From ea23480d417d11f49d6300c6b8f19d376105000c Mon Sep 17 00:00:00 2001 From: michal-dagan Date: Wed, 28 Feb 2024 12:51:42 +0200 Subject: [PATCH 1/3] update demisto.error --- Packs/EDL/Integrations/EDL/EDL.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Packs/EDL/Integrations/EDL/EDL.py b/Packs/EDL/Integrations/EDL/EDL.py index cb9a2e5f9bd4..4afa4d2b0a6e 100644 --- a/Packs/EDL/Integrations/EDL/EDL.py +++ b/Packs/EDL/Integrations/EDL/EDL.py @@ -350,6 +350,8 @@ def get_indicators_to_format(indicator_searcher: IndicatorsSearcher, for ioc_res in indicator_searcher: fetched_iocs = ioc_res.get('iocs') or [] for ioc in fetched_iocs: + demisto.debug(f"Parsing the following indicator: {ioc.get("value")}") + ioc_counter += 1 if request_args.out_format == FORMAT_PROXYSG: files_by_category = create_proxysg_out_format(ioc, files_by_category, request_args) @@ -374,7 +376,7 @@ def get_indicators_to_format(indicator_searcher: IndicatorsSearcher, break except Exception as e: - demisto.error(f'Error parsing the following indicator: {ioc.get("value")}\n{e}') + demisto.error(f'Error in parsing the indicators, error: {e}') # 429 error can only be raised when the Elasticsearch instance encountered an error if '[429] Failed with error' in str(e): version = demisto.demistoVersion() From cb9cd07f0f1d7471cc3e0d3dec857077633da717 Mon Sep 17 00:00:00 2001 From: michal-dagan Date: Wed, 28 Feb 2024 13:05:22 +0200 Subject: [PATCH 2/3] update demisto.error --- Packs/EDL/Integrations/EDL/EDL.py | 2 +- Packs/EDL/ReleaseNotes/3_2_20.md | 6 ++++++ Packs/EDL/pack_metadata.json | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 Packs/EDL/ReleaseNotes/3_2_20.md diff --git a/Packs/EDL/Integrations/EDL/EDL.py b/Packs/EDL/Integrations/EDL/EDL.py index 4afa4d2b0a6e..40c632e82e52 100644 --- a/Packs/EDL/Integrations/EDL/EDL.py +++ b/Packs/EDL/Integrations/EDL/EDL.py @@ -376,7 +376,7 @@ def get_indicators_to_format(indicator_searcher: IndicatorsSearcher, break except Exception as e: - demisto.error(f'Error in parsing the indicators, error: {e}') + demisto.error(f'Error in parsing the indicators, error: {str(e)}') # 429 error can only be raised when the Elasticsearch instance encountered an error if '[429] Failed with error' in str(e): version = demisto.demistoVersion() diff --git a/Packs/EDL/ReleaseNotes/3_2_20.md b/Packs/EDL/ReleaseNotes/3_2_20.md new file mode 100644 index 000000000000..ea81bbec86cb --- /dev/null +++ b/Packs/EDL/ReleaseNotes/3_2_20.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### Generic Export Indicators Service + +Improved error handling in the *get_indicators_to_format* function to account for cases where IOC values are not always defined. \ No newline at end of file diff --git a/Packs/EDL/pack_metadata.json b/Packs/EDL/pack_metadata.json index 1960f83d90bb..6c644f960b2f 100644 --- a/Packs/EDL/pack_metadata.json +++ b/Packs/EDL/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Generic Export Indicators Service", "description": "Use this pack to generate a list based on your Threat Intel Library, and export it to ANY other product in your network, such as your firewall, agent or SIEM. This pack is built for ongoing distribution of indicators from XSOAR to other products in the network, by creating an endpoint with a list of indicators that can be pulled by external vendors.", "support": "xsoar", - "currentVersion": "3.2.19", + "currentVersion": "3.2.20", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From a6e96ae52f16dc7e9fc5e492bb30ab90c8697903 Mon Sep 17 00:00:00 2001 From: michal-dagan Date: Wed, 28 Feb 2024 13:35:27 +0200 Subject: [PATCH 3/3] pre-commit --- Packs/EDL/Integrations/EDL/EDL.py | 2 +- Packs/EDL/Integrations/EDL/EDL.yml | 2 +- Packs/EDL/Integrations/EDL/EDL_test.py | 18 +++++++++--------- Packs/EDL/ReleaseNotes/3_2_20.md | 3 ++- 4 files changed, 13 insertions(+), 12 deletions(-) diff --git a/Packs/EDL/Integrations/EDL/EDL.py b/Packs/EDL/Integrations/EDL/EDL.py index 40c632e82e52..964639cf99b2 100644 --- a/Packs/EDL/Integrations/EDL/EDL.py +++ b/Packs/EDL/Integrations/EDL/EDL.py @@ -350,7 +350,7 @@ def get_indicators_to_format(indicator_searcher: IndicatorsSearcher, for ioc_res in indicator_searcher: fetched_iocs = ioc_res.get('iocs') or [] for ioc in fetched_iocs: - demisto.debug(f"Parsing the following indicator: {ioc.get("value")}") + demisto.debug(f"Parsing the following indicator: {ioc.get('value')}") ioc_counter += 1 if request_args.out_format == FORMAT_PROXYSG: diff --git a/Packs/EDL/Integrations/EDL/EDL.yml b/Packs/EDL/Integrations/EDL/EDL.yml index 63ed6b752362..cad0b88073dc 100644 --- a/Packs/EDL/Integrations/EDL/EDL.yml +++ b/Packs/EDL/Integrations/EDL/EDL.yml @@ -432,7 +432,7 @@ script: - 'False' - 'True' description: Updates values stored in the List (only available On-Demand). - dockerimage: demisto/flask-nginx:1.0.0.85991 + dockerimage: demisto/flask-nginx:1.0.0.87872 longRunning: true longRunningPort: true script: '-' diff --git a/Packs/EDL/Integrations/EDL/EDL_test.py b/Packs/EDL/Integrations/EDL/EDL_test.py index 6b48a803b65d..ae87bd1e8a0a 100644 --- a/Packs/EDL/Integrations/EDL/EDL_test.py +++ b/Packs/EDL/Integrations/EDL/EDL_test.py @@ -102,11 +102,11 @@ def test_get_edl_on_demand__with_cache(self, mocker): mocker.patch.object(edl, 'get_integration_context', return_value={}) actual_edl, original_indicators_count = edl.get_edl_on_demand() - with open(edl.EDL_ON_DEMAND_CACHE_PATH, 'r') as f: + with open(edl.EDL_ON_DEMAND_CACHE_PATH) as f: expected_edl = f.read() assert actual_edl == expected_edl - assert edl.EDL_ON_DEMAND_CACHE_ORIGINAL_SIZE == original_indicators_count + assert original_indicators_count == edl.EDL_ON_DEMAND_CACHE_ORIGINAL_SIZE def test_get_edl_on_demand__with_refresh_signal(self, mocker): """ @@ -127,7 +127,7 @@ def test_get_edl_on_demand__with_refresh_signal(self, mocker): mocker.patch.object(edl, 'create_new_edl', return_value=(expected_edl, 1)) actual_edl, _ = edl.get_edl_on_demand() - with open(edl.EDL_ON_DEMAND_CACHE_PATH, 'r') as f: + with open(edl.EDL_ON_DEMAND_CACHE_PATH) as f: cached_edl = f.read() assert actual_edl == expected_edl == cached_edl @@ -228,7 +228,7 @@ def test_create_new_edl_edge_cases(self, mocker, requests_mock): {"value": "*.co.uk", "indicator_type": "Domain"}, # tld {"value": "*.google.com", "indicator_type": "Domain"}, # no tld {"value": "aא.com", "indicator_type": "URL"}] # no ascii - f = '\n'.join((json.dumps(indicator) for indicator in indicators)) + f = '\n'.join(json.dumps(indicator) for indicator in indicators) request_args = edl.RequestArguments(collapse_ips=DONT_COLLAPSE, maximum_cidr_size=2) mocker.patch.object(edl, 'get_indicators_to_format', return_value=(io.StringIO(f), 6)) edl_v, _ = edl.create_new_edl(request_args) @@ -272,7 +272,7 @@ def test_create_new_edl_with_offset(self, mocker, requests_mock): {"value": "*.co.uk", "indicator_type": "Domain"}, # tld {"value": "*.google.com", "indicator_type": "Domain"}, # no tld {"value": "aא.com", "indicator_type": "URL"}] # no ascii - f = '\n'.join((json.dumps(indicator) for indicator in indicators)) + f = '\n'.join(json.dumps(indicator) for indicator in indicators) # create_new_edl with no offset request_args = edl.RequestArguments(collapse_ips=DONT_COLLAPSE, maximum_cidr_size=8) @@ -299,7 +299,7 @@ def test_create_json_out_format(self): """ from EDL import create_json_out_format, RequestArguments returned_output = [] - with open('test_data/demisto_url_iocs.json', 'r') as iocs_json_f: + with open('test_data/demisto_url_iocs.json') as iocs_json_f: iocs_json = json.loads(iocs_json_f.read()) # strips port numbers @@ -328,7 +328,7 @@ def test_create_csv_out_format(self): - assert the result """ from EDL import create_csv_out_format, RequestArguments - with open('test_data/demisto_url_iocs.json', 'r') as iocs_json_f: + with open('test_data/demisto_url_iocs.json') as iocs_json_f: iocs_json = json.loads(iocs_json_f.read()) request_args = RequestArguments(query='', drop_invalids=True, url_port_stripping=True, url_protocol_stripping=True) @@ -353,7 +353,7 @@ def test_create_mwg_out_format(self): - assert the result """ from EDL import create_mwg_out_format, RequestArguments - with open('test_data/demisto_url_iocs.json', 'r') as iocs_json_f: + with open('test_data/demisto_url_iocs.json') as iocs_json_f: iocs_json = json.loads(iocs_json_f.read()) request_args = RequestArguments(query='', drop_invalids=True, url_port_stripping=True, url_protocol_stripping=True) @@ -381,7 +381,7 @@ def test_create_proxysg_out_format(self): """ from EDL import create_proxysg_out_format, RequestArguments, create_proxysg_all_category_out_format files_by_category = {} - with open('test_data/demisto_url_iocs.json', 'r') as iocs_json_f: + with open('test_data/demisto_url_iocs.json') as iocs_json_f: iocs_json = json.loads(iocs_json_f.read()) request_args = RequestArguments(query='', drop_invalids=True, url_port_stripping=True, diff --git a/Packs/EDL/ReleaseNotes/3_2_20.md b/Packs/EDL/ReleaseNotes/3_2_20.md index ea81bbec86cb..23bdcafb4934 100644 --- a/Packs/EDL/ReleaseNotes/3_2_20.md +++ b/Packs/EDL/ReleaseNotes/3_2_20.md @@ -3,4 +3,5 @@ ##### Generic Export Indicators Service -Improved error handling in the *get_indicators_to_format* function to account for cases where IOC values are not always defined. \ No newline at end of file +- Improved error handling in the *get_indicators_to_format* function for cases where IOC values are not always defined. +- Updated the Docker image to: *demisto/flask-nginx:1.0.0.87872*. \ No newline at end of file