Base

Details
Content
Dependencies
Version History

The base pack for Cortex XSOAR.

Automations

Name	Description
DeleteIndicatorRelationships	This automation allows to delete a relationship between indicator objects based on the relationship id.
FindSimilarIncidentsByText	Deprecated. Use DBotFindSimilarIncidents instead. Find similar incidents by text comparison - the algorithm based on TF-IDF method. To read more about this method: https://en.wikipedia.org/wiki/Tf%E2%80%93idf This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
CommonServerPowerShell	Common code that will be merged into each PowerShell script/integration when it runs.
DrawRelatedIncidentsCanvas	Draw incidents and indicators on the canvas to map and visualize their connections.
HighlightWords	Highlight words inside a given text.
CreateIndicatorRelationship	This automation creates a relationship between indicator objects.
DBotShowClusteringModelInfo	Show clustering model information - model summary and incidents in specific cluster.
CheckDockerImageAvailable	Check if a docker image is available for performing docker pull. Script simulates the docker pull flow but doesn't actually pull the image. Returns an entry with 'ok' if all is good otherwise will return an error.
ValidateContent	Runs validation and linting using the Demisto SDK on content items, such as integrations, automations and content packs. This automation script is used as part of the content validation that runs as part of the contribution flow.
CommonServer	Common code that will be merged into each server script when it runs.
GetIndicatorsByQuery	Gets a list of indicator objects and the associated indicator outputs that match the specified query and filters. The results are returned in a structured data file.
DBotFindSimilarIncidentsByIndicators	Finds similar incidents based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity.
GetIncidentsByQuery	Gets a list of incident objects and the associated incident outputs that match the specified query and filters. The results are returned in a structured data file. This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
WordTokenizerNLP	Deprecated. Use DBotPreProcessTextData instead.
SearchIndicatorRelationships	This automation outputs the indicator relationships to context according to the provided query, using the entities, entityTypes, and relationships arguments. All arguments will use the AND operator. For example, using the following arguments entities=8.8.8.8 entities_types=Domain will provide only relationships that the 8.8.8.8 indicator has with indicators of type domain.
StixParser	Parse STIX files to Cortex XSOAR indicators by clicking the Upload STIX File button.
DBotBuildPhishingClassifier	Create a phishing classifier using machine learning technique, based on email content.
DBotTrainClustering	This script helps organizes and groups incidents based on their similarities using clustering algorithms. Clustering is a technique used to group data points (in this case, incidents) that are similar to each other into clusters. Used to automatically categorize a large number of incidents into meaningful groups.
SaneDocReports	Parse Sane-json-reports and export them as docx files (used internally).
CommonServerPython	Common code that will be merged into each server script when it runs.
DBotTrainTextClassifierV2	Train a machine learning text classifier.
SanePdfReports	Parse Sane-json-reports and export them as pdf files (used internally).
GetMLModelEvaluation	Finds a threshold for ML model, and performs an evaluation based on it.
DBotMLFetchData	Deprecated. No available replacement. Collect telemetry data from the environment.
DBotFindSimilarIncidents	Finds past similar incidents based on incident fields' similarity. Includes an option to also display indicators similarity. Note: For the similarity calculation, at least one field must be provided in one of the "similarTextField", "similarCategoricalField", or "similarJsonField" arguments.
DBotPredictPhishingWords	Predict text label using a pre-trained machine learning phishing model, and get the most important words used in the classification decision.
DBotSuggestClassifierMapping	Deprecated. No available replacement. Suggests a classifier mapping based on an advanced name matching algorithm.
DBotPreProcessTextData	Pre-process text data for the machine learning text classifier.

Dashboards

Name	Description
System Health

Automations

Name	Description
CommonServer	Common code that will be merged into each server script when it runs.
DBotBuildPhishingClassifier	Create a phishing classifier using machine learning technique, based on email content.
DBotSuggestClassifierMapping	Deprecated. No available replacement. Suggests a classifier mapping based on an advanced name matching algorithm.
SearchIndicatorRelationships	This automation outputs the indicator relationships to context according to the provided query, using the entities, entityTypes, and relationships arguments. All arguments will use the AND operator. For example, using the following arguments entities=8.8.8.8 entities_types=Domain will provide only relationships that the 8.8.8.8 indicator has with indicators of type domain.
HighlightWords	Highlight words inside a given text.
FindSimilarIncidentsByText	Deprecated. Use DBotFindSimilarIncidents instead. Find similar incidents by text comparison - the algorithm based on TF-IDF method. To read more about this method: https://en.wikipedia.org/wiki/Tf%E2%80%93idf This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
FindSimilarAlertsByText	Deprecated. Use DBotFindSimilarAlerts instead. Find similar alerts by text comparison - the algorithm based on TF-IDF method. To read more about this method: https://en.wikipedia.org/wiki/Tf%E2%80%93idf This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
CheckDockerImageAvailable	Check if a docker image is available for performing docker pull. Script simulates the docker pull flow but doesn't actually pull the image. Returns an entry with 'ok' if all is good otherwise will return an error.
WordTokenizerNLP	Deprecated. Use DBotPreProcessTextData instead.
DBotPreProcessTextData	Pre-process text data for the machine learning text classifier.
ValidateContent	Runs validation and linting using the Demisto SDK on content items, such as integrations, automations and content packs. This automation script is used as part of the content validation that runs as part of the contribution flow.
DBotFindSimilarIncidentsByIndicators	Finds similar incidents based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity.
DBotFindSimilarAlertsByIndicators	Finds similar alerts based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity.
CreateIndicatorRelationship	This automation creates a relationship between indicator objects.
SaneDocReports	Parse Sane-json-reports and export them as docx files (used internally).
SanePdfReports	Parse Sane-json-reports and export them as pdf files (used internally).
GetIncidentsByQuery	Gets a list of incident objects and the associated incident outputs that match the specified query and filters. The results are returned in a structured data file. This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
GetAlertsByQuery	Gets a list of alert objects and the associated alert outputs that match the specified query and filters. The results are returned in a structured data file. This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
DBotTrainClustering	This script helps organizes and groups incidents based on their similarities using clustering algorithms. Clustering is a technique used to group data points (in this case, incidents) that are similar to each other into clusters. Used to automatically categorize a large number of incidents into meaningful groups.
CommonServerPython	Common code that will be merged into each server script when it runs.
GetIndicatorsByQuery	Gets a list of indicator objects and the associated indicator outputs that match the specified query and filters. The results are returned in a structured data file.
DeleteIndicatorRelationships	This automation allows to delete a relationship between indicator objects based on the relationship id.
StixParser	Parse STIX files to Cortex XSIAM indicators by clicking the Upload STIX File button.
DBotMLFetchData	Deprecated. No available replacement. Collect telemetry data from the environment.
DBotFindSimilarIncidents	Finds past similar incidents based on incident fields' similarity. Includes an option to also display indicators similarity. Note: For the similarity calculation, at least one field must be provided in one of the "similarTextField", "similarCategoricalField", or "similarJsonField" arguments.
DBotFindSimilarAlerts	Finds past similar alerts based on alert fields' similarity. Includes an option to also display indicators similarity. Note: For the similarity calculation, at least one field must be provided in one of the "similarTextField", "similarCategoricalField", or "similarJsonField" arguments.
CommonServerPowerShell	Common code that will be merged into each PowerShell script/integration when it runs.
GetMLModelEvaluation	Finds a threshold for ML model, and performs an evaluation based on it.

1.34.47 - 1647729 (November 14, 2024)

Scripts

SearchIndicatorRelationships

Updated the Docker image to: demisto/python3:3.11.10.115186.

GetIndicatorsByQuery

Updated the Docker image to: demisto/python3:3.11.10.115186.

GetIncidentsByQuery

Updated the Docker image to: demisto/python3:3.11.10.115186.

HighlightWords

Updated the Docker image to: demisto/python3:3.11.10.115186.

CheckDockerImageAvailable

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37147
- 37137
- 37136
- 37140
- 37138
- 37139

Download

1.34.46 - 1624996 (November 11, 2024)

Scripts

GetMLModelEvaluation

Updated the Docker image to: demisto/ml:1.0.0.112949.

DBotTrainTextClassifierV2

Updated the Docker image to: demisto/ml:1.0.0.112949.

DBotPredictPhishingWords

Updated the Docker image to: demisto/ml:1.0.0.112949.

DBotFindSimilarIncidents

Updated the Docker image to: demisto/ml:1.0.0.112949.

DBotPreProcessTextData

Updated the Docker image to: demisto/ml:1.0.0.112949.

Related pull requests:
- 37162
- 37154

Download

1.34.45 - 1615839 (November 10, 2024)

Scripts

ValidateContent

Updated the Docker image to: demisto/xsoar-tools:1.0.0.115559.

Related pull requests:
- 37115
- 37109

Download

1.34.44 - 1609112 (November 7, 2024)

Scripts

DBotFindSimilarIncidentsByIndicators

Fixed an issue where the script would fail to run if the fieldsIncidentToDisplay argument received an unpopulated field in the incidents.
Updated the Docker image to: demisto/ml:1.0.0.112949.

Related pull requests:
- 37116

Download

1.34.43 - 1602991 (November 6, 2024)

Scripts

GetIncidentsByQuery

Updated the Docker image to: demisto/python3:3.11.10.113941.

GetIndicatorsByQuery

Updated the Docker image to: demisto/python3:3.11.10.113941.

CreateIndicatorRelationship

Updated the Docker image to: demisto/python3:3.11.10.113941.

DBotShowClusteringModelInfo

Updated the Docker image to: demisto/python3:3.11.10.113941.

CheckDockerImageAvailable

Updated the Docker image to: demisto/python3:3.11.10.113941.

DeleteIndicatorRelationships

Updated the Docker image to: demisto/python3:3.11.10.113941.

SearchIndicatorRelationships

Updated the Docker image to: demisto/python3:3.11.10.113941.

DBotBuildPhishingClassifier

Updated the Docker image to: demisto/python3:3.11.10.113941.

HighlightWords

Updated the Docker image to: demisto/python3:3.11.10.113941.

Related pull requests:
- 37006
- 36995
- 36994
- 36998
- 36993
- 36992
- 36997

Download

1.34.42 - 1569341 (October 30, 2024)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 36816

Download

1.34.41 - 1480610 (October 8, 2024)

Scripts

CommonServerPython

Improved implementation of log outputs to avoid printing secrets.

Related pull requests:
- 36586

Download

1.34.40 - 1475337 (October 7, 2024)

Scripts

CommonServerPython

Update the Account entity with the following fields:

Manager Email
Manager Display Name
Risk Level

Related pull requests:
- 36026

Download

1.34.39 - 1467584 (October 6, 2024)

Scripts

CommonServerPython

Updated the IndicatorsSearcher class to support a custom search_after parameter during initialization.

Related pull requests:
- 35942

Download

1.34.38 - 1414617 (September 22, 2024)

Scripts

DBotTrainTextClassifierV2

Improved the readable output.

DBotFindSimilarIncidents

Improved the readable output for Cortex XSIAM.

Related pull requests:
- 35216

Download

1.34.37 - R1373264 (September 11, 2024)

Scripts

SanePdfReports

Improved legend values visibility.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.108777.

Related pull requests:
- 36080

Download

1.34.36 - 1320807 (August 28, 2024)

Scripts

CommonServerPython

Fixed an issue where running scripts from dynamic sections returned an unexpected metrics entry.

Related pull requests:
- 35967

Download

1.34.35 - 1309186 (August 26, 2024)

Scripts

CheckDockerImageAvailable

Internal code improvements.
Updated the Docker image to: demisto/python3:3.11.9.107902.

Related pull requests:
- 36003

Download

1.34.34 - 1259921 (August 11, 2024)

Scripts

FindSimilarIncidentsByText

Maintenance and stability enhancements.

Related pull requests:
- 35643

Download

1.34.33 - 1241052 (August 4, 2024)

Scripts

DBotTrainClustering

Code refactor and general improvements.
Updated the Docker image to: demisto/mlclustering:1.0.0.105775.

Related pull requests:
- 35421

Download

1.34.32 - 1238470 (August 4, 2024)

Scripts

CommonServerPython

Enhance send_data_to_xsiam to support custom snapshot IDs in chunks.

Related pull requests:
- 35580

Download

1.34.31 - 1234417 (August 1, 2024)

Scripts

DBotTrainTextClassifierV2

Updated the Docker image to: demisto/ml:1.0.0.105874.

DBotFindSimilarIncidentsByIndicators

Updated the Docker image to: demisto/ml:1.0.0.105874.

GetMLModelEvaluation

Updated the Docker image to: demisto/ml:1.0.0.105874.

DBotPredictPhishingWords

Updated the Docker image to: demisto/ml:1.0.0.105874.

DBotFindSimilarIncidents

Updated the Docker image to: demisto/ml:1.0.0.105874.

DBotPreProcessTextData

Updated the Docker image to: demisto/ml:1.0.0.105874.

Related pull requests:
- 35708
- 35643

Download

1.34.30 - R1221739 (July 29, 2024)

Scripts

ValidateContent

Updated the Docker image to: demisto/xsoar-tools:1.0.0.104430.

Related pull requests:
- 35599

Download

1.34.29 - 1179382 (July 15, 2024)

Scripts

DBotTrainTextClassifierV2

Updated the Docker image to: demisto/ml:1.0.0.103517.

DBotFindSimilarIncidentsByIndicators

Updated the Docker image to: demisto/ml:1.0.0.103517.

GetMLModelEvaluation

Updated the Docker image to: demisto/ml:1.0.0.103517.

DBotPredictPhishingWords

Updated the Docker image to: demisto/ml:1.0.0.103517.

DBotFindSimilarIncidents

Updated the Docker image to: demisto/ml:1.0.0.103517.

DBotPreProcessTextData

Updated the Docker image to: demisto/ml:1.0.0.103517.

Related pull requests:
- 35422

Download

1.34.28 - 1169083 (July 11, 2024)

Scripts

DBotTrainTextClassifierV2

Updated the Docker image to: demisto/ml:1.0.0.101889.

DBotBuildPhishingClassifier

Changed the Docker image to: demisto/python3:3.11.9.101916.

DBotPreProcessTextData

Updated the Docker image to: demisto/ml:1.0.0.101889.

DBotPredictPhishingWords

Updated the Docker image to: demisto/ml:1.0.0.101889.

DBotFindSimilarIncidents

Updated the Docker image to: demisto/ml:1.0.0.101889.

GetMLModelEvaluation

Updated the Docker image to: demisto/ml:1.0.0.101889.

DBotFindSimilarIncidentsByIndicators

Updated the Docker image to: demisto/ml:1.0.0.101889.

Related pull requests:
- 35081

Download

1.34.27 - R1164474 (July 10, 2024)

Scripts

CommonServerPython

Added a functionality to read server configuration.

Related pull requests:
- 35038

Download

1.34.26 - 1155254 (July 7, 2024)

Scripts

CommonServerPython

Removed support for the DemistoWrapper class in python2 integrations and scripts. This fixes an issue where the following error was encountered for python2 integrations and scripts: TypeError: super() argument 1 must be type, not classobj

Related pull requests:
- 35283
- 35343

Download

1.34.25 - 1150618 (July 5, 2024)

Scripts

CommonServerPython

Fixed an issue where sending data to xsiam did not work with large data.

Related pull requests:
- 34437

Download

1.34.24 - 1149551 (July 4, 2024)

Scripts

CommonServerPython

Added a function is_using_engine to check if platform is using engine.

Related pull requests:
- 35206

Download

1.34.23 - 1146238 (July 3, 2024)

Scripts

CommonServerPython

Documentation and metadata improvements.
The DemistoWrapper is now utilized in all integrations and scripts.

Related pull requests:
- 35211

Download

1.34.21 - 1142826 (July 2, 2024)

Scripts

DBotFindSimilarIncidentsByIndicators

Fixed an issue where the populateFields argument didn't accept a pipe (|) as a separator.

DBotFindSimilarIncidents

Fixed an issue where the populateFields argument didn't accept a pipe (|) as a separator.

GetIncidentsByQuery

Fixed an issue where the populateFields argument didn't accept a pipe (|) as a separator.

Related pull requests:
- 35176

Download

1.34.20 - 1139196 (July 1, 2024)

Scripts

CommonServerPython

Update the request timeout for the generic_http_request function to 60 seconds.

Related pull requests:
- 35149

Download

1.34.19 - 1136970 (July 1, 2024)

Scripts

CommonServerPython

Revert version 1.34.15 due to an issue in generic_http_request causing improper handling of files.

Related pull requests:
- 35132

Download

1.34.18 - 1133773 (June 30, 2024)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.99838.

Related pull requests:
- 35105

Download

1.34.17 - 1129454 (June 27, 2024)

Scripts

ValidateContent

Updated the Docker image to: demisto/xsoar-tools:1.0.0.99061.

Related pull requests:
- 35076
- 34760

Download

1.34.16 - 1114769 (June 23, 2024)

Scripts

SanePdfReports

Added support for large customer logos up to 5MB.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.96883.

Related pull requests:
- 34862

Download

1.34.15 - 1109132 (June 20, 2024)

Scripts

CommonServerPython

WARNING: This version is invalid. Please install a different version.

Related pull requests:
- 35132
- 34545

Download

1.34.14 - 1106228 (June 19, 2024)

Scripts

SanePdfReports

Fixed an issue where the script failed when running multiple reports simultaneously.

Related pull requests:
- 34931

Download

1.34.13 - R1104278 (June 19, 2024)

Scripts

CommonServerPython

Updated the return_error function to truncate long error messages.

Related pull requests:
- 34823

Download

1.34.12 - 1096899 (June 16, 2024)

Scripts

CommonServerPython

Removed previously added support for determining which script runs in the Docker container.

Related pull requests:
- 34880

Download

1.34.11 - 1082615 (June 10, 2024)

Base

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34804

Download

1.34.10 - 1070867 (June 5, 2024)

Scripts

CommonServerPython

Fixed an issue where the script information was not available in cloud environments.

Related pull requests:
- 34681

Download

1.34.9 - 1064007 (June 3, 2024)

Scripts

CommonServerPython

Added support for determining which script runs in the Docker container.

Related pull requests:
- 34445

Download

1.34.8 - 1061293 (June 2, 2024)

Scripts

CommonServerPython

Fixed an issue which caused email enrichers to save results in the wrong context key. Email key was changed to Account.Email. This change might affect the following integrations which output Email indicators to context:

Anomali Threat Stream V3
Cofense Intelligence V2
Eclectic IQ Intelligence Center V3
Email Hippo
IP Quality Score
MISP V3
Reversing Labs Titanium Cloud V2
SEKOIA Intelligence Center
Threat Zone
VM Ray

Related pull requests:
- 34684
- 33924

Download

1.34.7 - 1049953 (May 28, 2024)

Scripts

SanePdfReports

Fixed an issue where SLA fields would be missing information from table sections when exported in CSV format.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.95847.

Related pull requests:
- 34539

Download

1.34.6 - R1049063 (May 27, 2024)

Scripts

CommonServer

Fixed the tableToMarkdown function to handle text with bad formatting.

Related pull requests:
- 34455

Download

1.34.5 - 1031157 (May 21, 2024)

Scripts

DBotFindSimilarIncidents

Documentation, error messaging, and logging improvements.
Updated the Docker image to: demisto/ml:1.0.0.94241.

Related pull requests:
- 34410

Download

1.34.4 - 1025939 (May 19, 2024)

Scripts

CommonServerPython

Updated the Retry mechanism to include the methods PATCH and DELETE.

Related pull requests:
- 34406

Download

1.34.3 - 1023216 (May 17, 2024)

Scripts

DBotTrainTextClassifierV2

Changed the script's behavior to return an informative non-error message when no incidents are received in the input file instead of returning an error.

Related pull requests:
- 34347

Download

1.34.2 - 1021616 (May 16, 2024)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.93953.

Related pull requests:
- 34377

Download

1.34.1 - 1011309 (May 12, 2024)

Scripts

DBotTrainTextClassifierV2

Improved handling of the script arguments.
Updated the Docker image to: demisto/ml:1.0.0.93129.

Related pull requests:
- 33965

Download

1.34.0 - 1005026 (May 8, 2024)

Scripts

CommonServerPython

Added a wrapper for the Demisto class.

Related pull requests:
- 33248

Download

1.33.54 - 1002031 (May 7, 2024)

Scripts

CommonServerPython

Added the is_time_sensitive method, indicating whether the current code is a reputation command called with auto-extract=inline.

Related pull requests:
- 34196

Download

1.33.53 - 998827 (May 6, 2024)

Base

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34212

Download

1.33.52 - 975934 (April 24, 2024)

Scripts

CommonServerPython

Added the generic_http_request method.
Added the safe_sleep method.

Related pull requests:
- 33466

Download

1.33.51 - 956366 (April 15, 2024)

Scripts

CommonServerPython

Improved implementation of generating curl commands within the logs.

Related pull requests:
- 33935

Download

1.33.50 - 940291 (April 7, 2024)

Scripts

CommonServerPython

Added FileAttachmentType Enum to used it in PreprocessEmail script to handle inline image attachments correctly.

Related pull requests:
- 33651

Download

1.33.49 - 938811 (April 7, 2024)

Scripts

ValidateContent

Updated the Docker image to: demisto/xsoar-tools:1.0.0.90942.

Related pull requests:
- 33641
- 33516
- 33519
- 33515
- 33329
- 33314
- 33318
- 33328
- 33357
- 33344
- 33359
- 33458
- 33535
- 33534
- 33537
- 33552
- 33580
- 33553
- 33418
- 33583
- 33555
- 33556
- 33559
- 33560
- 33619
- 33591
- 33602
- 33600
- 33314
- 33318
- 33328
- 33357
- 33344
- 33359
- 33458

Download

1.33.48 - R934602 (April 4, 2024)

Scripts

CommonServerPython

Added support for the x509-certificate indicator-type.

Related pull requests:
- 33106

Download

1.33.47 - 927547 (April 1, 2024)

Scripts

SanePdfReports

Fixed an issue where a table section wouldn't display the complete data.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.91719.

CommonServerPython

Added support for proxy settings when running send_events_to_xsiam.

Related pull requests:
- 33324

Download

1.33.45 - 921333 (March 28, 2024)

Scripts

SanePdfReports

Fixed an issue where script flag arguments were treated as boolean instead of string when using them as internal command arguments.

Related pull requests:
- 33622

Download

1.33.44 - 919001 (March 27, 2024)

Scripts

SanePdfReports

Add utf8 BOM support when using CSV report.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.91529.

Related pull requests:
- 33567

Download

1.33.43 - 904622 (March 20, 2024)

Scripts

SanePdfReports

Fixed an issue where a widgets reference line would not be visible.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.90542.

Related pull requests:
- 33456

Download

1.33.41 - 897231 (March 18, 2024)

Scripts

CommonServerPython

Improved implementation of ConnectionError handling.

Related pull requests:
- 33203

Download

1.33.40 - 889167 (March 13, 2024)

Scripts

GetMLModelEvaluation

Updated the Docker image to: demisto/ml:1.0.0.88591.

Related pull requests:
- 33304

Download

1.33.39 - 886558 (March 12, 2024)

Scripts

CommonServerPython

Improved implementation to prevent sensitive information from being logged.

Related pull requests:
- 33224
- 31702

Download

1.33.38 - 873658 (March 6, 2024)

Scripts

CommonServerPython

Added a utility function comma_separated_mapping_to_dict that gets a comma-separated mapping key1=value1,key2=value2,... and transforms it into a dictionary object.

Related pull requests:
- 33140

Download

1.33.37 - 863001 (March 3, 2024)

Scripts

CommonServerPython

Added ignore to sleep method to satisfy linters.

GetIncidentsByQuery

Moved the implementation to GetIncidentsApiModule.
The includeContext argument is now deprecated due to performance considerations. Rather than using this argument, it is recommended to retrieve the context of the incidents separately, preferably for a limited number of incidents.
Updated the Docker image to: demisto/python3:3.10.13.87159.

DBotFindSimilarIncidentsByIndicators

Internal code enhancements for improved performance.
Updated the Docker image to: demisto/ml:1.0.0.88591.

DBotFindSimilarIncidents

Internal code enhancements for improved performance.
Updated the Docker image to: demisto/ml:1.0.0.88591.

Related pull requests:
- 33028

Download

1.33.35 - 842208 (February 21, 2024)

Scripts

CommonServerPython

Fixed an issue where, in some cases, an AttributeError was raised during the destruction of a BaseClient object.

Related pull requests:
- 33044

Download

1.33.34 - 839519 (February 20, 2024)

Scripts

CommonServerPython

Added support for execution metrics in the BaseClient class.

DrawRelatedIncidentsCanvas

Updated the Docker image to: demisto/sklearn:1.0.0.86554.

Related pull requests:
- 32760

Download

1.33.32 - 837109 (February 19, 2024)

Scripts

CommonServerPython

Added support for long running integrations handle proxies.

Related pull requests:
- 31633

Download

1.33.31 - 836299 (February 18, 2024)

Scripts

DeleteIndicatorRelationships

Updated the Docker image to: demisto/python3:3.10.13.86272.

DBotShowClusteringModelInfo

Updated the Docker image to: demisto/python3:3.10.13.86272.

Related pull requests:
- 32446

Download

1.33.30 - 831507 (February 15, 2024)

Scripts

GetIndicatorsByQuery

Added the ALL option to the populateFields in order to get all the populated fields available.
Updated the automation to always use the populateFields - This is a breaking change! Make sure the value of this field is suitable for you.
Updated the Docker image to: demisto/python3:3.10.13.87159.

Related pull requests:
- 32879

Download

1.33.29 - 829761 (February 15, 2024)

Scripts

CommonServerPython

Maintenance and stability enhancements.

Related pull requests:
- 32931

Download

1.33.28 - 827009 (February 14, 2024)

Scripts

CommonServerPython

Fixed an issue where the Tags input for CommandResult was incorrectly set as a boolean instead of a list.

Related pull requests:
- 32794

Download

1.33.27 - R823153 (February 12, 2024)

Scripts

CommonServerPython

Added the retry decorator to allow retrying executing functions in case of exceptions.

Related pull requests:
- 32105
- 32493

Download

1.33.26 - 811489 (February 7, 2024)

Scripts

CommonServerPython

Added the ability to create a clickable URL with different text than the link.

Related pull requests:
- 31584
- 22875
- 23810
- 24259
- 24291
- 31573

Download

1.33.25 - 806093 (February 5, 2024)

Scripts

DBotFindSimilarIncidentsByIndicators

Performance improvements in indicator searching.
Updated the docker image to: demisto/ml:1.0.0.86706.

Related pull requests:
- 32485

Download

1.33.24 - 798475 (February 1, 2024)

Scripts

CreateIndicatorRelationship

Updated the Docker image to: demisto/python3:3.10.13.86272.

CommonServerPython

Fixed an issue in execute_command where the command returns an empty debug-entry when running on XSOAR version 8.x.

GetIndicatorsByQuery

Improved implementation for better performance when using the populateFields argument.
Update the docker image to: demisto/python3:3.10.13.86272.

Related pull requests:
- 32478

Download

1.33.21 - 793334 (January 30, 2024)

Scripts

SearchIndicatorRelationships

Updated the Docker image to: demisto/python3:3.10.13.86272.

Related pull requests:
- 32408

Download

1.33.20 - 790023 (January 28, 2024)

Scripts

DBotFindSimilarIncidentsByIndicators

Improved implementation for better performance.
Updated the Docker image to: demisto/ml:1.0.0.86222.

Related pull requests:
- 32171

Download

1.33.19 - 778227 (January 22, 2024)

Base

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 32331

Download

1.33.18 - 756127 (January 11, 2024)

Scripts

CommonServerPython

Added support for IPv4s with ports in the IPv4s regex.
Fixed an issue where the URL regex not capturing a hyphen in the URL path.

Related pull requests:
- 31913

Download

1.33.17 - 755215 (January 10, 2024)

Scripts

CommonServerPowerShell

Fixed an issue where self referencing outputs were extracted recursively.

Related pull requests:
- 31816

Download

1.33.16 - 752611 (January 9, 2024)

Scripts

SanePdfReports

Fixed an issue where pie chart colors were incorrect.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.84389.

Related pull requests:
- 32052

Download

1.33.15 - 749444 (January 8, 2024)

Scripts

CommonServerPython

Fixed an issue where logging curl calls could expose sensitive values.

Related pull requests:
- 31702

Download

1.33.14 - 746830 (January 7, 2024)

Scripts

SanePdfReports

Fixed an issue where table fields were hidden.
Fixed an issue where report contained overlapping sections.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.84330.

Related pull requests:
- 32001

Download

1.33.13 - 740516 (January 3, 2024)

Scripts

CommonServerPython

Improved implementation of the script's logs.

Related pull requests:
- 31924

Download

1.33.12 - 738800 (January 3, 2024)

Scripts

CommonServerPython

Fixed an issue where sometimes the indicators became unavailable until resetting the instance.

DBotFindSimilarIncidents

Fixed an issue where incidents were incorrectly called "alerts" in Cortex XSOAR.
Updated the Docker image to: demisto/ml:1.0.0.84027.

Related pull requests:
- 31853

Download

1.33.10 - 731204 (January 1, 2024)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.83846.

StixParser

Updated the Docker image to: demisto/taxii:1.0.0.84046.

Related pull requests:
- 31875

Download

1.33.9 - R729445 (January 1, 2024)

Scripts

CommonServerPython

Fixed an issue where TableToMarkdown Failed to parse Non JSON serializable objects.

Related pull requests:
- 31835
- 31697

Download

1.33.8 - 722180 (December 28, 2023)

Scripts

CommonServerPython

Updated the docstring of the return_results function to specify all the possible types for the results parameter, to fix incorrect IDE warnings.

Related pull requests:
- 31567

Download

1.33.7 - 719935 (December 27, 2023)

Scripts

CommonServerPython

Added the detect_file_indicator_type method to infer the file indicator type.

StixParser

Fixed an issue where STIX indicators were not parsed when type information was missing.
Updated the Docker image to: demisto/taxii:1.0.0.83894.

Related pull requests:
- 31643

Download

1.33.6 - R717685 (December 26, 2023)

Scripts

DBotFindSimilarIncidentsByIndicators

Improved implementation for better performance.
Updated the Docker image to: demisto/ml:1.0.0.83711.

Related pull requests:
- 31695
- 31756

Download

1.33.5 - R7220184 (December 20, 2023)

Scripts

StixParser

Updated the Docker image to: demisto/taxii:1.0.0.83456.

Related pull requests:
- 31459

Download

1.33.4 - 7142940 (December 12, 2023)

Scripts

SanePdfReports

Fixed an issue where table section header could be split between two pages.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.83535.

Related pull requests:
- 31420

Download

1.33.3 - 7132024 (December 11, 2023)

Scripts

DBotFindSimilarIncidents

Fixed an issue where alerts were incorrectly called "incidents" in Cortex XSIAM.
Updated the Docker image to: demisto/ml:1.0.0.82882.

CommonServerPython

Added the send_data_to_xsiam method, to send assets or events to XSIAM.

Related pull requests:
- 29709

Download

1.33.1 - 7122577 (December 10, 2023)

Scripts

CommonServerPython

Added a utility method to determine the time gap between a given datetime and the present moment.

Related pull requests:
- 31123

Download

1.33.0 - 7094306 (December 7, 2023)

Scripts

CommonServer

Update the emailRegex in CommonServer (JS) to catch emails with unicode as well (Available from Cortex XSOAR 6.11.0).

Related pull requests:
- 31148

Download

1.32.53 - 7076512 (December 5, 2023)

Scripts

CommonServerPowerShell

Fixed an issue where in cases the incidents array had only one value, the incidents could not be created.
Updated the Docker image to: demisto/powershell:7.4.0.80528.

Related pull requests:
- 31267

Download

1.32.52 - 7057031 (December 3, 2023)

Scripts

CommonServerPython

Added the replace_existing argument to the CommandResult class which allows overriding a context key.

Related pull requests:
- 30501

Download

1.32.51 - 7029664 (November 30, 2023)

Scripts

DBotFindSimilarIncidents

Improved implementation to prevent error messages by excluding fields with fewer than two letters from entering the calculation model.

Related pull requests:
- 31161

Download

1.32.50 - 7001088 (November 27, 2023)

Scripts

CommonServerPython

Fixed an issue where file names containing special strings were returned empty to the war-room.

Related pull requests:
- 31126

Download

1.32.49 - 6996984 (November 27, 2023)

Scripts

CommonServerPython

Fixed an issue where polling commands might not work properly if the polling parameter is no provided.

Related pull requests:
- 31111

Download

1.32.48 - 6992191 (November 26, 2023)

Scripts

SanePdfReports

Fixed an issue where table section row could be split between two pages.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.81075.

Related pull requests:
- 31094

Download

1.32.47 - 6972534 (November 23, 2023)

Scripts

SanePdfReports

Fixed an issue where duration widgets could display wrong values.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.81053.

Related pull requests:
- 31089

Download

1.32.46 - 6955725 (November 21, 2023)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.80973.
Fixed an issue where images weren't displayed in the report.

Related pull requests:
- 31014

Download

1.32.45 - 6899385 (November 15, 2023)

Scripts

CommonServerPython

Added utility methods to determine the Cortex platform.

Related pull requests:
- 30917

Download

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	August 2, 2020
Last Release	November 14, 2024

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.