Base

Details
Content
Dependencies
Version History

The base pack for Cortex XSOAR.

Automations

Name	Description
SanePdfReports	Parse Sane-json-reports and export them as pdf files (used internally).
StixParser	Parse STIX files to Cortex XSOAR indicators by clicking the Upload STIX File button.
DBotPredictPhishingWords	Predict text label using a pre-trained machine learning phishing model, and get the most important words used in the classification decision.
FindSimilarIncidentsByText	Find similar incidents by text comparison - the algorithm based on TF-IDF method. To read more about this method: https://en.wikipedia.org/wiki/Tf%E2%80%93idf This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-2/cortex-xsoar-admin/playbooks/automations.html
CommonServerPython	Common code that will be merged into each server script when it runs.
DBotTrainClustering	Train clustering model on any incident type.
DrawRelatedIncidentsCanvas	Draw incidents and indicators on the canvas to map and visualize their connections.
DBotShowClusteringModelInfo	Show clustering model information - model summary and incidents in specific cluster.
DBotBuildPhishingClassifier	Create a phishing classifier using machine learning technique, based on email content.
GetIndicatorsByQuery	Gets a list of indicator objects and the associated indicator outputs that match the specified query and filters. The results are returned in a structured data file.
CommonServer	Common code that will be merged into each server script when it runs
DBotFindSimilarIncidents	Find past similar incidents based on incident fields' similarity. Includes an option to also display indicators similarity.
ValidateContent	Runs validation and linting using the Demisto SDK on content items, such as integrations, automations and content packs. This automation script is used as part of the content validation that runs as part of the contribution flow.
CommonServerPowerShell	Common code that will be merged into each PowerShell script/integration when it runs
WordTokenizerNLP	Deprecated. Use DBotPreProcessTextData instead.
SearchIndicatorRelationships	This automation outputs the indicator relationships to context according to the provided query, using the entities, entityTypes, and relationships arguments. All arguments will use the AND operator. For example, using the following arguments entities=8.8.8.8 entities_types=Domain will provide only relationships that the 8.8.8.8 indicator has with indicators of type domain.
DeleteIndicatorRelationships	This automation allows to delete a relationship between indicator objects based on the relationship id.
CheckDockerImageAvailable	Check if a docker image is available for performing docker pull. Script simulates the docker pull flow but doesn't actually pull the image. Returns an entry with 'ok' if all is good otherwise will return an error.
SaneDocReports	Parse Sane-json-reports and export them as docx files (used internally).
GetIncidentsByQuery	Gets a list of incident objects and the associated incident outputs that match the specified query and filters. The results are returned in a structured data file. This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-5/cortex-xsoar-admin/playbooks/automations.html
DBotSuggestClassifierMapping	Deprecated. No available replacement. Suggests a classifier mapping based on an advanced name matching algorithm.
DBotFindSimilarIncidentsByIndicators	Finds similar incidents based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity.
DBotMLFetchData	Deprecated. No available replacement. Collect telemetry data from the environment.
CreateIndicatorRelationship	This automation creates a relationship between indicator objects.
HighlightWords	Highlight words inside a given text.
DBotTrainTextClassifierV2	Train a machine learning text classifier.
DBotPreProcessTextData	Pre-process text data for the machine learning text classifier.
GetMLModelEvaluation	Finds a threshold for ML model, and performs an evaluation based on it

Dashboards

Name	Description
System Health

Automations

Name	Description
SanePdfReports	Parse Sane-json-reports and export them as pdf files (used internally).
StixParser	Parse STIX files to Cortex XSIAM indicators by clicking the Upload STIX File button.
DBotPredictPhishingWords	Predict text label using a pre-trained machine learning phishing model, and get the most important words used in the classification decision.
FindSimilarIncidentsByText	Find similar incidents by text comparison - the algorithm based on TF-IDF method. To read more about this method: https://en.wikipedia.org/wiki/Tf%E2%80%93idf This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-2/cortex-xsoar-admin/playbooks/automations.html
CommonServerPython	Common code that will be merged into each server script when it runs.
DBotTrainClustering	Train clustering model on any incident type.
DBotShowClusteringModelInfo	Show clustering model information - model summary and incidents in specific cluster.
DBotBuildPhishingClassifier	Create a phishing classifier using machine learning technique, based on email content.
GetIndicatorsByQuery	Gets a list of indicator objects and the associated indicator outputs that match the specified query and filters. The results are returned in a structured data file.
CommonServer	Common code that will be merged into each server script when it runs
DBotFindSimilarIncidents	Find past similar incidents based on incident fields' similarity. Includes an option to also display indicators similarity.
ValidateContent	Runs validation and linting using the Demisto SDK on content items, such as integrations, automations and content packs. This automation script is used as part of the content validation that runs as part of the contribution flow.
CommonServerPowerShell	Common code that will be merged into each PowerShell script/integration when it runs
WordTokenizerNLP	Deprecated. Use DBotPreProcessTextData instead.
SearchIndicatorRelationships	This automation outputs the indicator relationships to context according to the provided query, using the entities, entityTypes, and relationships arguments. All arguments will use the AND operator. For example, using the following arguments entities=8.8.8.8 entities_types=Domain will provide only relationships that the 8.8.8.8 indicator has with indicators of type domain.
DeleteIndicatorRelationships	This automation allows to delete a relationship between indicator objects based on the relationship id.
CheckDockerImageAvailable	Check if a docker image is available for performing docker pull. Script simulates the docker pull flow but doesn't actually pull the image. Returns an entry with 'ok' if all is good otherwise will return an error.
SaneDocReports	Parse Sane-json-reports and export them as docx files (used internally).
GetIncidentsByQuery	Gets a list of incident objects and the associated incident outputs that match the specified query and filters. The results are returned in a structured data file. This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-5/cortex-xsoar-admin/playbooks/automations.html
DBotSuggestClassifierMapping	Deprecated. No available replacement. Suggests a classifier mapping based on an advanced name matching algorithm.
DBotFindSimilarIncidentsByIndicators	Finds similar incidents based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity.
DBotMLFetchData	Deprecated. No available replacement. Collect telemetry data from the environment.
CreateIndicatorRelationship	This automation creates a relationship between indicator objects.
HighlightWords	Highlight words inside a given text.
DBotTrainTextClassifierV2	Train a machine learning text classifier.
DBotPreProcessTextData	Pre-process text data for the machine learning text classifier.
GetMLModelEvaluation	Finds a threshold for ML model, and performs an evaluation based on it

1.31.59 - 4527513 (February 2, 2023)

Scripts

CommonServerPython

Fixed an issue with URL regex not accepting defanged colons in URLs.

Related pull requests:
- 23974

Download

1.31.58 - 4506096 (January 31, 2023)

Scripts

CommonServerPython

Fixed in issue where only lowercase emails were detected in CommonServerPython. emailRegex is now case insensitive.

Related pull requests:
- 24183

Download

1.31.57 - 4494864 (January 29, 2023)

Scripts

DBotTrainTextClassifierV2

Fixed an issue where custom labels resulted in an error.
Updated the Docker image to: demisto/ml:1.0.0.45981.

DBotBuildPhishingClassifier

Fixed an issue where custom labels resulted in an error.
Updated the Docker image to: demisto/ml:1.0.0.45981.

Related pull requests:
- 23844

Download

1.31.56 - 4477986 (January 26, 2023)

Scripts

CommonServerPython

Added the replace_spaces_in_credential function that replaces spaces in a credential (from type: 9) with break lines.

Related pull requests:
- 24104

Download

1.31.55 - 4427603 (January 19, 2023)

Scripts

CommonServerPython

Added the is_filename_valid function that checks if the filename contains invalid characters.

Related pull requests:
- 23919

Download

1.31.54 - R4413860 (January 17, 2023)

Scripts

CommonServer

Fixed an issue where comparing server versions did not work as expected.

Related pull requests:
- 23667

Download

1.31.53 - R4361094 (January 9, 2023)

Scripts

CommonServerPython

Added support for Tags in CommandResults class in CommonServerPython.

DrawRelatedIncidentsCanvas

Updated the Docker image to: demisto/sklearn:1.0.0.43324.
Updated script metadata.

Related pull requests:
- 23551

Download

1.31.51 - 4295766 (December 28, 2022)

Scripts

CommonServerPython

Improved the error shown when failing to parse a request response.

Related pull requests:
- 23355

Download

1.31.50 - 4285391 (December 27, 2022)

Scripts

CommonServerPython

Added to SSLAdapter class support for HTTPAdapter initialization arguments.
Updated the URL regular expression.
Fixed an issue in look-back functionality where incident ids were removed from the last-run before finished fetching all incidents in the same time.
Added the optional Publications field to the CVE indicator.

Related pull requests:
- 22287

Download

1.31.45 - 4220433 (December 14, 2022)

Scripts

CommonServerPython

Added support for SSL legacy renegotiation when enabling the Trust any certificate parameter.

Related pull requests:
- 23008

Download

1.31.44 - 4197844 (December 11, 2022)

Scripts

SearchIndicatorRelationships

Updated the Docker image to: demisto/python3:3.10.9.40422.
Added the options "detects", "detected-by" and "located-at" for the relationships argument.

CommonServerPython

Added the names "detects", "detected-by" and "located-at" for relationship type.

CreateIndicatorRelationship

Updated the Docker image to: demisto/python3:3.10.9.40422.
Added the options "detects", "detected-by" and "located-at" for the relationship and reverse_relationship arguments.

Related pull requests:
- 22564

Download

1.31.43 - 4183367 (December 9, 2022)

Scripts

CommonServerPython

Improved implementation of send_events_to_xsiam, the function will now add the fields _final_reporting_device_name, _collector_type and _collector_name to all events. The fields will display the integration's url, integration's name and the name of the instance that collected the event.

Related pull requests:
- 22615

Download

1.31.42 - 4179430 (December 8, 2022)

Scripts

CommonServerPython

Added support for the Identity, Location and Vulnerability indicator-types.

Related pull requests:
- 22663

Download

1.31.41 - 4152557 (December 5, 2022)

Scripts

CommonServerPython

Updated the Docker image to: demisto/python:2.7.18.37800.
Updated the URL regular expression.
Updated the IPv6 regular expression.

Related pull requests:
- 22466
- 22577
- 22563
- 22526
- 22567
- 22021
- 22124
- 20857
- 21856
- 22088
- 21530
- 22117
- 21379
- 21901
- 22062
- 22136
- 22020
- 22120
- 22141
- 22133
- 22139
- 22140
- 22144
- 21715
- 21258
- 21695
- 21830
- 21863
- 21996
- 22018
- 22029
- 14484
- 14439
- 14469
- 14483
- 14380
- 14422
- 14465
- 14442
- 14490
- 14492
- 14493
- 14130
- 14489
- 14382
- 14502
- 14124
- 14482
- 14503
- 14499
- 14466
- 12770
- 14501
- 14375
- 12795
- 14350
- 14507
- 13848
- 14378
- 13857
- 14512
- 14384
- 14516
- 14500
- 14481
- 14464
- 14522
- 14459
- 14525
- 14523
- 14076
- 14532
- 14368
- 14519
- 14455
- 13905
- 14537
- 14540
- 14538
- 14372
- 14072
- 14524
- 14498
- 14536
- 14302
- 14550
- 14505
- 14542
- 14468
- 14555
- 14556
- 14541
- 14526
- 14552
- 12335
- 14529
- 14561
- 14470
- 14331
- 13676
- 14475
- 11589
- 14568
- 14569
- 14565
- 13875
- 14558
- 13550
- 14578
- 14579
- 13902
- 14583
- 14511
- 14557
- 14585
- 14587
- 14476
- 14451
- 14596
- 14553
- 14517
- 14508
- 14605
- 14609
- 14607
- 14599
- 14480
- 14600
- 14545
- 14608
- 14604
- 14548
- 14543
- 14602

Download

1.31.40 - 4137548 (December 2, 2022)

Scripts

CommonServerPython

Updated the Docker image to: demisto/python:2.7.18.37800.
Updated the IP regular expression.

Related pull requests:
- 22590

Download

1.31.39 - R4116031 (November 29, 2022)

Scripts

CommonServerPython

Fixed an issue where the argToList method fails when parsing non json strings with square brackets.
Added the option of Unknown to Endpoint Status Options.

Related pull requests:
- 22289

Download

1.31.37 - 4074691 (November 21, 2022)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.37614.
Fixed an issue where incident's close data was invalid.
Fixed an issue where decimal values in decimal formatted charts were rounded.

Related pull requests:
- 22380

Download

1.31.36 - 4060486 (November 18, 2022)

Scripts

CommonServerPython

Fix ImportError of pytz.

Related pull requests:
- 22325

Download

1.31.35 - 4049710 (November 16, 2022)

Scripts

CommonServerPython

Added a regular expression for domains.
Fix look back feature to support timezone aware dates.

Related pull requests:
- 22263

Download

1.31.33 - 4042228 (November 15, 2022)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.37454.
Fixed an issue where images did not display well.
Fixed an issue where applying color to a markdown based report affected the instance.

Related pull requests:
- 22256

Download

1.31.32 - 3982079 (November 6, 2022)

Scripts

CommonServerPython

Internal code improvements.

Related pull requests:
- 21879

Download

1.31.31 - 3943002 (October 30, 2022)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.36838.
- Fixed an issue where panels would overlap each other.
- Fixed an issue where the report date was missing.

StixParser

Fixed an issue where report indicators were not parsed.

Related pull requests:
- 21945

Download

1.31.29 - 3940849 (October 30, 2022)

Scripts

CommonServerPython

Fixed an issue where is_demisto_version_ge was returning the wrong result when comparing version 6.10 with versions below.

SanePdfReports

Fixed an issue where markdown images were not being displayed in reports.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.35907.

Related pull requests:
- 21873

Download

1.31.28 - 3921089 (October 26, 2022)

Scripts

StixParser

Added support for all STIX types (that have a Cortex XSOAR equivalent).
Updated the Docker image to: demisto/taxii:1.0.0.31644.

Related pull requests:
- 21290
- 21879

Download

1.31.27 - R3910837 (October 25, 2022)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 21606

Download

1.31.26 - 3755666 (September 29, 2022)

Scripts

CommonServerPython

Added the contents of successful command execution results to the summary when running run_commands_with_summary.

Related pull requests:
- 21343

Download

1.31.25 - 3745478 (September 28, 2022)

Scripts

StixParser

Updated the Docker image to: demisto/stix:1.0.0.34906. This Update fixes a parsing error for STIX in MAEC format.

Related pull requests:
- 21514

Download

1.31.24 - 3687475 (September 19, 2022)

Scripts

CommonServerPython

Added the get_metric_list function to the ExecutionMetrics class. This function returns a list of all the metrics that were collected during the script's run.
Added the Malware type to the FeedIndicatorType class.
Improved implementation of Endpoint to include Vendor as a key field for comparisons.

Related pull requests:
- 21232

Download

1.31.21 - 3649843 (September 13, 2022)

Scripts

SanePdfReports

Improved handling of internal input/output file permissions via the use of temp files.

CheckDockerImageAvailable

Updated the Docker image to: demisto/python3:3.10.6.33415.

Related pull requests:
- 21020

Download

1.31.19 - 3606822 (September 6, 2022)

Scripts

HighlightWords

Updated the Docker image to: demisto/boto3py3:demisto/python3:3.10.6.33415.

Related pull requests:
- 20995

Download

1.31.18 - 3528006 (August 24, 2022)

Scripts

CommonServerPython

Added support for the Mutex and ASN indicator-types.

Related pull requests:
- 20543

Download

1.31.17 - 3512153 (August 22, 2022)

Scripts

CommonServerPython

Documentation and metadata improvements.

Related pull requests:
- 20706

Download

1.31.16 - 3427401 (August 9, 2022)

Scripts

CommonServerPython

Fixed an issue in DemistoClassAPIModule.
Added the append_metrics() method which appends API execution metrics into CommandResults list.

Related pull requests:
- 20398

Download

1.31.14 - 3370607 (July 31, 2022)

Scripts

CommonServerPython

Fixed an issue where API Metrics were unsupported for XSOAR versions 6.8.0 till 7.0.0.

Related pull requests:
- 20312

Download

1.31.13 - 3353369 (July 28, 2022)

Scripts

CommonServerPython
Fixed an issue where parse_date_string fails to parse a date string which has 7 or more characters in the fraction part.

CommonServerPython

Documentation and metadata improvements.

Related pull requests:
- 20264

Download

1.31.11 - 3341847 (July 27, 2022)

Scripts

DBotPredictPhishingWords

Updated the Docker image to: demisto/ml:1.0.0.32340.

Related pull requests:
- 20239

Download

1.31.10 - 3326856 (July 25, 2022)

Scripts

CommonServerPython

Added the ability to receive any argument to the polling_function decorator.
Fixed an issue in the polling_function where even if the polling argument was set to false, polling would still occur in some cases.

Related pull requests:
- 20083

Download

1.31.9 - 3323751 (July 24, 2022)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.32268.
Fixed an issue where the Markdown widget would not fetch an uploaded image in a global section (used when creating a report out of an investigation).

Related pull requests:
- 20176

Download

1.31.8 - 3250424 (July 12, 2022)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.32002.
Fixed an issue where the Markdown widget would not fetch an uploaded image in multi-tenant environments.

Related pull requests:
- 20019

Download

1.31.7 - 3240754 (July 11, 2022)

Scripts

CommonServerPython

Added DemistoClass import to CommonServerPython.

Related pull requests:
- 19377

Download

1.31.6 - 3200623 (July 4, 2022)

Scripts

CommonServerPython

Resolved demisto.log() XSOAR linter errors.

Related pull requests:
- 19840

Download

1.31.5 - 3143373 (June 23, 2022)

Scripts

ValidateContent

Updated the Docker image to: demisto/xsoar-tools-hf:1.0.0.31061. The docker image includes a fix to an issue in ValidateContent.

Related pull requests:
- 19713

Download

1.31.4 - 3134111 (June 22, 2022)

Scripts

DBotTrainTextClassifierV2

Updated the Docker image to: demisto/ml:1.0.0.30541.

DBotBuildPhishingClassifier

Updated the Docker image to: demisto/ml:1.0.0.30541.

GetMLModelEvaluation

Updated the Docker image to: demisto/ml:1.0.0.30541.

DBotPredictPhishingWords

Updated the Docker image to: demisto/ml:1.0.0.30541.

GetIncidentsByQuery

Updated the Docker image to: demisto/python3:3.10.4.30607.

DBotPreProcessTextData

Updated the Docker image to: demisto/ml:1.0.0.30541.

Related pull requests:
- 19178

Download

1.31.1 - 3087003 (June 14, 2022)

Scripts

SearchIndicatorRelationships

Updated the Docker image to: demisto/python3:3.10.4.30607.
Removed excessive error traceback printing.

DeleteIndicatorRelationships

Updated the Docker image to: demisto/python3:3.10.4.30607.
Removed excessive error traceback printing.

CreateIndicatorRelationship

Updated the Docker image to: demisto/python3:3.10.4.30607.
Removed excessive error traceback printing.

Related pull requests:
- 19443

Download

1.31.0 - 3058000 (June 8, 2022)

Scripts

CommonServerPython

Added support for API Execution Metrics Reporting.
Updated the Docker image to: demisto/python:2.7.18.27799.

Related pull requests:
- 16724

Download

1.30.11 - 3056265 (June 8, 2022)

Scripts

SearchIndicatorRelationships

Fixed an issue where results were not filtered as expected.

Related pull requests:
- 19409

Download

1.30.10 - 3002096 (May 29, 2022)

Scripts

CommonServerPython

Improved ipv4cidrRegex, ipv6cidrRegex, and emailRegex.

Download

1.30.9 - 2988482 (May 26, 2022)

Scripts

CommonServerPython

Added to the AttackPattern class a new value attribute.

Download

1.30.8 - 2979078 (May 25, 2022)

Scripts

CommonServerPython

Added support for logging in CommandRunner.

Download

1.30.7 - 2912810 (May 12, 2022)

Scripts

CommonServerPython

Documentation improvements.

Download

1.30.6 - 2899700 (May 10, 2022)

Scripts

CommonServerPython

Improved the behavior of the send_events_to_xsiam function in cases it is given no events.
Added to EntryType class the VIDEO_FILE and STATIC_VIDEO_FILE Enums.

Download

1.30.4 - 2895899 (May 10, 2022)

WARNING: This version is invalid. Please install a different version.

Scripts

CommonServerPython

Added support for new fields on Common Indicator objects.

Related pull requests:
- 20109
- 18051

Download

1.30.3 - 2852693 (May 2, 2022)

WARNING: This version is invalid. Please install a different version.

Scripts

CommonServerPython

Improved the stability of the generic look-back implementation.

Related pull requests:
- 20109
- 18702

Download

1.30.2 - 2848830 (May 1, 2022)

WARNING: This version is invalid. Please install a different version.

Scripts

CheckDockerImageAvailable

Updated the Docker image to: demisto/python:2.7.18.27799.

HighlightWords

Updated the Docker image to: demisto/python:2.7.18.27799.

Related pull requests:
- 20109
- 18829

Download

1.30.1 - 2823666 (April 26, 2022)

WARNING: This version is invalid. Please install a different version.

Scripts

CommonServerPython

The return_error function will always print the exception traceback into logs.

Related pull requests:
- 20109
- 18712

Download

1.30.0 - 2773920 (April 17, 2022)

Scripts

CommonServerPython

Added the YMLMetadataCollector classes for the generate_yml_from_python demisto_sdk command.
Added new function send_events_to_xsiam to allow collection integration to save events in XSIAM server.

Download

1.19.9 - 2765507 (April 15, 2022)

Scripts

CommonServerPython

Added the transform argument to the argToList function.

Download

1.19.8 - 2745974 (April 12, 2022)

Scripts

SearchIndicatorRelationships

Fixed an issue where the script returned an unexpected error in XSOAR version 6.6.0.
Updated the Docker image to: demisto/python3:3.10.4.27798.

GetIndicatorsByQuery

Updated the Docker image to: demisto/python3:3.10.4.27798.
Fixed lint issues.

CommonServerPython

Added the content_format field to CommandResults.

Download

1.19.5 - 2713867 (April 6, 2022)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.27759.
Fixed an issue where missing data would cause a table section to render erroneously.
Fixed an issue where report headers would be displayed when the disableHeaders argument was True.

Download

1.19.4 - 2674843 (March 30, 2022)

Scripts

CommonServerPython

Added type validations and other internal code improvements.
Added type validations and other internal code improvements.

GetMLModelEvaluation

Added type validations and other internal code improvements.

SaneDocReports

Added type validations and other internal code improvements.

Download

1.19.2 - 2657207 (March 28, 2022)

Scripts

CommonServerPython

Added generic methods to be used in fetch-incidents commands implementing the look-back functionality, which addresses cases where incidents are indexed on the 3rd-party products after their creation time and thus not fetched.
Updated Docker image to demisto/python:2.7.18.27799.
Added the create_indicator_result_with_dbotscore_unknown. Use this function when an API response to an indicator is not found.

Download

1.19.0 - 2654641 (March 27, 2022)

Scripts

CommonServerPython

Added the execute_commands function for executing multiple commands.
Added an option to create a generic CommandRunner for a script that wraps several commands from different integrations.
See CommandRunner Documentation.

Download

1.18.22 - 2631562 (March 23, 2022)

Scripts

CommonServerPython

Added the message parameter into the DBotScore class.

Download

1.18.21 - 2624637 (March 22, 2022)

Scripts

CommonServerPython

Added the function get_pack_version which extracts the pack version by several queries.

Download

1.18.20 - 2615718 (March 20, 2022)

Scripts

CommonServer

Fixed an issue where the code was not compatible with ES5.

Download

1.18.19 - 2593688 (March 16, 2022)

Scripts

CommonServer

Added the function mergeVersionedIntegrationContext to update the integration context. (This method behaves similarly to set_to_integration_context_with_retries in CommonServerPython).

CommonServerPython

Added the add_sensitive_log_strs function to mask sensitive strings in all loggers.

Download

1.18.17 - R2589896 (March 16, 2022)

Scripts

CreateIndicatorRelationship

The entity_b_type argument is no longer required.
Fixed an issue where the CreateIndicatorRelationship command would fail when using the entity_b_query argument without providing the entity_b_type argument.

Download

1.18.16 - 2536574 (March 8, 2022)

Scripts

SanePdfReports

Docker image has been updated to: demisto/sane-pdf-reports:1.0.0.27172.
Added the tableTextMaxLength argument for limiting the maximum text length of table cells.

CreateIndicatorRelationship

Added an exception in cases where the entity_b_type parameter is not supplied.

Download

1.18.14 - 2510561 (March 3, 2022)

Scripts

CommonServerPython

Fixed an issue in the email regex value where it accepted spaces as part of the email address.

Download

1.18.13 - 2507216 (March 3, 2022)

Scripts

DBotSuggestClassifierMapping

Updated the script to Python 3.

GetIncidentsByQuery

Changed the default values of the limit and the pageSize parameters.

CommonServerPython

Added the remove_duplicates_from_list_arg function for removing duplicated items in list arguments.

Download

1.18.10 - 2475198 (February 25, 2022)

Scripts

CommonServerPython

Add support for lists and nested items in tableToMarkdown when using JsonTransformer argument.

GetIncidentsByQuery

Added verification that query was parsed correctly.

DBotBuildPhishingClassifier

Added support for the case when query argument is an empty string.

Download

1.18.8 - 2419785 (February 15, 2022)

Scripts

CommonServerPython

Internal code improvements.

GetIncidentsByQuery

Added support for splitting the populateFields argument into a list separated by "|" together with a comma-separated list.

Download

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	August 2, 2020
Last Release	February 2, 2023

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.