaddress: {} - contactname: {} - contacttelephonenumber: {} - coolhtml: {} - costcenter: {} - costcentercode: {} - country: {} - countryname: {} - countrywherebusinesshasitsmainestablishment: {} - countrywherethebreachtookplace: {} - createddatefailedincidents: {} - credibilityoffense: {} - criticalassets: {} - crowdstrikebehaviourdetails: {} - crowdstrikedevicedetails: {} - customFields: {} - cve: {} - cvss: {} - cvssavailabilityrequirement: {} - cvsscollateraldamagepotential: {} - cvssconfidentialityrequirement: {} - cvssintegrityrequirement: {} - cymulateimmediatethreatsattackid: {} - cymulateimmediatethreatsfiletype: {} - cymulateimmediatethreatsid: {} - cymulateimmediatethreatsmitigations: {} - cymulateimmediatethreatsmodule: {} - cymulateimmediatethreatspayloadname: {} - cymulateimmediatethreatsstatus: {} - cymulateimmediatethreatsvector: {} - dataencryptionstatus: {} - datetimeofthebreach: {} - dbotMirrorDirection: {} - dbotMirrorId: {} - dbotMirrorInstance: {} - dbotMirrorTags: {} - dbotprediction: {} - dbotpredictionprobability: {} - dbottextsuggestionhighlighted: {} - deleteEmptyField: {} - demoboolean: {} - democustomfield: {} - demogridfield: {} - demomultiselect: {} - demosingleselect: {} - department: {} - descriptionasset: {} - descriptionoffense: {} - dest: {} - desthostname: {} - destinationgeolocation: {} - destinationhostname: {} - destinationip: {} - destinationipoffense: {} - destinationips: {} - destinationipv6: {} - destinationmacaddress: {} - destinationnetwork: {} - destinationnetworkoffense: {} - destinationport: {} - destinationports: {} - destntdomain: {} - destos: {} - details: {} - detectedexternalhosts: {} - detectedexternalips: {} - detectedinternalhosts: {} - detectedinternalips: {} - detectedusers: {} - detectionendtime: {} - detectionid: {} - detectionticketed: {} - detectionupdatetime: {} - detectionurl: {} - deviceexternalip: {} - devicehash: {} - deviceid: {} - devicelocalip: {} - devicemodel: {} - devicename: {} - devicetime: {} - displayname: {} - dnsname: {} - domainoffense: {} - dpoemailaddress: {} - dponotification: {} - dstports: {} - duration: {} - email: {} - emailaddress: {} - emailauthenticitycheck: {} - emailbcc: {} - emailbody: {} - emailbodyformat: {} - emailbodyhtml: {} - emailcc: {} - emailclassification: {} - emailclientname: {} - emailfrom: {} - emailgeneratedcode: {} - emailheaders: {} - emailhtml: {} - emailhtmlimage: {} - emailinreplyto: {} - emailkeywords: {} - emaillabels: {} - emaillatestmessage: {} - emailmessageid: {} - emailreceived: {} - emailreplyto: {} - emailreturnpath: {} - emailsenderip: {} - emailsize: {} - emailsource: {} - emailsubject: {} - emailto: {} - emailtocount: {} - emailurlclicked: {} - employeedisplayname: {} - employeeemail: {} - employeemanageremail: {} - errorcode: {} - errormessage: {} - escalation: {} - eventaction: {} - eventdescriptions: {} - eventid: {} - eventnames: {} - events: {} - eventtype: {} - exactlywhathappenedandatwhattimes: {} - expanseactivitystatus: {} - expanseasset: {} - expanseassetorganizationunit: {} - expanseassetowner: {} - expanseassignee: {} - expansebehaviorrule: {} - expansebusinessunit: {} - expansebusinessunits: {} - expansecategory: {} - expansecertificate: {} - expansecreated: {} - expansedomain: {} - expanseexposuretype: {} - expansegeolocation: {} - expanseinitialevidence: {} - expanseip: {} - expanseissueid: {} - expanseissuetype: {} - expanselatestevidence: {} - expansemlfeatures: {} - expansemodified: {} - expanseport: {} - expansepriority: {} - expanseprogressstatus: {} - expanseprotocol: {} - expanseprovider: {} - expanserawjsonevent: {} - expanseregion: {} - expanseservice: {} - expanseseverity: {} - expanseshadowit: {} - expansetags: {} - externaladdresses: {} - extrahopapplianceid: {} - extrahophostname: {} - failedincidentscreateddate: {} - filehash: {} - filehashblocked: {} - filename: {} - filepath: {} - filesize: {} - financialinformationbreached: {} - firstname: {} - firstseen: {} - followup: {} - givenname: {} - healthinsurancebreached: {} - helloworldid: {} - helloworldstatus: {} - helloworldtype: {} - highlevelcategories: {} - hostname: {} - howcouldinformationsharingwithotherorganizationshavebeenimproved: {} - howwastheincidentcontainedanderadicated: {} - howwelldidstaffandmanagementperformindealingwiththeincidentwerethedocumentedproceduresfollowedweretheyadequate: {} - id: {} - idasset: {} - idoffense: {} - incomingmirrorerror: {} - individualsnotification: {} - infectedhostnames: {} - infectedhosts: {} - integrationscategories: {} - integrationsfailedcategories: {} - integrationstestgrid: {} - internaladdresses: {} - investigationstage: {} - ipaddressasset: {} - isolated: {} - isthedatasubjecttodpia: {} - jobcode: {} - jobfamily: {} - jobfunction: {} - labels: {} - lastmirroredintime: {} - lastmodifiedby: {} - lastmodifiedon: {} - lastname: {} - lastseen: {} - lastupdatetime: {} - leadership: {} - likelyimpact: {} - linktooffense: {} - listofrulesevent: {} - listofrulesoffense: {} - location: {} - locationasset: {} - locationregion: {} - loginattemptcount: {} - logsource: {} - logsourcename: {} - logsourcetype: {} - lowlevelcategoriesevents: {} - lowlevelcategoriesoffense: {} - macaddress: {} - macaddressasset: {} - magnitudeoffense: {} - maliciousbehavior: {} - maliciouscauseifthecauseisamaliciousattack: {} - maliciousdomainsblocked: {} - malwarefamily: {} - malwarename: {} - managementnotification: {} - manageremail: {} - manageremailaddress: {} - managername: {} - md5: {} - measurestomitigate: {} - medianotification: {} - medicalinformationbreached: {} - mobiledevicemodel: {} - mobilephone: {} - name: {} - niststage: {} - numberofentriesiderrors: {} - numberofeventsinoffense: {} - numberoffailedincidents: {} - numberoffetchedevents: {} - numberofflows: {} - numberoflogsources: {} - numberofports: {} - numberofuniqueports: {} - occurred: {} - offenseinactive: {} - os: {} - osversion: {} - otherpiidatabreached: {} - outgoingmirrorerror: {} - outofftheoffice: {} - owner: {} - parentprocessid: {} - participants: {} - passwordexpirationstatus: {} - passwordresetuser: {} - personalemail: {} - phase: {} - phishingsubtype: {} - phonenumber: {} - pid: {} - piidatatype: {} - playbooknameswithfailedtasks: {} - playbooksfailedcommands: {} - playbookswithfailedtasks: {} - playbooktaskserrors: {} - policydeleted: {} - policydescription: {} - policydetails: {} - policyid: {} - policyrecommendation: {} - policyremediable: {} - policyseverity: {} - policytype: {} - portsblocked: {} - possiblecauseofthebreach: {} - postalcode: {} - postnatdestinationip: {} - postnatdestinationport: {} - postnatsourceip: {} - postnatsourceport: {} - prenatdestinationport: {} - prenatsourceip: {} - prenatsourceport: {} - prismacloudcomputeactivitytype: {} - prismacloudcomputeappid: {} - prismacloudcomputecategory: {} - prismacloudcomputecollections: {} - prismacloudcomputecommand: {} - prismacloudcomputecontainer: {} - prismacloudcomputecredentialid: {} - prismacloudcomputedistribution: {} - prismacloudcomputeerror: {} - prismacloudcomputeforensic: {} - prismacloudcomputefqdn: {} - prismacloudcomputefunction: {} - prismacloudcomputehost: {} - prismacloudcomputeimage: {} - prismacloudcomputeinteractive: {} - prismacloudcomputekubernetesresource: {} - prismacloudcomputelabels: {} - prismacloudcomputeline: {} - prismacloudcomputelogfile: {} - prismacloudcomputemarkdown: {} - prismacloudcomputemessage: {} - prismacloudcomputeproject: {} - prismacloudcomputeprotected: {} - prismacloudcomputeprovider: {} - prismacloudcomputerawalertjson: {} - prismacloudcomputeregion: {} - prismacloudcomputeregistry: {} - prismacloudcomputerule: {} - prismacloudcomputeruntime: {} - prismacloudcomputeservice: {} - prismacloudcomputeservicetype: {} - prismacloudcomputetotal: {} - prismacloudcomputetype: {} - prismacloudcomputeuser: {} - prismacloudid: {} - prismacloudreason: {} - prismacloudrules: {} - prismacloudstatus: {} - prismacloudtime: {} - proofpointclassification: {} - proofpointcompletelyrewritten: {} - proofpointimpostorscore: {} - proofpointmalwarescore: {} - proofpointphishscore: {} - proofpointspamscore: {} - proofpointthreatsinfomap: {} - protocol: {} - protocolevent: {} - protocols: {} - quarantined: {} - rating: {} - rawevent: {} - rawparticipants: {} - region: {} - regionid: {} - relevanceoffense: {} - replacePlaybook: {} - reporteremailaddress: {} - residentnotificationoption: {} - residentsemailaddress: {} - resourceapiname: {} - resourcecloudtype: {} - resourceid: {} - resourcename: {} - resourcetype: {} - riskrating: {} - riskscore: {} - roles: {} - rrn: {} - samaccountname: {} - sansstage: {} - scansourcetype: {} - secretarynotification: {} - sectorofaffectedparty: {} - servicenowassignedto: {} - servicenowassignmentgroup: {} - servicenowcaller: {} - servicenowcallerid: {} - servicenowcategory: {} - servicenowclosedby: {} - servicenowcloseddate: {} - servicenowdescription: {} - servicenowduedate: {} - servicenowescalation: {} - servicenowimpact: {} - servicenownotify: {} - servicenowopeneddate: {} - servicenowpriority: {} - servicenowresolutioncode: {} - servicenowresolutionnotes: {} - servicenowresolvedtime: {} - servicenowseverity: {} - servicenowstate: {} - servicenowticketnumber: {} - servicenowurgency: {} severity: simple: "0.5" - severityoffense: {} - sha1: {} - sha256: {} - sha512: {} - shadowitaccountowneremail: {} - shadowitaccountownername: {} - shadowitbilledtocorp: {} - shadowitcertificate: {} - shadowitcloudaccountid: {} - shadowitcloudaccounttype: {} - shadowitfqdn: {} - shadowitip: {} - shadowitorganizationalunit: {} - shadowitoucontactemail: {} - shadowitoucontactname: {} - shadowitport: {} - shadowitprovider: {} - shadowitregion: {} - shadowitrisk: {} - shadowitsactionedservice: {} - shadowitsensitivedata: {} - shadowitservice: {} - shadowitservicepurpose: {} - shadowitsource: {} - shadowitusersuggestions: {} - shiftmanagerbriefing: {} - shiftopenincidents: {} - signature: {} - similarincident: {} - similarincidents: {} - sizenumberofemployees: {} - sizeturnover: {} - skuname: {} - skutier: {} - sla: {} - slaField: {} - sourcegeolocation: {} - sourcehostname: {} - sourceip: {} - sourceipoffense: {} - sourceips: {} - sourceipv6: {} - sourcemacaddress: {} - sourcenetwork: {} - sourcenetworkoffense: {} - sourceport: {} - sourceusername: {} - src: {} - srchostname: {} - srcntdomain: {} - srcos: {} - srcports: {} - srcuser: {} - starttime: {} - state: {} - statecisonotification: {} - statewherethebreachtookplace: {} - statusoffense: {} - streetaddress: {} - subcategory: {} - subscriptionassignedby: {} - subscriptioncreatedby: {} - subscriptioncreatedon: {} - subscriptiondescription: {} - subscriptionid: {} - subscriptionname: {} - subscriptiontype: {} - subscriptionupdatedby: {} - subscriptionupdatedon: {} - subtype: {} - successfullogin: {} - suggestionsanddiscussionofhowtoimprovetheteam: {} - surname: {} - switchidasset: {} - switchportidasset: {} - systemdefault: {} - systems: {} - targetfirewallversion: {} - teamname: {} - technicalowner: {} - technicalownercontact: {} - technicaluser: {} - telephoneno: {} - tempgrid: {} - tenantname: {} - terminatedaction: {} - threatactor: {} - ticketacknowledgeddate: {} - ticketcloseddate: {} - ticketnumber: {} - ticketopeneddate: {} - title: {} - tojointhemeeting: {} - tostartthemeeting: {} - totalfailedinstances: {} - totalgoodinstances: {} - totalinstances: {} - trafficdirection: {} - trainingmultiselect: {} - trainingshorttext: {} - trainingteams: {} - triggeredsecurityprofile: {} - type: {} - typeoffense: {} - unassignedincidents: {} - uniquebiometricdatabreached: {} - uniqueidentificationnumberbreached: {} - uniqueports: {} - urlsslverification: {} - user: {} - useraccountcontrol: {} - userdisabledstatus: {} - userid: {} - username: {} - usernamecountoffense: {} - usernames: {} - vendorid: {} - vendorproduct: {} - vpcid: {} - vulnerabilitycategory: {} - wereanystepsoractionstakenthatmighthaveinhibitedtherecovery: {} - whatadditionaltoolsorresourcesareneededtodetectanalyzeandmitigatefutureincidents: {} - whataretheareasthatneedimprovement: {} - whatcorrectiveactionscanpreventsimilarincidentsinthefuture: {} - whatinformationwasneededsooner: {} - whatprecursorsorindicatorsshouldbewatchedforinthefuturetodetectsimilarincidents: {} - whatwasthescopeoftheincident: {} - whatwastheworkperformedduringrecovery: {} - whatweretheareaswherethecirtteamswereeffective: {} - whatwouldthestaffandmanagementdodifferentlythenexttimeasimilarincidentoccurs: {} - whenwastheproblemfirstdetectedandbywhom: {} - whereisdatahosted: {} - workphone: {} - xdralertcount: {} - xdralerts: {} - xdrassigneduseremail: {} - xdrassigneduserprettyname: {} - xdrdescription: {} - xdrdetectiontime: {} - xdrdevicecontrolviolations: {} - xdrdisconnectedendpoints: {} - xdrfileartifacts: {} - xdrhighseverityalertcount: {} - xdrhostcount: {} - xdrincidentid: {} - xdrlowseverityalertcount: {} - xdrmanualseverity: {} - xdrmediumseverityalertcount: {} - xdrmodificationtime: {} - xdrnetworkartifacts: {} - xdrnotes: {} - xdrresolvecomment: {} - xdrstatus: {} - xdrstatusv2: {} - xdrurl: {} - xdrusercount: {} - xsoarReadOnlyRoles: {} xsoardevinstancename: simple: Demisto Dev xsoardevtoprodmethod: simple: Manual - xsoarprodinstancename: {} - zipcode: {} separatecontext: false skipunavailable: false task: @@ -1185,4 +567,4 @@ tests: - No tests (auto formatted) fromversion: 6.0.0 marketplaces: - - xsoar +- xsoar diff --git a/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Export_Selected_Custom_Content_README.md b/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Export_Selected_Custom_Content_README.md index 6fb8535df132..f73ed29eab67 100644 --- a/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Export_Selected_Custom_Content_README.md +++ b/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Export_Selected_Custom_Content_README.md @@ -2,30 +2,37 @@ This playbook is intended to be run as an adhoc job to quickly create a custom c Then you can import this new zip on the other XSOAR server. -Create a Job with the Type “XSOAR Dev to Prod”, and select this playbook to get started. For more information on Jobs: https://xsoar.pan.dev/docs/incidents/incident-jobs +Create a Job with the Type “XSOAR Dev to Prod”, and select this playbook to get started. For more information on Jobs: ## Dependencies + This playbook uses the following sub-playbooks, integrations, and scripts. ### Sub-playbooks + This playbook does not use any sub-playbooks. ### Integrations + * Demisto REST API ### Scripts + * CustomContentBundleWizardry * IsDemistoRestAPIInstanceAvailable ### Commands + * setIncident * demisto-api-download * closeInvestigation ## Playbook Inputs + --- There are no inputs for this playbook. ## Playbook Outputs + --- There are no outputs for this playbook. \ No newline at end of file diff --git a/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Simple_Dev_to_Prod.yml b/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Simple_Dev_to_Prod.yml index 7753e8f39b61..d5cd3f45c9d1 100644 --- a/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Simple_Dev_to_Prod.yml +++ b/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Simple_Dev_to_Prod.yml @@ -1,13 +1,12 @@ description: |- - This playbook is intended to be run as an adhoc job to quickly create a custom content bundle with only selected items from the servers custom content. You can import this new zip on the other XSOAR server, or push it to production using the Demisto REST API integration. + This playbook is intended to be run as an adhoc job to quickly create a custom content bundle with only selected items from the servers custom content. You can import this new zip on the other XSOAR server, or push it to production using the Core REST API or Demisto REST API integration. Please ensure to read the setup instructions for this pack carefully. Create a Job with the Type “XSOAR Dev to Prod”, and select this playbook to get started. For more information on Jobs: https://xsoar.pan.dev/docs/incidents/incident-jobs id: JOB - XSOAR - Simple Dev to Prod inputs: -- description: 'Set this to True to enable pushing the selected content to the Production - XSOAR server. ' +- description: 'Set this to True to enable pushing the selected content to the Production XSOAR server. ' key: dev_2_prod playbookInputQuery: required: false @@ -65,7 +64,7 @@ tasks: skipunavailable: false task: brand: '' - description: Download files from Demisto server + description: Download files from XSOAR server id: 45d6032a-9bfe-4db1-8b27-1e600f74a706 iscommand: true name: Download Custom Content Bundle from Dev @@ -129,11 +128,10 @@ tasks: skipunavailable: false task: brand: "" - description: Checks if the provided Demisto REST API instance is available for - the XSOAR Simple Dev to Prod workflow. + description: Checks if the provided Core REST API or Demisto REST API instance is available for the XSOAR Simple Dev to Prod workflow. id: 4dde15ac-db8b-41e3-8680-4e7927257751 iscommand: false - name: Is the Demisto Dev - Demisto REST API integration instance enabled? + name: Is the Demisto Dev - Core/Demisto REST API integration instance enabled? script: IsDemistoRestAPIInstanceAvailable type: condition version: -1 @@ -159,13 +157,10 @@ tasks: skipunavailable: false task: brand: "" - description: "# Setup Demisto Dev\n\nPlease setup a single instance of the Demisto\ - \ REST API Integration for your Development server to continue using this\ - \ playbook. \n\nThis instance must be named **Demisto Dev**.\n\nRerun this\ - \ playbook once completed. \n\n" + description: "# Setup Demisto Dev\n\nPlease setup a single instance of the Core REST API or Demisto REST API Integration for your Development server to continue using this playbook. \n\nThis instance must be named **Demisto Dev**.\n\nRerun this playbook once completed. \n\n" id: 6b342869-d7bb-4c5a-80f9-f929a0836f69 iscommand: false - name: Enable Demisto Dev - Demisto REST API integration instance to continue + name: Enable Demisto Dev - Core/Demisto REST API integration instance to continue type: regular version: -1 taskid: 6b342869-d7bb-4c5a-80f9-f929a0836f69 @@ -558,606 +553,8 @@ tasks: note: false quietmode: 0 scriptarguments: - accountgroups: {} - accountid: {} - accountinformationbreached: {} - accountname: {} - addLabels: {} - addcctoemail: {} - affecteddata: {} - affecteddatatype: {} - affectedindividualscontactinformation: {} - agentid: {} - alertid: {} - alertname: {} - app: {} - appchannelname: {} - appendMultiSelect: {} - appendTags: {} - applicationid: {} - applicationname: {} - appmessage: {} - approximatenumberofaffecteddatasubjects: {} - assetid: {} - assettable: {} - assigneduser: {} - assignmentgroup: {} - associatedmaliciousdomains: {} - attachmentcount: {} - attachmentextension: {} - attachmenthash: {} - attachmentid: {} - attachmentname: {} - attachmentsize: {} - attachmenttype: {} - attackerhostisolated: {} - attackeripblocked: {} - attorneygeneralnotification: {} - behaviourobjective: {} - behaviourscenario: {} - behaviourtactic: {} - blockedaction: {} - blockedusers: {} - boxsourcecreatedbyid: {} - boxsourcecreatedbyname: {} - boxsourceownerid: {} - boxsourceownername: {} - boxsourceparentid: {} - boxsourceparentname: {} - breachconfirmation: {} - bugtraq: {} - caller: {} - categorycount: {} - city: {} - closeNotes: {} - closeReason: {} - closetime: {} - closingreason: {} - closinguser: {} - cloudservice: {} - commandline: {} - companyaddress: {} - companycity: {} - companycountry: {} - companyhasinsuranceforthebreach: {} - companyname: {} - companypostalcode: {} - compliancenotes: {} - consumerreportingagenciesnotification: {} - contactaddress: {} - contactemailaddress: {} - contactname: {} - contacttelephonenumber: {} - coolhtml: {} - costcenter: {} - costcentercode: {} - country: {} - countryname: {} - countrywherebusinesshasitsmainestablishment: {} - countrywherethebreachtookplace: {} - createddatefailedincidents: {} - credibilityoffense: {} - criticalassets: {} - crowdstrikebehaviourdetails: {} - crowdstrikedevicedetails: {} - customFields: {} - cve: {} - cvss: {} - cvssavailabilityrequirement: {} - cvsscollateraldamagepotential: {} - cvssconfidentialityrequirement: {} - cvssintegrityrequirement: {} - dataencryptionstatus: {} - datetimeofthebreach: {} - dbotMirrorDirection: {} - dbotMirrorId: {} - dbotMirrorInstance: {} - dbotMirrorTags: {} - dbotprediction: {} - dbotpredictionprobability: {} - dbottextsuggestionhighlighted: {} - deleteEmptyField: {} - demoboolean: {} - democustomfield: {} - demogridfield: {} - demomultiselect: {} - demosingleselect: {} - department: {} - descriptionasset: {} - descriptionoffense: {} - dest: {} - desthostname: {} - destinationgeolocation: {} - destinationhostname: {} - destinationip: {} - destinationipoffense: {} - destinationips: {} - destinationipv6: {} - destinationmacaddress: {} - destinationnetwork: {} - destinationnetworkoffense: {} - destinationport: {} - destinationports: {} - destntdomain: {} - destos: {} - details: {} - detectedexternalhosts: {} - detectedexternalips: {} - detectedinternalhosts: {} - detectedinternalips: {} - detectedusers: {} - detectionendtime: {} - detectionid: {} - detectionticketed: {} - detectionupdatetime: {} - detectionurl: {} - deviceexternalip: {} - devicehash: {} - deviceid: {} - devicelocalip: {} - devicemodel: {} - devicename: {} - devicetime: {} - displayname: {} - dnsname: {} - domainoffense: {} - dpoemailaddress: {} - dponotification: {} - dstports: {} - duration: {} - email: {} - emailaddress: {} - emailauthenticitycheck: {} - emailbcc: {} - emailbody: {} - emailbodyformat: {} - emailbodyhtml: {} - emailcc: {} - emailclassification: {} - emailclientname: {} - emailfrom: {} - emailgeneratedcode: {} - emailheaders: {} - emailhtml: {} - emailhtmlimage: {} - emailinreplyto: {} - emailkeywords: {} - emaillabels: {} - emaillatestmessage: {} - emailmessageid: {} - emailreceived: {} - emailreplyto: {} - emailreturnpath: {} - emailsenderip: {} - emailsize: {} - emailsource: {} - emailsubject: {} - emailto: {} - emailtocount: {} - emailurlclicked: {} - employeedisplayname: {} - employeeemail: {} - employeemanageremail: {} - errorcode: {} - errormessage: {} - escalation: {} - eventaction: {} - eventdescriptions: {} - eventid: {} - eventnames: {} - events: {} - eventtype: {} - exactlywhathappenedandatwhattimes: {} - expanseactivitystatus: {} - expanseasset: {} - expanseassetorganizationunit: {} - expanseassetowner: {} - expanseassignee: {} - expansebehaviorrule: {} - expansebusinessunit: {} - expansebusinessunits: {} - expansecategory: {} - expansecertificate: {} - expansecreated: {} - expansedomain: {} - expanseexposuretype: {} - expansegeolocation: {} - expanseinitialevidence: {} - expanseip: {} - expanseissueid: {} - expanseissuetype: {} - expanselatestevidence: {} - expansemlfeatures: {} - expansemodified: {} - expanseport: {} - expansepriority: {} - expanseprogressstatus: {} - expanseprotocol: {} - expanseprovider: {} - expanserawjsonevent: {} - expanseregion: {} - expanseservice: {} - expanseseverity: {} - expanseshadowit: {} - expansetags: {} - externaladdresses: {} - extrahopapplianceid: {} - extrahophostname: {} - failedincidentscreateddate: {} - filehash: {} - filehashblocked: {} - filename: {} - filepath: {} - filesize: {} - financialinformationbreached: {} - firstname: {} - firstseen: {} - followup: {} - givenname: {} - healthinsurancebreached: {} - helloworldid: {} - helloworldstatus: {} - helloworldtype: {} - highlevelcategories: {} - hostname: {} - howcouldinformationsharingwithotherorganizationshavebeenimproved: {} - howwastheincidentcontainedanderadicated: {} - howwelldidstaffandmanagementperformindealingwiththeincidentwerethedocumentedproceduresfollowedweretheyadequate: {} - id: {} - idasset: {} - idoffense: {} - incomingmirrorerror: {} - individualsnotification: {} - infectedhostnames: {} - infectedhosts: {} - integrationscategories: {} - integrationsfailedcategories: {} - integrationstestgrid: {} - internaladdresses: {} - investigationstage: {} - ipaddressasset: {} - isolated: {} - isthedatasubjecttodpia: {} - jobcode: {} - jobfamily: {} - jobfunction: {} - labels: {} - lastmirroredintime: {} - lastmodifiedby: {} - lastmodifiedon: {} - lastname: {} - lastseen: {} - lastupdatetime: {} - leadership: {} - likelyimpact: {} - linktooffense: {} - listofrulesevent: {} - listofrulesoffense: {} - location: {} - locationasset: {} - locationregion: {} - loginattemptcount: {} - logsource: {} - logsourcename: {} - logsourcetype: {} - lowlevelcategoriesevents: {} - lowlevelcategoriesoffense: {} - macaddress: {} - macaddressasset: {} - magnitudeoffense: {} - maliciousbehavior: {} - maliciouscauseifthecauseisamaliciousattack: {} - maliciousdomainsblocked: {} - malwarefamily: {} - malwarename: {} - managementnotification: {} - manageremail: {} - manageremailaddress: {} - managername: {} - md5: {} - measurestomitigate: {} - medianotification: {} - medicalinformationbreached: {} - mobiledevicemodel: {} - mobilephone: {} - name: {} - niststage: {} - numberofentriesiderrors: {} - numberofeventsinoffense: {} - numberoffailedincidents: {} - numberoffetchedevents: {} - numberofflows: {} - numberoflogsources: {} - numberofports: {} - numberofuniqueports: {} - occurred: {} - offenseinactive: {} - os: {} - osversion: {} - otherpiidatabreached: {} - outgoingmirrorerror: {} - owner: {} - parentprocessid: {} - participants: {} - passwordexpirationstatus: {} - passwordresetuser: {} - personalemail: {} - phase: {} - phishingsubtype: {} - phonenumber: {} - pid: {} - piidatatype: {} - playbooknameswithfailedtasks: {} - playbooksfailedcommands: {} - playbookswithfailedtasks: {} - playbooktaskserrors: {} - policydeleted: {} - policydescription: {} - policydetails: {} - policyid: {} - policyrecommendation: {} - policyremediable: {} - policyseverity: {} - policytype: {} - portsblocked: {} - possiblecauseofthebreach: {} - postalcode: {} - postnatdestinationip: {} - postnatdestinationport: {} - postnatsourceip: {} - postnatsourceport: {} - prenatdestinationport: {} - prenatsourceip: {} - prenatsourceport: {} - prismacloudcomputeactivitytype: {} - prismacloudcomputeappid: {} - prismacloudcomputecategory: {} - prismacloudcomputecollections: {} - prismacloudcomputecommand: {} - prismacloudcomputecontainer: {} - prismacloudcomputecredentialid: {} - prismacloudcomputedistribution: {} - prismacloudcomputeerror: {} - prismacloudcomputeforensic: {} - prismacloudcomputefqdn: {} - prismacloudcomputefunction: {} - prismacloudcomputehost: {} - prismacloudcomputeimage: {} - prismacloudcomputeinteractive: {} - prismacloudcomputekubernetesresource: {} - prismacloudcomputelabels: {} - prismacloudcomputeline: {} - prismacloudcomputelogfile: {} - prismacloudcomputemarkdown: {} - prismacloudcomputemessage: {} - prismacloudcomputeproject: {} - prismacloudcomputeprotected: {} - prismacloudcomputeprovider: {} - prismacloudcomputerawalertjson: {} - prismacloudcomputeregion: {} - prismacloudcomputeregistry: {} - prismacloudcomputerule: {} - prismacloudcomputeruntime: {} - prismacloudcomputeservice: {} - prismacloudcomputeservicetype: {} - prismacloudcomputetotal: {} - prismacloudcomputetype: {} - prismacloudcomputeuser: {} - prismacloudid: {} - prismacloudreason: {} - prismacloudrules: {} - prismacloudstatus: {} - prismacloudtime: {} - proofpointclassification: {} - proofpointcompletelyrewritten: {} - proofpointimpostorscore: {} - proofpointmalwarescore: {} - proofpointphishscore: {} - proofpointspamscore: {} - proofpointthreatsinfomap: {} - protocol: {} - protocolevent: {} - protocols: {} - quarantined: {} - rating: {} - rawevent: {} - rawparticipants: {} - region: {} - regionid: {} - relevanceoffense: {} - replacePlaybook: {} - reporteremailaddress: {} - residentnotificationoption: {} - residentsemailaddress: {} - resourceapiname: {} - resourcecloudtype: {} - resourceid: {} - resourcename: {} - resourcetype: {} - riskrating: {} - riskscore: {} - roles: {} - rrn: {} - samaccountname: {} - sansstage: {} - scansourcetype: {} - secretarynotification: {} - sectorofaffectedparty: {} - servicenowassignedto: {} - servicenowassignmentgroup: {} - servicenowcaller: {} - servicenowcallerid: {} - servicenowcategory: {} - servicenowclosedby: {} - servicenowcloseddate: {} - servicenowdescription: {} - servicenowduedate: {} - servicenowescalation: {} - servicenowimpact: {} - servicenownotify: {} - servicenowopeneddate: {} - servicenowpriority: {} - servicenowresolutioncode: {} - servicenowresolutionnotes: {} - servicenowresolvedtime: {} - servicenowseverity: {} - servicenowstate: {} - servicenowticketnumber: {} - servicenowurgency: {} severity: simple: "0.5" - severityoffense: {} - sha1: {} - sha256: {} - sha512: {} - shadowitaccountowneremail: {} - shadowitaccountownername: {} - shadowitbilledtocorp: {} - shadowitcertificate: {} - shadowitcloudaccountid: {} - shadowitcloudaccounttype: {} - shadowitfqdn: {} - shadowitip: {} - shadowitorganizationalunit: {} - shadowitoucontactemail: {} - shadowitoucontactname: {} - shadowitport: {} - shadowitprovider: {} - shadowitregion: {} - shadowitrisk: {} - shadowitsactionedservice: {} - shadowitsensitivedata: {} - shadowitservice: {} - shadowitservicepurpose: {} - shadowitsource: {} - shadowitusersuggestions: {} - signature: {} - similarincident: {} - similarincidents: {} - sizenumberofemployees: {} - sizeturnover: {} - skuname: {} - skutier: {} - sla: {} - slaField: {} - sourcegeolocation: {} - sourcehostname: {} - sourceip: {} - sourceipoffense: {} - sourceips: {} - sourceipv6: {} - sourcemacaddress: {} - sourcenetwork: {} - sourcenetworkoffense: {} - sourceport: {} - sourceusername: {} - src: {} - srchostname: {} - srcntdomain: {} - srcos: {} - srcports: {} - srcuser: {} - starttime: {} - state: {} - statecisonotification: {} - statewherethebreachtookplace: {} - statusoffense: {} - streetaddress: {} - subcategory: {} - subscriptionassignedby: {} - subscriptioncreatedby: {} - subscriptioncreatedon: {} - subscriptiondescription: {} - subscriptionid: {} - subscriptionname: {} - subscriptiontype: {} - subscriptionupdatedby: {} - subscriptionupdatedon: {} - subtype: {} - successfullogin: {} - suggestionsanddiscussionofhowtoimprovetheteam: {} - surname: {} - switchidasset: {} - switchportidasset: {} - systemdefault: {} - systems: {} - targetfirewallversion: {} - teamname: {} - technicalowner: {} - technicalownercontact: {} - technicaluser: {} - telephoneno: {} - tempgrid: {} - tenantname: {} - terminatedaction: {} - threatactor: {} - ticketacknowledgeddate: {} - ticketcloseddate: {} - ticketnumber: {} - ticketopeneddate: {} - title: {} - totalfailedinstances: {} - totalgoodinstances: {} - totalinstances: {} - trafficdirection: {} - trainingmultiselect: {} - trainingteams: {} - triggeredsecurityprofile: {} - type: {} - typeoffense: {} - unassignedincidents: {} - uniquebiometricdatabreached: {} - uniqueidentificationnumberbreached: {} - uniqueports: {} - urlsslverification: {} - user: {} - useraccountcontrol: {} - userdisabledstatus: {} - userid: {} - username: {} - usernamecountoffense: {} - usernames: {} - vendorid: {} - vendorproduct: {} - vpcid: {} - vulnerabilitycategory: {} - wereanystepsoractionstakenthatmighthaveinhibitedtherecovery: {} - whatadditionaltoolsorresourcesareneededtodetectanalyzeandmitigatefutureincidents: {} - whataretheareasthatneedimprovement: {} - whatcorrectiveactionscanpreventsimilarincidentsinthefuture: {} - whatinformationwasneededsooner: {} - whatprecursorsorindicatorsshouldbewatchedforinthefuturetodetectsimilarincidents: {} - whatwasthescopeoftheincident: {} - whatwastheworkperformedduringrecovery: {} - whatweretheareaswherethecirtteamswereeffective: {} - whatwouldthestaffandmanagementdodifferentlythenexttimeasimilarincidentoccurs: {} - whenwastheproblemfirstdetectedandbywhom: {} - whereisdatahosted: {} - workphone: {} - xdralertcount: {} - xdralerts: {} - xdrassigneduseremail: {} - xdrassigneduserprettyname: {} - xdrdescription: {} - xdrdetectiontime: {} - xdrdevicecontrolviolations: {} - xdrdisconnectedendpoints: {} - xdrfileartifacts: {} - xdrhighseverityalertcount: {} - xdrhostcount: {} - xdrincidentid: {} - xdrlowseverityalertcount: {} - xdrmanualseverity: {} - xdrmediumseverityalertcount: {} - xdrmodificationtime: {} - xdrnetworkartifacts: {} - xdrnotes: {} - xdrresolvecomment: {} - xdrstatus: {} - xdrstatusv2: {} - xdrurl: {} - xdrusercount: {} - xsoarReadOnlyRoles: {} xsoardevinstancename: simple: Demisto Dev xsoardevtoprodmethod: @@ -1177,7 +574,6 @@ tasks: operator: If-Then-Else xsoarprodinstancename: simple: Demisto Prod - zipcode: {} separatecontext: false skipunavailable: false task: @@ -1295,11 +691,10 @@ tasks: skipunavailable: false task: brand: "" - description: Checks if the provided Demisto REST API instance is available for - the XSOAR Simple Dev to Prod workflow. + description: Checks if the provided Core REST API or Demisto REST API instance is available for the XSOAR Simple Dev to Prod workflow. id: 2f1df859-7924-4ccd-856c-1f17300cfb5b iscommand: false - name: Is the Demisto Prod - Demisto REST API integration instance enabled? + name: Is the Demisto Prod - Core/Demisto REST API integration instance enabled? script: IsDemistoRestAPIInstanceAvailable type: condition version: -1 @@ -1340,11 +735,10 @@ tasks: skipunavailable: false task: brand: "" - description: Checks the configuration on the Demisto REST API Prod instance - to see if it's correct + description: Checks the configuration on the Core REST API or Demisto REST API Prod instance to see if it's correct id: 511c189a-5f93-4289-8e1f-8404ed0f9a25 iscommand: false - name: Is the Production Demisto REST API setup properly? + name: Is the Production Core/Demisto REST API setup properly? type: condition version: -1 taskid: 511c189a-5f93-4289-8e1f-8404ed0f9a25 @@ -1369,11 +763,7 @@ tasks: skipunavailable: false task: brand: "" - description: "# Setup Instructions for Demisto Prod\n\nThe Demisto Prod - Demisto\ - \ REST API instance must be set to \"Do not use by default\" on the instance\ - \ configuration. \n\nThe check in this playbook indicates this is not set\ - \ properly, please ensure to read the setup instructions for this Pack. \n\ - \nPlease set the **Demisto Prod** instance properly, and re-run this playbook. " + description: "# Setup Instructions for Demisto Prod\n\nThe Demisto Prod - Core REST API or Demisto REST API instance must be set to \"Do not use by default\" on the instance configuration. \n\nThe check in this playbook indicates this is not set properly, please ensure to read the setup instructions for this Pack. \n\nPlease set the **Demisto Prod** instance properly, and re-run this playbook. " id: 40db8672-b761-46e9-8fa9-2b87fb9fc443 iscommand: false name: Demisto Prod Instance not setup properly, provide instructions @@ -1526,10 +916,7 @@ tasks: skipunavailable: false task: brand: "" - description: "The custom content bundle is created, and can be downloaded from\ - \ the Dev to Prod tab. \n\nThis can be uploaded to the production server\ - \ from Settings -> Advanced -> Troubleshooting -> Import Custom Content.\n\ - \nComplete this task to close the job." + description: "The custom content bundle is created, and can be downloaded from the Dev to Prod tab. \n\nThis can be uploaded to the production server from Settings -> Advanced -> Troubleshooting -> Import Custom Content.\n\nComplete this task to close the job." id: 3616c9a8-6c88-46c8-8174-eb51e5fd77fd iscommand: false name: Download Custom Content Bundle @@ -1585,14 +972,10 @@ tasks: skipunavailable: false task: brand: "" - description: "# Setup Demisto Prod\n\nPlease setup a single instance of the\ - \ Demisto REST API Integration for your Production server to continue using\ - \ this playbook. \n\nThis instance must be named **Demisto Prod**, and the\ - \ instance must be marked as **Do not use by default**\n\nRerun this playbook\ - \ once completed. \n\n" + description: "# Setup Demisto Prod\n\nPlease setup a single instance of the Core REST API or Demisto REST API Integration for your Production server to continue using this playbook. \n\nThis instance must be named **Demisto Prod**, and the instance must be marked as **Do not use by default**\n\nRerun this playbook once completed. \n\n" id: 8c9702f6-e0a1-4888-8db8-5c5e5459b798 iscommand: false - name: Enable Demisto Prod - Demisto REST API integration instance to continue + name: Enable Demisto Prod - Core/Demisto REST API integration instance to continue type: regular version: -1 taskid: 8c9702f6-e0a1-4888-8db8-5c5e5459b798 @@ -1622,4 +1005,4 @@ tests: - No tests (auto formatted) fromversion: 6.0.0 marketplaces: - - xsoar +- xsoar diff --git a/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Simple_Dev_to_Prod_README.md b/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Simple_Dev_to_Prod_README.md index a872cad4a912..60dc1d1d88d8 100644 --- a/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Simple_Dev_to_Prod_README.md +++ b/Packs/XSOAR-SimpleDevToProd/Playbooks/playbook-JOB_-_XSOAR_-_Simple_Dev_to_Prod_README.md @@ -2,28 +2,34 @@ This playbook is intended to be run as an adhoc job to quickly create a custom c Please ensure to read the setup instructions for this pack carefully. -Create a Job with the Type “XSOAR Dev to Prod”, and select this playbook to get started. For more information on Jobs: https://xsoar.pan.dev/docs/incidents/incident-jobs +Create a Job with the Type “XSOAR Dev to Prod”, and select this playbook to get started. For more information on Jobs: ## Dependencies + This playbook uses the following sub-playbooks, integrations, and scripts. ### Sub-playbooks + This playbook does not use any sub-playbooks. ### Integrations + * Demisto REST API ### Scripts + * CustomContentBundleWizardry * IsDemistoRestAPIInstanceAvailable ### Commands + * demisto-api-download * closeInvestigation * demisto-api-multipart * setIncident ## Playbook Inputs + --- | **Name** | **Description** | **Default Value** | **Required** | @@ -31,5 +37,6 @@ This playbook does not use any sub-playbooks. | dev_2_prod | Set this to True to enable pushing the selected content to the Production XSOAR server. | True | Optional | ## Playbook Outputs + --- There are no outputs for this playbook. \ No newline at end of file diff --git a/Packs/XSOAR-SimpleDevToProd/README.md b/Packs/XSOAR-SimpleDevToProd/README.md index 54012dfb9252..8194ab1e5a71 100644 --- a/Packs/XSOAR-SimpleDevToProd/README.md +++ b/Packs/XSOAR-SimpleDevToProd/README.md @@ -2,10 +2,11 @@ This pack enables a simple Dev to Prod workflow for your XSOAR **custom content** items, such as playbooks, automations, BYOI integrations, custom fields, etc. -You can use this pack to select and export your custom content to a zip, which can be manually imported into production, or you can use the Demisto REST API to automate the whole thing. +You can use this pack to select and export your custom content to a zip, which can be manually imported into production, or you can use the Core REST API to automate the whole thing. It includes a pair of playbooks which should be run as Jobs in XSOAR, to export a selected custom content bundle, or enable an automated push of custom content from your XSOAR Development Server to the XSOAR Production Server. For more information on jobs you can refer to the XSOAR documentation on [XSOAR Jobs](https://xsoar.pan.dev/docs/incidents/incident-jobs). +Tested with version 6.12 and 8.4 of Cortex XSOAR. ## Setup Instructions @@ -25,15 +26,15 @@ To begin, you need to setup the following: This pack also includes another playbook which can remove the manual effort of uploading custom content. However this requires that your XSOAR Development Server have connectivity to the REST API of your XSOAR Production server on port 443. Note that firewalls or WAFs between the XSOAR servers could potentially impact this push. -The **JOB - XSOAR - Simple Dev to Prod** playbook uses an instance of the Demisto REST API integration that is configured against your XSOAR Production Server to enable pushing the custom content you select via the REST API. +The **JOB - XSOAR - Simple Dev to Prod** playbook uses an instance of the Core REST API integration that is configured against your XSOAR Production Server to enable pushing the custom content you select via the REST API. To begin, you need to setup the following: 1. Ensure your **Common Scripts** Pack is updated via the Marketplace. This pack makes use of the ZipFile automation from that pack. -2. Create an instance of the Demisto REST API integration on your XSOAR Development Server, where the instance name is **Demisto Dev**. +2. Create an instance of the Core REST API integration on your XSOAR Development Server, where the instance name is **Demisto Dev**. -3. Create an instance of the Demisto REST API integration on your XSOAR Development Server, *for your XSOAR Production Server*, where the instance name is **Demisto Prod**. +3. Create an instance of the Core REST API integration on your XSOAR Development Server, *for your XSOAR Production Server*, where the instance name is **Demisto Prod**. * The instance configuration, select "Do not use by default", see below for more details. * The instance should point to the resolveable URL for the prod server, and requires an API KEY generated on the prod server. @@ -50,7 +51,7 @@ If you are intending to use the **JOB - XSOAR - Simple Dev to Prod** playbook fo * This ensures any other playbooks in your Development Server which use the Demisto Rest API integration don't try and use the Demisto Prod instance that you may have setup as part of this pack. * The "Do not use by default" setting also ensures that users running manually Demisto Rest API integration commands via the Command Line Interface (CLI) don't use the Demisto Prod instance by mistake. -2. Restrict access to the Demisto Prod integration instance commands to approved XSOAR Administrators. This can be done via Settings -> Users and Roles -> Integration Permissions. Refer to the XSOAR Administrator guide for [Integration Permissions](https://docs.paloaltonetworks.com/content/techdocs/en_US/cortex/cortex-xsoar/6-1/cortex-xsoar-admin/users-and-roles/integration-permissions.html#ida5e08d7e-348a-402b-bbfc-d051212913c0) for more details. +2. Restrict access to the Demisto Prod integration instance commands to approved XSOAR Administrators, please refer to the [Cortex XSOAR Administrators Guide](https://docs-cortex.paloaltonetworks.com/p/XSOAR) for your version for how to do this. * Permissions on the Demisto Prod instance should be restricted to users in the appropriate XSOAR roles (e.g. Administrators) * Note that restricting access will not prevent the playbooks from running, this is simply a good security best practice. diff --git a/Packs/XSOAR-SimpleDevToProd/ReleaseNotes/1_0_6.md b/Packs/XSOAR-SimpleDevToProd/ReleaseNotes/1_0_6.md new file mode 100644 index 000000000000..15a4733385c4 --- /dev/null +++ b/Packs/XSOAR-SimpleDevToProd/ReleaseNotes/1_0_6.md @@ -0,0 +1,41 @@ +#### Playbooks + +##### JOB - XSOAR - Export Selected Custom Content + +- Updated descriptions to include reference to the Core REST API integration, as this can now be used in this pack. + +##### JOB - XSOAR - Simple Dev to Prod + +- Updated descriptions to include reference to the Core REST API integration, as this can now be used in this pack. + +#### Scripts + +##### CustomContentBundleWizardry +- Updated the Docker image to: *demisto/python3:3.10.13.80014*. + +##### IsDemistoRestAPIInstanceAvailable +- Updated the Docker image to: *demisto/python3:3.10.13.80014*. +- Modified to work with both the Core REST API and Demisto REST API integrations. + +#### Incident Fields + +##### XSOAR Dev Instance Name +- Updated to add Core Rest API to tooltip. + +##### XSOAR Dev to Prod Method +- Updated to add Core Rest API to tooltip. + +##### XSOAR Prod Instance Name +- Updated to add Core Rest API to tooltip. + +#### Layouts + +##### XSOAR Dev to Prod + +- Added reference to Core REST API integration. + + +#### Incident Types + +##### XSOAR Dev to Prod +- Formatting Changes from SDK. diff --git a/Packs/XSOAR-SimpleDevToProd/Scripts/CustomContentBundleWizardry/CustomContentBundleWizardry.yml b/Packs/XSOAR-SimpleDevToProd/Scripts/CustomContentBundleWizardry/CustomContentBundleWizardry.yml index 261a284baac8..c79511abbea6 100644 --- a/Packs/XSOAR-SimpleDevToProd/Scripts/CustomContentBundleWizardry/CustomContentBundleWizardry.yml +++ b/Packs/XSOAR-SimpleDevToProd/Scripts/CustomContentBundleWizardry/CustomContentBundleWizardry.yml @@ -16,12 +16,12 @@ comment: This automation accepts an XSOAR custom content bundle, and either retu commonfields: id: CustomContentBundleWizardry version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.80014 enabled: true name: CustomContentBundleWizardry outputs: - contextPath: CustomContent - description: List of files in the custom content bundle + description: List of files in the custom content bundle. runas: DBotWeakRole script: '' scripttarget: 0 diff --git a/Packs/XSOAR-SimpleDevToProd/Scripts/CustomContentBundleWizardry/README.md b/Packs/XSOAR-SimpleDevToProd/Scripts/CustomContentBundleWizardry/README.md index 147c8ab44585..be65c4a60c5b 100644 --- a/Packs/XSOAR-SimpleDevToProd/Scripts/CustomContentBundleWizardry/README.md +++ b/Packs/XSOAR-SimpleDevToProd/Scripts/CustomContentBundleWizardry/README.md @@ -1,6 +1,7 @@ This automation accepts an XSOAR custom content bundle, and either returns a list of file names, or the files you want to the war room. ## Script Data + --- | **Name** | **Description** | @@ -10,6 +11,7 @@ This automation accepts an XSOAR custom content bundle, and either returns a lis | Cortex XSOAR Version | 6.0.0 | ## Inputs + --- | **Argument Name** | **Description** | @@ -19,6 +21,7 @@ This automation accepts an XSOAR custom content bundle, and either returns a lis | file_names | Array of file names to export, generated from the listfiles action. | ## Outputs + --- | **Path** | **Description** | **Type** | diff --git a/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/IsDemistoRestAPIInstanceAvailable.py b/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/IsDemistoRestAPIInstanceAvailable.py index 8056f628dd8d..2438e6d587c0 100644 --- a/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/IsDemistoRestAPIInstanceAvailable.py +++ b/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/IsDemistoRestAPIInstanceAvailable.py @@ -1,10 +1,10 @@ import demistomock as demisto # noqa: F401 from CommonServerPython import * # noqa: F401 -brandName = "Demisto REST API" +brandNames = ["demisto rest api", "core rest api"] instanceName = demisto.args().get('instanceName') allInstances = demisto.getModules() brandInstances = [instanceName for instanceName in allInstances if allInstances[instanceName]['brand'].lower( -) == brandName.lower() and demisto.get(allInstances[instanceName], 'state') and allInstances[instanceName]['state'] == 'active'] +) in brandNames and demisto.get(allInstances[instanceName], 'state') and allInstances[instanceName]['state'] == 'active'] if brandInstances and instanceName in brandInstances: instance = allInstances.get(instanceName) instance['name'] = instanceName diff --git a/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/IsDemistoRestAPIInstanceAvailable.yml b/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/IsDemistoRestAPIInstanceAvailable.yml index d7ca8bf82d99..708000b29d5b 100644 --- a/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/IsDemistoRestAPIInstanceAvailable.yml +++ b/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/IsDemistoRestAPIInstanceAvailable.yml @@ -1,13 +1,13 @@ args: -- description: The name of the Demisto REST API instance to check. +- description: The name of the Core/Demisto REST API instance to check. name: instanceName required: true -comment: Checks if the provided Demisto REST API instance is available for the XSOAR Simple Dev to Prod workflow. +comment: Checks if the provided Core/Demisto REST API instance is available for the XSOAR Simple Dev to Prod workflow. commonfields: id: IsDemistoRestAPIInstanceAvailable id_x2: IsCoreRestAPIInstanceAvailable version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.80014 enabled: true name: IsDemistoRestAPIInstanceAvailable name_x2: IsCoreRestAPIInstanceAvailable diff --git a/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/README.md b/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/README.md index 5b61348793ef..311faa44ce2d 100644 --- a/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/README.md +++ b/Packs/XSOAR-SimpleDevToProd/Scripts/IsDemistoRestAPIInstanceAvailable/README.md @@ -1,6 +1,7 @@ Checks if the provided Cortex XSOAR REST API instance is available for the XSOAR Simple Dev to Prod workflow. ## Script Data + --- | **Name** | **Description** | @@ -9,13 +10,15 @@ Checks if the provided Cortex XSOAR REST API instance is available for the XSOAR | Tags | Condition, infra | ## Inputs + --- | **Argument Name** | **Description** | | --- | --- | -| instanceName | The name of the Demisto REST API instance to check. | +| instanceName | The name of the Core/Demisto REST API instance to check. | ## Outputs + --- | **Path** | **Description** | **Type** | diff --git a/Packs/XSOAR-SimpleDevToProd/pack_metadata.json b/Packs/XSOAR-SimpleDevToProd/pack_metadata.json index 3505a18b9356..58aafba6a515 100644 --- a/Packs/XSOAR-SimpleDevToProd/pack_metadata.json +++ b/Packs/XSOAR-SimpleDevToProd/pack_metadata.json @@ -1,11 +1,11 @@ { "name": "XSOAR - Simple Dev to Prod", - "description": "This pack simplifies exporting custom content items such as Playbooks, Automations, BYOI integrations, etc between your XSOAR Development and Production environments.", + "description": "This pack simplifies exporting custom content items between your XSOAR environments.", "support": "community", - "currentVersion": "1.0.5", - "author": "beauchompers", + "currentVersion": "1.0.6", + "author": "Mike Beauchamp", "url": "", - "email": "", + "email": "mbeauchamp@paloaltonetworks.com", "created": "2021-01-30T19:15:18Z", "categories": [ "Utilities" @@ -17,7 +17,6 @@ "beauchompers" ], "marketplaces": [ - "xsoar", - "marketplacev2" + "xsoar" ] } \ No newline at end of file