[VirusTotal] Add custom fields to indicators #35349
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…into virustotal-custom-indicator-fields
barryyosi-panw
requested review from
thefrieddan1
and removed request for
barryyosi-panw
…into virustotal-custom-indicator-fields
ssokolovich
reviewed
Jul 11, 2024
Packs/VirusTotal/IndicatorFields/indicatorfield-VT_Engine_Detection_Names.json
Outdated
Show resolved
Hide resolved
Packs/VirusTotal/IndicatorFields/indicatorfield-VT_Engine_Detections.json
Outdated
Show resolved
Hide resolved
Packs/VirusTotal/IndicatorFields/indicatorfield-VT_Engine_Vendors.json
Outdated
Show resolved
Hide resolved
…ction_Names.json Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com>
…ctions.json Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com>
…ors.json Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com>
I have just uploaded a demo video to the virustotal channel on Slack :) |
| if self.vt_detection_names is not None: | ||
| file_context['VTVendors']['EngineDetectionNames'] = self.vt_detection_names | ||
|
|
||
| if not file_context['VTVendors']: |
There was a problem hiding this comment.
Consider using the same convention as in other if statements
if not file_context['VTVendors']:
or
if file_context['VTVendors'] is not None:
@pabloperezj |
Hi @thefrieddan1, virustotal-partner channel on Demisto DFIR Community. Here is the video! :) vt-custom-fields.mp4 |
|
@ssokolovich @thefrieddan1 @MLainer1 Doc review completed. |
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
thefrieddan1
added
the
ready-for-instance-test
thefrieddan1
approved these changes
Jul 16, 2024
thefrieddan1
merged commit 91a4d31
into
demisto:contrib/VirusTotal_virustotal-custom-indicator-fields
16 of 20 checks passed
|
Thank you for your contribution. Your external PR has been merged and the changes are now included in an internal PR for further review. The internal PR will be merged to the master branch within 3 business days. |
thefrieddan1
added a commit
that referenced
this pull request
Jul 16, 2024
* [VirusTotal] Add custom fields to indicators (#35349) * Add custom fields * nit * Lint * Update docker image * Update readme and release notes * Update fields * Update release note * Update all indicators * Update version * Restore unused fields * Update Packs/VirusTotal/IndicatorFields/indicatorfield-VT_Engine_Detection_Names.json Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> * Update Packs/VirusTotal/IndicatorFields/indicatorfield-VT_Engine_Detections.json Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> * Update Packs/VirusTotal/IndicatorFields/indicatorfield-VT_Engine_Vendors.json Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/ReleaseNotes/2_6_21.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/ReleaseNotes/2_6_22.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * RN and known words. --------- Co-authored-by: Pablo Pérez <122302023+pabloperezj@users.noreply.github.com> Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Danny_Fried <dfried@paloaltonetworks.com>
xsoar-bot
pushed a commit
to xsoar-contrib/content
that referenced
this pull request
Sep 10, 2024
* [VirusTotal] Add custom fields to indicators (demisto#35349) * Add custom fields * nit * Lint * Update docker image * Update readme and release notes * Update fields * Update release note * Update all indicators * Update version * Restore unused fields * Update Packs/VirusTotal/IndicatorFields/indicatorfield-VT_Engine_Detection_Names.json Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> * Update Packs/VirusTotal/IndicatorFields/indicatorfield-VT_Engine_Detections.json Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> * Update Packs/VirusTotal/IndicatorFields/indicatorfield-VT_Engine_Vendors.json Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/ReleaseNotes/2_6_21.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/ReleaseNotes/2_6_22.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * RN and known words. --------- Co-authored-by: Pablo Pérez <122302023+pabloperezj@users.noreply.github.com> Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Danny_Fried <dfried@paloaltonetworks.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: link to the issue
Description
A few sentences describing the overall goals of the pull request's commits.
Must have