Base

Details
Content
Dependencies
Version History

The base pack for Cortex XSOAR.

Dashboards

Name	Description
System Health

Automations

Name	Description
GetMLModelEvaluation	Finds a threshold for ML model, and performs an evaluation based on it
DBotMLFetchData	Deprecated. No available replacement. Collect telemetry data from the environment.
CreateIndicatorRelationship	This automation creates a relationship between indicator objects.
FindSimilarIncidentsByText	Deprecated. Use DBotFindSimilarIncidents instead. Find similar incidents by text comparison - the algorithm based on TF-IDF method. To read more about this method: https://en.wikipedia.org/wiki/Tf%E2%80%93idf This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
DBotTrainTextClassifierV2	Train a machine learning text classifier.
DBotTrainClustering	Train clustering model on any incident type.
SaneDocReports	Parse Sane-json-reports and export them as docx files (used internally).
HighlightWords	Highlight words inside a given text.
DBotSuggestClassifierMapping	Deprecated. No available replacement. Suggests a classifier mapping based on an advanced name matching algorithm.
GetIncidentsByQuery	Gets a list of incident objects and the associated incident outputs that match the specified query and filters. The results are returned in a structured data file. This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
DBotBuildPhishingClassifier	Create a phishing classifier using machine learning technique, based on email content.
DBotFindSimilarIncidents	Find past similar incidents based on incident fields' similarity. Includes an option to also display indicators similarity.
CommonServerPython	Common code that will be merged into each server script when it runs.
SanePdfReports	Parse Sane-json-reports and export them as pdf files (used internally).
DBotPreProcessTextData	Pre-process text data for the machine learning text classifier.
WordTokenizerNLP	Deprecated. Use DBotPreProcessTextData instead.
CommonServerPowerShell	Common code that will be merged into each PowerShell script/integration when it runs
CheckDockerImageAvailable	Check if a docker image is available for performing docker pull. Script simulates the docker pull flow but doesn't actually pull the image. Returns an entry with 'ok' if all is good otherwise will return an error.
CommonServer	Common code that will be merged into each server script when it runs
DBotFindSimilarIncidentsByIndicators	Finds similar incidents based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity.
SearchIndicatorRelationships	This automation outputs the indicator relationships to context according to the provided query, using the entities, entityTypes, and relationships arguments. All arguments will use the AND operator. For example, using the following arguments entities=8.8.8.8 entities_types=Domain will provide only relationships that the 8.8.8.8 indicator has with indicators of type domain.
DBotPredictPhishingWords	Predict text label using a pre-trained machine learning phishing model, and get the most important words used in the classification decision.
DeleteIndicatorRelationships	This automation allows to delete a relationship between indicator objects based on the relationship id.
DBotShowClusteringModelInfo	Show clustering model information - model summary and incidents in specific cluster.
DrawRelatedIncidentsCanvas	Draw incidents and indicators on the canvas to map and visualize their connections.
StixParser	Parse STIX files to Cortex XSOAR indicators by clicking the Upload STIX File button.
GetIndicatorsByQuery	Gets a list of indicator objects and the associated indicator outputs that match the specified query and filters. The results are returned in a structured data file.
ValidateContent	Runs validation and linting using the Demisto SDK on content items, such as integrations, automations and content packs. This automation script is used as part of the content validation that runs as part of the contribution flow.

Automations

Name	Description
GetMLModelEvaluation	Finds a threshold for ML model, and performs an evaluation based on it
DBotMLFetchData	Deprecated. No available replacement. Collect telemetry data from the environment.
CreateIndicatorRelationship	This automation creates a relationship between indicator objects.
FindSimilarIncidentsByText	Deprecated. Use DBotFindSimilarIncidents instead. Find similar incidents by text comparison - the algorithm based on TF-IDF method. To read more about this method: https://en.wikipedia.org/wiki/Tf%E2%80%93idf This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
GetAlertsByQuery	Gets a list of alert objects and the associated alert outputs that match the specified query and filters. The results are returned in a structured data file. This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
DBotTrainClustering	Train clustering model on any incident type.
SaneDocReports	Parse Sane-json-reports and export them as docx files (used internally).
HighlightWords	Highlight words inside a given text.
DBotSuggestClassifierMapping	Deprecated. No available replacement. Suggests a classifier mapping based on an advanced name matching algorithm.
GetIncidentsByQuery	Gets a list of incident objects and the associated incident outputs that match the specified query and filters. The results are returned in a structured data file. This automation runs using the default Limited User role, unless you explicitly change the permissions. For more information, see the section about permissions here: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Automations
DBotBuildPhishingClassifier	Create a phishing classifier using machine learning technique, based on email content.
DBotFindSimilarIncidents	Find past similar incidents based on incident fields' similarity. Includes an option to also display indicators similarity.
CommonServerPython	Common code that will be merged into each server script when it runs.
SanePdfReports	Parse Sane-json-reports and export them as pdf files (used internally).
DBotPreProcessTextData	Pre-process text data for the machine learning text classifier.
WordTokenizerNLP	Deprecated. Use DBotPreProcessTextData instead.
CommonServerPowerShell	Common code that will be merged into each PowerShell script/integration when it runs
CheckDockerImageAvailable	Check if a docker image is available for performing docker pull. Script simulates the docker pull flow but doesn't actually pull the image. Returns an entry with 'ok' if all is good otherwise will return an error.
CommonServer	Common code that will be merged into each server script when it runs
DBotFindSimilarIncidentsByIndicators	Finds similar incidents based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity.
DBotFindSimilarAlerts	Find past similar alerts based on alert fields' similarity. Includes an option to also display indicators similarity.
SearchIndicatorRelationships	This automation outputs the indicator relationships to context according to the provided query, using the entities, entityTypes, and relationships arguments. All arguments will use the AND operator. For example, using the following arguments entities=8.8.8.8 entities_types=Domain will provide only relationships that the 8.8.8.8 indicator has with indicators of type domain.
DeleteIndicatorRelationships	This automation allows to delete a relationship between indicator objects based on the relationship id.
StixParser	Parse STIX files to Cortex XSIAM indicators by clicking the Upload STIX File button.
GetIndicatorsByQuery	Gets a list of indicator objects and the associated indicator outputs that match the specified query and filters. The results are returned in a structured data file.
DBotFindSimilarAlertsByIndicators	Finds similar alerts based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity.
ValidateContent	Runs validation and linting using the Demisto SDK on content items, such as integrations, automations and content packs. This automation script is used as part of the content validation that runs as part of the contribution flow.

1.32.34 - 6378746 (September 20, 2023)

Scripts

DBotFindSimilarIncidents

Fixed an issue where an error occurred in case similar incidents by indicators could not be found.

Related pull requests:
- 29701

Download

1.32.33 - R6303396 (September 12, 2023)

Scripts

DBotFindSimilarIncidentsByIndicators

Fixed an issue with the output of the script.

Related pull requests:
- 29610

Download

1.32.32 - 6285754 (September 10, 2023)

Base

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 29466

Download

1.32.31 - 6253250 (September 6, 2023)

Scripts

CommonServerPython

Fixed an issue in CommandResults object where it failed to return results to the war room, when no human-readable output was provided.

Related pull requests:
- 29301

Download

1.32.30 - 6204823 (August 31, 2023)

Scripts

DBotFindSimilarIncidentsByIndicators

Updated the Docker image to: demisto/ml:1.0.0.72705.
Fixed an issue where found incidents were not returned.

Related pull requests:
- 29353

Download

1.32.29 - 6190939 (August 30, 2023)

Scripts

CommonServerPython

Fixed an issue in the CommandResults.to_context() method where falsy values were not added to the raw response.

Related pull requests:
- 29298

Download

1.32.28 - 6166488 (August 27, 2023)

Scripts

CommonServerPython

Added the ability to customize the http requests query params encoding.

Related pull requests:
- 29200

Download

1.32.27 - 6058978 (August 15, 2023)

Scripts

DBotFindSimilarIncidentsByIndicators

Updated the Docker image to: demisto/ml:1.0.0.67740.
Fixed an issue where the database search was not optimized.

Related pull requests:
- 28926

Download

1.32.26 - 5980752 (August 7, 2023)

Scripts

CommonServerPython

Improved implementation of parse_date_range method.

Related pull requests:
- 28822

Download

1.32.25 - 5972692 (August 6, 2023)

Scripts

CommonServerPython

Added an advanced option to change the chunk size when using the send_events_to_xsiam function.

Related pull requests:
- 28567

Download

1.32.24 - 5969979 (August 6, 2023)

Base

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 28753

Download

1.32.23 - 5940472 (August 2, 2023)

Scripts

CommonServerPython

Documentation and metadata improvements.

Related pull requests:
- 28668

Download

1.32.22 - 5925411 (August 1, 2023)

Scripts

HighlightWords

Updated the Docker image to: demisto/python3:3.10.12.66339.

GetIndicatorsByQuery

Updated the Docker image to: demisto/python3:3.10.12.66339.

CheckDockerImageAvailable

Updated the Docker image to: demisto/python3:3.10.12.66339.

GetIncidentsByQuery

Updated the Docker image to: demisto/python3:3.10.12.66339.

Related pull requests:
- 28640

Download

1.32.21 - R5866730 (July 25, 2023)

Scripts

HighlightWords

Updated the Docker image to: demisto/python3:3.10.12.63474.

CreateIndicatorRelationship

Updated the Docker image to: demisto/python3:3.10.12.63474.

GetIndicatorsByQuery

Updated the Docker image to: demisto/python3:3.10.12.63474.

CheckDockerImageAvailable

Updated the Docker image to: demisto/python3:3.10.12.63474.

DBotShowClusteringModelInfo

Updated the Docker image to: demisto/python3:3.10.12.63474.

GetIncidentsByQuery

Updated the Docker image to: demisto/python3:3.10.12.63474.

DeleteIndicatorRelationships

Updated the Docker image to: demisto/python3:3.10.12.63474.

SearchIndicatorRelationships

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 28221

Download

1.32.20 - 5731243 (July 10, 2023)

Scripts

CommonServerPython

Fixed an issue in look_back parameter when it did not increase the time in the lastRun object.

Related pull requests:
- 27901

Download

1.32.19 - R5692327 (July 5, 2023)

Scripts

DBotPredictPhishingWords

Changed the Docker image to: demisto/ml:1.0.0.32340.

Related pull requests:
- 27849

Download

1.32.18 - 5649943 (June 29, 2023)

Scripts

CommonServerPython

Updated the CVE class adding missing attributes and creating the CPE class to handle CPEs.

Related pull requests:
- 26486

Download

1.32.17 - 5636258 (June 28, 2023)

Scripts

CommonServerPython

Improved implementation by disabling urllib3 warnings in CSP instead of in integration code.

Related pull requests:
- 27773

Download

1.32.16 - 5574470 (June 20, 2023)

Scripts

CommonServerPython

Updated the Docker image to: demisto/python:2.7.18.63476.
Improved implementation by removing redundant assignment to a variable.

Related pull requests:
- 27571

Download

1.32.15 - 5560707 (June 18, 2023)

Scripts

CommonServer

Added a FileResult function to create a file from the given data in JavaScript.

Related pull requests:
- 26455

Download

1.32.14 - 5535815 (June 15, 2023)

Scripts

CreateIndicatorRelationship

Fixed an issue where creating relationships was not working for indicators that have a Tilde symbol in their value.
Updated the Docker image to: demisto/python3:3.10.12.62631.

Related pull requests:
- 27404

Download

1.32.13 - 5508533 (June 12, 2023)

Scripts

CommonServerPython

Added "rank" as a domain grid field (source, rank).

Related pull requests:
- 27352

Download

1.32.12 - 5501210 (June 11, 2023)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.62999.
Fixed an issue where SLA fields were missing information in table sections.

CommonServerPython

Documentation and metadata improvements.

Related pull requests:
- 27351

Download

1.32.10 - 5498982 (June 11, 2023)

Scripts

CommonServerPython

Fixed an issue where an error was returned when running a script with an api metrics result.

Related pull requests:
- 27214

Download

1.32.9 - 5465590 (June 7, 2023)

Scripts

CommonServerPython

Fixed an issue where importing urllib.parse failed.

Related pull requests:
- 27252

Download

1.32.8 - 5460239 (June 6, 2023)

Scripts

DBotPredictPhishingWords

Updated the Docker image to: demisto/ml:1.0.0.62124.
Removed the script from XSIAM, which does not yet support getMLModel.

DBotShowClusteringModelInfo

Updated the Docker image to: demisto/python3:3.10.11.61265.
Removed the script from XSIAM, which does not yet support getMLModel.

DBotTrainTextClassifierV2

Updated the Docker image to: demisto/ml:1.0.0.62124.
Removed the script from XSIAM, which does not yet support getMLModel.

Related pull requests:
- 26967

Download

1.32.7 - R5450895 (June 5, 2023)

Scripts

HighlightWords

Updated the Docker image to: demisto/python3:3.10.11.61265.

GetIndicatorsByQuery

Updated the Docker image to: demisto/python3:3.10.11.61265.

CheckDockerImageAvailable

Updated the Docker image to: demisto/python3:3.10.11.61265.

GetIncidentsByQuery

Updated the Docker image to: demisto/python3:3.10.11.61265.

SearchIndicatorRelationships

Updated the Docker image to: demisto/python3:3.10.11.61265.

Related pull requests:
- 27210

Download

1.32.6 - 5318720 (May 21, 2023)

Scripts

CommonServerPython

Fixed an issue where calling set_last_mirror_run raised a false-JSONDecodeError exception.

Related pull requests:
- 26365

Download

1.32.4 - 5316435 (May 21, 2023)

Scripts

CommonServerPython

Added the response_to_context method to support easy context preparation for integration developers.

Related pull requests:
- 26507
- 26365

Download

1.32.3 - 5289877 (May 17, 2023)

Scripts

FindSimilarIncidentsByText

Deprecated. Use DBotFindSimilarIncidents instead.

Related pull requests:
- 26468

Download

1.32.2 - 5281584 (May 16, 2023)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.58997.
Fix current time when forcing server formatting.

Related pull requests:
- 26560

Download

1.32.1 - 5265019 (May 14, 2023)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.58358.
Force custom date format and timezone in Date section.

Related pull requests:
- 26438

Download

1.32.0 - 5262746 (May 14, 2023)

Scripts

CommonServerPython

Added support for urllib3 version 2 in the SSLAdapter used by the BaseClient, when skipping certificate validation.

Related pull requests:
- 26410

Download

1.31.96 - 5235737 (May 10, 2023)

Scripts

ValidateContent

Updated the code to be in accordance with the latest demisto-sdk version 1.14.3 release.
Updated the Docker image to: demisto/xsoar-tools:1.0.0.58259.

Related pull requests:
- 26056

Download

1.31.95 - 5223322 (May 9, 2023)

Scripts

DBotFindSimilarIncidentsByIndicators

Fixed an issue where the script ignore the fromDate argument.
Updated the Docker image to: demisto/ml:1.0.0.57750.

Related pull requests:
- 26386

Download

1.31.94 - 5208997 (May 7, 2023)

Scripts

CommonServerPython

Improved the logic of the traceback line fix method.

Related pull requests:
- 25620

Download

1.31.93 - R5170573 (May 2, 2023)

Scripts

CommonServerPython

Improved implementation of execute_command to raise an exception instead of returning the error and exiting.

Related pull requests:
- 26002

Download

1.31.92 - 5144905 (April 28, 2023)

Scripts

GetIncidentsByQuery

Fixed an issue in GetIncidentsByQuery script where field would come back empty.
Updated the Docker image to: demisto/python3:3.10.11.56082.

Related pull requests:
- 26115

Download

1.31.91 - 5112395 (April 24, 2023)

Scripts

GetIncidentsByQuery

populateFields argument is now case insensitive.
Updated the Docker image to: demisto/python3:3.10.11.55362.

Related pull requests:
- 26044

Download

1.31.90 - R5108885 (April 24, 2023)

Scripts

DBotFindSimilarIncidentsByIndicators

Updated the Docker image to: demisto/ml:1.0.0.55262.
Fixed an issue that prevented the script from working as expected in XSOAR 8 and above.

Related pull requests:
- 25967

Download

1.31.89 - 5077739 (April 19, 2023)

Scripts

SanePdfReports

Fixed an issue where graph widgets would not display correctly when exported on a report.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.55272.

Related pull requests:
- 25983

Download

1.31.88 - 5060481 (April 17, 2023)

Scripts

CommonServerPython

Added debug logs for the look-back generic methods.

Related pull requests:
- 25797

Download

1.31.87 - 5053542 (April 16, 2023)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.54935.

Related pull requests:
- 25850

Download

1.31.86 - 5035005 (April 13, 2023)

Scripts

CommonServerPython

Added a validation that the prefix_output is not a period.

Related pull requests:
- 25674
- 25463
- 25336
- 25514
- 25155
- 25755
- 25752
- 25555
- 25782
- 25745
- 25784
- 25780
- 25771
- 25754
- 25765
- 25763
- 25027
- 25743
- 25666
- 25785
- 25392
- 25766
- 25795
- 25764
- 25641
- 25793
- 25803
- 25806

Download

1.31.85 - 5006477 (April 10, 2023)

Scripts

CommonServerPython

Updated the "FeedIndicatorType" class adding Software as an indicator.

Related pull requests:
- 25392

Download

1.31.84 - 4970096 (April 4, 2023)

Scripts

CommonServerPython

Fixed mypy linter errors.

Related pull requests:
- 25709

Download

1.31.83 - 4957579 (April 3, 2023)

Scripts

CommonServerPython

Fixed mypy linter errors.

Related pull requests:
- 25628

Download

1.31.82 - R4954430 (April 2, 2023)

Scripts

CommonServerPython

Updated the Docker image to: demisto/python:2.7.18.52566.
Changed the XML parsing to be more secure.

Related pull requests:
- 23980

Download

1.31.81 - 4927074 (March 29, 2023)

Scripts

CommonServerPython

Added the ability for send_events_to_xsiam method to split an event to smaller chunks of 1 Mib.

Related pull requests:
- 25467

Download

1.31.80 - 4885523 (March 23, 2023)

Scripts

CommonServerPython

Added the convert_dict_values_bytes_to_str which converts byte values to str.

Related pull requests:
- 24716

Download

1.31.79 - 4872060 (March 22, 2023)

Scripts

CommonServerPython

Fixed an issue where profiling dump functionality could not be used in long running integrations that use Flask applications.

Related pull requests:
- 25402

Download

1.31.78 - 4856877 (March 20, 2023)

Scripts

CommonServerPython

Fixed an issue where empty strings were caught by the IPv4 regex.

Related pull requests:
- 25365

Download

1.31.77 - 4851609 (March 19, 2023)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.49376.
Fixed an issue when generating a section with grid field didn't keep the order of the columns.

Related pull requests:
- 25371

Download

1.31.76 - 4830321 (March 16, 2023)

Scripts

CommonServerPython

Updated the URL regex to capture IPs with ports and removed port from IP regex.

Related pull requests:
- 25243

Download

1.31.75 - 4822012 (March 15, 2023)

Scripts

DBotFindSimilarIncidentsByIndicators

Updated the Docker image to: demisto/ml:1.0.0.49819.

DrawRelatedIncidentsCanvas

Updated the Docker image to: demisto/sklearn:1.0.0.49796.

FindSimilarIncidentsByText

Updated the Docker image to: demisto/sklearn:1.0.0.49796.

CommonServerPython

Fixed an issue where using fetch incidents with the lookback parameter did not fetch new incidents.

Related pull requests:
- 25150

Download

1.31.73 - R4818573 (March 15, 2023)

Scripts

CommonServerPython

Added support for the sort parameter in the IndicatorsSearcher class, which enables sorting of retrieved indicators based on specific criteria.
Fixed an issue where domainRegex and hashRegex had duplicate declarations.

Related pull requests:
- 25047

Download

1.31.71 - 4771215 (March 8, 2023)

Scripts

CreateIndicatorRelationship

Updated the Docker image to: demisto/python3:3.10.10.48392.
Documentation and metadata improvements.

GetIncidentsByQuery

Updated the Docker image to: demisto/python3:3.10.10.48392.
Documentation and metadata improvements.

FindSimilarIncidentsByText

Updated the Docker image to: demisto/sklearn:1.0.0.47448.
Documentation and metadata improvements.

Related pull requests:
- 23716

Download

1.31.70 - 4760018 (March 7, 2023)

Scripts

CommonServerPython

Updated the URL regex in CommonServerPython to not allow "1" as a valid IP.

Related pull requests:
- 25067

Download

1.31.69 - 4722159 (March 1, 2023)

Scripts

CommonServerPython

Fixed a bug where urlRegex would capture only partial URLs in some occasions.

Related pull requests:
- 24944

Download

1.31.68 - R4718798 (March 1, 2023)

Scripts

CommonServerPython

Fixed an issue where the look_back parameter, in integrations supporting the look-back functionality, was empty.

Related pull requests:
- 24849

Download

1.31.67 - 4671518 (February 22, 2023)

Scripts

CommonServerPython

Added support for retries when sending events into XSIAM in case there are api limit errors.
Updated the Docker image to: demisto/python:2.7.18.49010.
Updated the auto_detect_indicator_type function to auto refang indicators prior to checking them.

Related pull requests:
- 24675

Download

1.31.65 - 4657716 (February 21, 2023)

Scripts

CommonServerPython

Added sort_headers parameter to the tableToMarkdown function to allow unsorting of the table's headers.
Updated the Docker image to: demisto/python:2.7.18.49010.

Related pull requests:
- 24686

Download

1.31.64 - R4651406 (February 20, 2023)

Scripts

StixParser

Updated the Docker image to: demisto/taxii:1.0.0.48109.
Added support for input files containing indicators in value IN ('value1', 'value2', …) format.

Related pull requests:
- 24635

Download

1.31.63 - R4618697 (February 15, 2023)

Scripts

CommonServerPython

Fixed an issue in appendContext where appending list of dictionary to a key containing a dictionary failed.

Related pull requests:
- 24478

Download

1.31.62 - 4565113 (February 8, 2023)

Scripts

DBotTrainTextClassifierV2

Fixed an issue where the automation DBotTrainTextClassifierV2 failed to run.
Updated the Docker image to: demisto/ml:1.0.0.47457.

Related pull requests:
- 24373

Download

1.31.61 - 4560457 (February 7, 2023)

Scripts

CommonServerPython

Fixed an issue where the URL regex did not capture IP based defanged URLs.
Fixed an issue where the URL regex did not capture the extension of the file in the path.
Fixed an issue where the default value of the ContentType for ExecutionMetrics was JSON and not a string.

Related pull requests:
- 24272

Download

1.31.59 - 4527513 (February 2, 2023)

Scripts

CommonServerPython

Fixed an issue with URL regex not accepting defanged colons in URLs.

Related pull requests:
- 23974

Download

1.31.58 - 4506096 (January 31, 2023)

Scripts

CommonServerPython

Fixed in issue where only lowercase emails were detected in CommonServerPython. emailRegex is now case insensitive.

Related pull requests:
- 24183

Download

1.31.57 - 4494864 (January 29, 2023)

Scripts

DBotTrainTextClassifierV2

Fixed an issue where custom labels resulted in an error.
Updated the Docker image to: demisto/ml:1.0.0.45981.

DBotBuildPhishingClassifier

Fixed an issue where custom labels resulted in an error.
Updated the Docker image to: demisto/ml:1.0.0.45981.

Related pull requests:
- 23844

Download

1.31.56 - 4477986 (January 26, 2023)

Scripts

CommonServerPython

Added the replace_spaces_in_credential function that replaces spaces in a credential (from type: 9) with break lines.

Related pull requests:
- 24104

Download

1.31.55 - 4427603 (January 19, 2023)

Scripts

CommonServerPython

Added the is_filename_valid function that checks if the filename contains invalid characters.

Related pull requests:
- 23919

Download

1.31.54 - R4413860 (January 17, 2023)

Scripts

CommonServer

Fixed an issue where comparing server versions did not work as expected.

Related pull requests:
- 23667

Download

1.31.53 - R4361094 (January 9, 2023)

Scripts

CommonServerPython

Added support for Tags in CommandResults class in CommonServerPython.

DrawRelatedIncidentsCanvas

Updated the Docker image to: demisto/sklearn:1.0.0.43324.
Updated script metadata.

Related pull requests:
- 23551

Download

1.31.51 - 4295766 (December 28, 2022)

Scripts

CommonServerPython

Improved the error shown when failing to parse a request response.

Related pull requests:
- 23355

Download

1.31.50 - 4285391 (December 27, 2022)

Scripts

CommonServerPython

Added to SSLAdapter class support for HTTPAdapter initialization arguments.
Updated the URL regular expression.
Fixed an issue in look-back functionality where incident ids were removed from the last-run before finished fetching all incidents in the same time.
Added the optional Publications field to the CVE indicator.

Related pull requests:
- 22287

Download

1.31.45 - 4220433 (December 14, 2022)

Scripts

CommonServerPython

Added support for SSL legacy renegotiation when enabling the Trust any certificate parameter.

Related pull requests:
- 23008

Download

1.31.44 - 4197844 (December 11, 2022)

Scripts

SearchIndicatorRelationships

Updated the Docker image to: demisto/python3:3.10.9.40422.
Added the options "detects", "detected-by" and "located-at" for the relationships argument.

CommonServerPython

Added the names "detects", "detected-by" and "located-at" for relationship type.

CreateIndicatorRelationship

Updated the Docker image to: demisto/python3:3.10.9.40422.
Added the options "detects", "detected-by" and "located-at" for the relationship and reverse_relationship arguments.

Related pull requests:
- 22564

Download

1.31.43 - 4183367 (December 9, 2022)

Scripts

CommonServerPython

Improved implementation of send_events_to_xsiam, the function will now add the fields _final_reporting_device_name, _collector_type and _collector_name to all events. The fields will display the integration's url, integration's name and the name of the instance that collected the event.

Related pull requests:
- 22615

Download

1.31.42 - 4179430 (December 8, 2022)

Scripts

CommonServerPython

Added support for the Identity, Location and Vulnerability indicator-types.

Related pull requests:
- 22663

Download

1.31.41 - 4152557 (December 5, 2022)

Scripts

CommonServerPython

Updated the Docker image to: demisto/python:2.7.18.37800.
Updated the URL regular expression.
Updated the IPv6 regular expression.

Related pull requests:
- 22466
- 22577
- 22563
- 22526
- 22567
- 22021
- 22124
- 20857
- 21856
- 22088
- 21530
- 22117
- 21379
- 21901
- 22062
- 22136
- 22020
- 22120
- 22141
- 22133
- 22139
- 22140
- 22144
- 21715
- 21258
- 21695
- 21830
- 21863
- 21996
- 22018
- 22029
- 14484
- 14439
- 14469
- 14483
- 14380
- 14422
- 14465
- 14442
- 14490
- 14492
- 14493
- 14130
- 14489
- 14382
- 14502
- 14124
- 14482
- 14503
- 14499
- 14466
- 12770
- 14501
- 14375
- 12795
- 14350
- 14507
- 13848
- 14378
- 13857
- 14512
- 14384
- 14516
- 14500
- 14481
- 14464
- 14522
- 14459
- 14525
- 14523
- 14076
- 14532
- 14368
- 14519
- 14455
- 13905
- 14537
- 14540
- 14538
- 14372
- 14072
- 14524
- 14498
- 14536
- 14302
- 14550
- 14505
- 14542
- 14468
- 14555
- 14556
- 14541
- 14526
- 14552
- 12335
- 14529
- 14561
- 14470
- 14331
- 13676
- 14475
- 11589
- 14568
- 14569
- 14565
- 13875
- 14558
- 13550
- 14578
- 14579
- 13902
- 14583
- 14511
- 14557
- 14585
- 14587
- 14476
- 14451
- 14596
- 14553
- 14517
- 14508
- 14605
- 14609
- 14607
- 14599
- 14480
- 14600
- 14545
- 14608
- 14604
- 14548
- 14543
- 14602

Download

1.31.40 - 4137548 (December 2, 2022)

Scripts

CommonServerPython

Updated the Docker image to: demisto/python:2.7.18.37800.
Updated the IP regular expression.

Related pull requests:
- 22590

Download

1.31.39 - R4116031 (November 29, 2022)

Scripts

CommonServerPython

Fixed an issue where the argToList method fails when parsing non json strings with square brackets.
Added the option of Unknown to Endpoint Status Options.

Related pull requests:
- 22289

Download

1.31.37 - 4074691 (November 21, 2022)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.37614.
Fixed an issue where incident's close data was invalid.
Fixed an issue where decimal values in decimal formatted charts were rounded.

Related pull requests:
- 22380

Download

1.31.36 - 4060486 (November 18, 2022)

Scripts

CommonServerPython

Fix ImportError of pytz.

Related pull requests:
- 22325

Download

1.31.35 - 4049710 (November 16, 2022)

Scripts

CommonServerPython

Added a regular expression for domains.
Fix look back feature to support timezone aware dates.

Related pull requests:
- 22263

Download

1.31.33 - 4042228 (November 15, 2022)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.37454.
Fixed an issue where images did not display well.
Fixed an issue where applying color to a markdown based report affected the instance.

Related pull requests:
- 22256

Download

1.31.32 - 3982079 (November 6, 2022)

Scripts

CommonServerPython

Internal code improvements.

Related pull requests:
- 21879

Download

1.31.31 - 3943002 (October 30, 2022)

Scripts

SanePdfReports

Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.36838.
- Fixed an issue where panels would overlap each other.
- Fixed an issue where the report date was missing.

StixParser

Fixed an issue where report indicators were not parsed.

Related pull requests:
- 21945

Download

1.31.29 - 3940849 (October 30, 2022)

Scripts

CommonServerPython

Fixed an issue where is_demisto_version_ge was returning the wrong result when comparing version 6.10 with versions below.

SanePdfReports

Fixed an issue where markdown images were not being displayed in reports.
Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.35907.

Related pull requests:
- 21873

Download

1.31.28 - 3921089 (October 26, 2022)

Scripts

StixParser

Added support for all STIX types (that have a Cortex XSOAR equivalent).
Updated the Docker image to: demisto/taxii:1.0.0.31644.

Related pull requests:
- 21290
- 21879

Download

1.31.27 - R3910837 (October 25, 2022)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 21606

Download

1.31.26 - 3755666 (September 29, 2022)

Scripts

CommonServerPython

Added the contents of successful command execution results to the summary when running run_commands_with_summary.

Related pull requests:
- 21343

Download

1.31.25 - 3745478 (September 28, 2022)

Scripts

StixParser

Updated the Docker image to: demisto/stix:1.0.0.34906. This Update fixes a parsing error for STIX in MAEC format.

Related pull requests:
- 21514

Download

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	August 2, 2020
Last Release	September 20, 2023

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.