Skip to content

Commit

Permalink
Jang lookup indicator exception bugfix (#5)
Browse files Browse the repository at this point in the history 
* fixed bearer_token error. fixed lookup indicaor exception error

* change app version to 9.X to indicate test release

* change app version to 9.X to indicate test release

* update lookup_indicator action to return success on no results

* Change App Version and update connector json based on developer checklist

* Change minor app version instead of major

* update the unreleased.md file and pre-commit changes

* Remove the extra .tgz File

* Empty commit for pipeline rerun

* Update autoescape check

* Update autoescape changes

* Update app version

---------

Co-authored-by: achandya <achandya@splunk.com>
  • Loading branch information
@jang-splunk @achandya-crest
jang-splunk and achandya-crest authored Oct 20, 2023
1 parent 925029c commit 783f90a
Show file tree
Hide file tree
Showing 7 changed files with 25 additions and 25 deletions.
2 changes: 1 addition & 1 deletion LICENSE
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,4 +198,4 @@
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
limitations under the License.
2 changes: 0 additions & 2 deletions exclude_files.txt
View file

This file was deleted.

5 changes: 1 addition & 4 deletions mandiantadvantagethreatintelligence.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
"product_version_regex": ".*",
"publisher": "Mandiant",
"license": "Copyright (c) Mandiant, 2023",
"app_version": "1.1.0",
"app_version": "1.2.0",
"utctime_updated": "2023-09-27T12:49:57.781171",
"package_name": "phantom_mandiantadvantagethreatintelligence",
"main_module": "mandiantadvantagethreatintelligence_connector.py",
Expand Down Expand Up @@ -1378,13 +1378,11 @@
"days": {
"description": "Days to retrieve reports from",
"data_type": "numeric",
"primary": true,
"order": 0
},
"report_type": {
"description": "Report Type Filter",
"data_type": "string",
"default": "",
"value_list": [
"Actor Profile",
"Event Coverage/Implication",
Expand Down Expand Up @@ -1468,7 +1466,6 @@
"query": {
"description": "Search query",
"data_type": "string",
"primary": true,
"order": 0
}
},
Expand Down
16 changes: 16 additions & 0 deletions mandiantadvantagethreatintelligence_connector.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -219,6 +219,22 @@ def _handle_indicator_lookup(self, param, action_result):
if phantom.is_fail(ret_val):
self.save_progress("Error getting indicator info")
return action_result.set_status(phantom.APP_ERROR, "Error getting indicator info")
else:
indicators = response.get('indicators')
if not isinstance(indicators, list):
# this seems to happen if there are no results. Returning as a valid response
self.save_progress("No results from platform")
data = {'status': "no results"}
action_result.add_data(data)
action_result.set_summary(data)
return action_result.set_status(phantom.APP_SUCCESS)
elif len(indicators) == 0:
# does this ever happen and if it does is this an error or also a valid response?
self.save_progress("Empty indicators list")
data = {'status': "indicators list is empty"}
action_result.add_data(data)
action_result.set_summary(data)
return action_result.set_status(phantom.APP_SUCCESS)

if not response.get("indicators", []):
self.save_progress("No indicators retrieved from Mandiant")
Expand Down
4 changes: 1 addition & 3 deletions mandiantthreatintelligence_view_report.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,9 +99,7 @@
</a>
<br/>
{% if result.data %}
{% autoescape off %}
{{ result.data.0.report }}
{% endautoescape %}
{{ result.data.0.report|safe }}
{% endif %}
<br>

Expand Down
20 changes: 5 additions & 15 deletions mandiantthreatintelligence_view_vulnerability.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,18 +130,14 @@
<tr>
<th>Executive Summary</th>
<td>
{% autoescape off %}
{{ vulnerability.executive_summary }}
{% endautoescape %}
{{ vulnerability.executive_summary|safe }}
</td>
</tr>
<tr>
<th>Description</th>
<td>
{% if vulnerability.description %}
{% autoescape off %}
{{ vulnerability.description }}
{% endautoescape %}
{{ vulnerability.description|safe }}
{% else %}
No description available
{% endif %}
Expand All @@ -150,9 +146,7 @@
<tr>
<th>Analysis</th>
<td>
{% autoescape off %}
{{ vulnerability.analysis }}
{% endautoescape %}
{{ vulnerability.analysis|safe }}
</td>
</tr>
<tr>
Expand Down Expand Up @@ -244,9 +238,7 @@
<tr>
<th>Vulnerable Products</th>
<td style="padding-left: 20px">
{% autoescape off %}
{{ vulnerability.vulnerable_products }}
{% endautoescape %}
{{ vulnerability.vulnerable_products|safe }}
</td>
</tr>
<tr>
Expand All @@ -271,9 +263,7 @@
<tr>
<th>Workarounds</th>
<td>
{% autoescape off %}
{{ vulnerability.workarounds }}
{% endautoescape %}
{{ vulnerability.workarounds|safe }}
</td>
</tr>
</table>
Expand Down
1 change: 1 addition & 0 deletions release_notes/unreleased.md
View file
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
**Unreleased**
* Resolved the exception in 'lookup indicator' action

0 comments on commit 783f90a

Please sign in to comment.