Runs validation and linting using the Demisto SDK on content items, such as integrations, automations and content packs. This automation script is used as part of the content validation that runs as part of the contribution flow.
Base
- Details
- Content
- Dependencies
- Version History
The base pack for Cortex XSOAR.
Automations
| Name | Description |
|---|---|
| ValidateContent | |
| HighlightWords | Highlight words inside a given text. |
CommonServer | Common code that will be merged into each server script when it runs |
| GetIncidentsByQuery | Gets a list of incident objects and the associated incident outputs that This automation runs using the default Limited User role, unless you explicitly change the permissions. |
| GetMLModelEvaluation | Finds a threshold for ML model, and performs an evaluation based on it |
| DBotPreProcessTextData | Pre-process text data for the machine learning text classifier. |
StixParser | Parse STIX files to Cortex XSOAR indicators by clicking the Upload STIX File button. |
DBotTrainClustering | Train clustering model on any incident type. |
| DBotPredictPhishingWords | Predict text label using a pre-trained machine learning phishing model, and get the most important words used in the classification decision. |
WordTokenizerNLP | Deprecated. Use DBotPreProcessTextData instead. |
SaneDocReports | Parse Sane-json-reports and export them as docx files (used internally). |
DBotFindSimilarIncidents | Find past similar incidents based on incident fields' similarity. Includes an option to also display indicators similarity. |
| SearchIndicatorRelationships | This automation outputs the indicator relationships to context according to the provided query, using the entities, entityTypes, and relationships arguments. All arguments will use the AND operator. For example, using the following arguments entities=8.8.8.8 entities_types=Domain will provide only relationships that the 8.8.8.8 indicator has with indicators of type domain. |
CreateIndicatorRelationship | This automation creates a relationship between indicator objects. |
| DBotTrainTextClassifierV2 | Train a machine learning text classifier. |
DeleteIndicatorRelationships | This automation allows to delete a relationship between indicator objects based on the relationship id. |
| SanePdfReports | Parse Sane-json-reports and export them as pdf files (used internally). |
DBotSuggestClassifierMapping | Deprecated. No available replacement. Suggests a classifier mapping based on an advanced name matching algorithm. |
CommonServerPython | Common code that will be merged into each server script when it runs. |
DrawRelatedIncidentsCanvas | Draw incidents and indicators on the canvas to map and visualize their connections. |
CommonServerPowerShell | Common code that will be merged into each PowerShell script/integration when it runs |
FindSimilarIncidentsByText | Find similar incidents by text comparison - the algorithm based on TF-IDF method. This automation runs using the default Limited User role, unless you explicitly |
DBotMLFetchData | Deprecated. No available replacement. Collect telemetry data from the environment. |
DBotShowClusteringModelInfo | Show clustering model information - model summary and incidents in specific cluster. |
| DBotBuildPhishingClassifier | Create a phishing classifier using machine learning technique, based on email content. |
| CheckDockerImageAvailable | Check if a docker image is available for performing docker pull. Script simulates the docker pull flow but doesn't actually pull the image. Returns an entry with 'ok' if all is good otherwise will return an error. |
DBotFindSimilarIncidentsByIndicators | Finds similar incidents based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity. |
| GetIndicatorsByQuery | Gets a list of indicator objects and the associated indicator outputs that match the specified query and filters. The results are returned in a structured data file. |
Dashboards
| Name | Description |
|---|---|
System Health |
Automations
| Name | Description |
|---|---|
| ValidateContent | Runs validation and linting using the Demisto SDK on content items, such as integrations, automations and content packs. This automation script is used as part of the content validation that runs as part of the contribution flow. |
| HighlightWords | Highlight words inside a given text. |
CommonServer | Common code that will be merged into each server script when it runs |
| GetIncidentsByQuery | Gets a list of incident objects and the associated incident outputs that This automation runs using the default Limited User role, unless you explicitly change the permissions. |
| GetMLModelEvaluation | Finds a threshold for ML model, and performs an evaluation based on it |
| DBotPreProcessTextData | Pre-process text data for the machine learning text classifier. |
StixParser | Parse STIX files to Cortex XSIAM indicators by clicking the Upload STIX File button. |
DBotTrainClustering | Train clustering model on any incident type. |
| DBotPredictPhishingWords | Predict text label using a pre-trained machine learning phishing model, and get the most important words used in the classification decision. |
WordTokenizerNLP | Deprecated. Use DBotPreProcessTextData instead. |
SaneDocReports | Parse Sane-json-reports and export them as docx files (used internally). |
DBotFindSimilarIncidents | Find past similar incidents based on incident fields' similarity. Includes an option to also display indicators similarity. |
| SearchIndicatorRelationships | This automation outputs the indicator relationships to context according to the provided query, using the entities, entityTypes, and relationships arguments. All arguments will use the AND operator. For example, using the following arguments entities=8.8.8.8 entities_types=Domain will provide only relationships that the 8.8.8.8 indicator has with indicators of type domain. |
CreateIndicatorRelationship | This automation creates a relationship between indicator objects. |
| DBotTrainTextClassifierV2 | Train a machine learning text classifier. |
DeleteIndicatorRelationships | This automation allows to delete a relationship between indicator objects based on the relationship id. |
| SanePdfReports | Parse Sane-json-reports and export them as pdf files (used internally). |
DBotSuggestClassifierMapping | Deprecated. No available replacement. Suggests a classifier mapping based on an advanced name matching algorithm. |
CommonServerPython | Common code that will be merged into each server script when it runs. |
DrawRelatedIncidentsCanvas | Draw incidents and indicators on the canvas to map and visualize their connections. |
CommonServerPowerShell | Common code that will be merged into each PowerShell script/integration when it runs |
FindSimilarIncidentsByText | Find similar incidents by text comparison - the algorithm based on TF-IDF method. This automation runs using the default Limited User role, unless you explicitly |
DBotMLFetchData | Deprecated. No available replacement. Collect telemetry data from the environment. |
DBotShowClusteringModelInfo | Show clustering model information - model summary and incidents in specific cluster. |
| DBotBuildPhishingClassifier | Create a phishing classifier using machine learning technique, based on email content. |
| CheckDockerImageAvailable | Check if a docker image is available for performing docker pull. Script simulates the docker pull flow but doesn't actually pull the image. Returns an entry with 'ok' if all is good otherwise will return an error. |
DBotFindSimilarIncidentsByIndicators | Finds similar incidents based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity. |
| GetIndicatorsByQuery | Gets a list of indicator objects and the associated indicator outputs that match the specified query and filters. The results are returned in a structured data file. |
Required Content Packs (0)
| Pack Name | Pack By |
|---|
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
1.31.33 - 4042228 (November 15, 2022)
1.31.31 - 3943002 (October 30, 2022)
1.31.29 - 3940849 (October 30, 2022)
- 21873
Download
Scripts
CommonServerPython
- Fixed an issue where
is_demisto_version_gewas returning the wrong result when comparing version 6.10 with versions below.
SanePdfReports
- Fixed an issue where markdown images were not being displayed in reports.
- Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.35907.
- 21873
Download
1.31.24 - 3687475 (September 19, 2022)
- 21232
Download
Scripts
CommonServerPython
- Added the get_metric_list function to the ExecutionMetrics class. This function returns a list of all the metrics that were collected during the script's run.
- Added the Malware type to the FeedIndicatorType class.
- Improved implementation of Endpoint to include Vendor as a key field for comparisons.
- 21232
Download
1.31.10 - 3326856 (July 25, 2022)
1.31.9 - 3323751 (July 24, 2022)
1.31.4 - 3134111 (June 22, 2022)
- 19178
Download
Scripts
DBotTrainTextClassifierV2
- Updated the Docker image to: demisto/ml:1.0.0.30541.
DBotBuildPhishingClassifier
- Updated the Docker image to: demisto/ml:1.0.0.30541.
GetMLModelEvaluation
- Updated the Docker image to: demisto/ml:1.0.0.30541.
DBotPredictPhishingWords
- Updated the Docker image to: demisto/ml:1.0.0.30541.
GetIncidentsByQuery
- Updated the Docker image to: demisto/python3:3.10.4.30607.
DBotPreProcessTextData
- Updated the Docker image to: demisto/ml:1.0.0.30541.
- 19178
Download
1.31.1 - 3087003 (June 14, 2022)
- 19443
Download
Scripts
SearchIndicatorRelationships
- Updated the Docker image to: demisto/python3:3.10.4.30607.
- Removed excessive error traceback printing.
DeleteIndicatorRelationships
- Updated the Docker image to: demisto/python3:3.10.4.30607.
- Removed excessive error traceback printing.
CreateIndicatorRelationship
- Updated the Docker image to: demisto/python3:3.10.4.30607.
- Removed excessive error traceback printing.
- 19443
Download
1.30.10 - 3002096 (May 29, 2022)
Scripts
CommonServerPython
Improved ipv4cidrRegex, ipv6cidrRegex, and emailRegex.
1.30.9 - 2988482 (May 26, 2022)
Scripts
CommonServerPython
- Added to the AttackPattern class a new value attribute.
1.30.8 - 2979078 (May 25, 2022)
Scripts
CommonServerPython
- Added support for logging in CommandRunner.
1.30.7 - 2912810 (May 12, 2022)
Scripts
CommonServerPython
- Documentation improvements.
1.30.6 - 2899700 (May 10, 2022)
Scripts
CommonServerPython
- Improved the behavior of the send_events_to_xsiam function in cases it is given no events.
- Added to EntryType class the VIDEO_FILE and STATIC_VIDEO_FILE Enums.
1.30.2 - 2848830 (May 1, 2022)
1.30.0 - 2773920 (April 17, 2022)
Scripts
CommonServerPython
- Added the YMLMetadataCollector classes for the generate_yml_from_python demisto_sdk command.
- Added new function send_events_to_xsiam to allow collection integration to save events in XSIAM server.
1.19.9 - 2765507 (April 15, 2022)
Scripts
CommonServerPython
- Added the transform argument to the argToList function.
1.19.8 - 2745974 (April 12, 2022)
Scripts
SearchIndicatorRelationships
- Fixed an issue where the script returned an unexpected error in XSOAR version 6.6.0.
- Updated the Docker image to: demisto/python3:3.10.4.27798.
GetIndicatorsByQuery
- Updated the Docker image to: demisto/python3:3.10.4.27798.
- Fixed lint issues.
CommonServerPython
- Added the
content_formatfield to CommandResults.
1.19.5 - 2713867 (April 6, 2022)
Scripts
SanePdfReports
- Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.27759.
- Fixed an issue where missing data would cause a table section to render erroneously.
- Fixed an issue where report headers would be displayed when the disableHeaders argument was
True.
1.19.4 - 2674843 (March 30, 2022)
Scripts
CommonServerPython
- Added type validations and other internal code improvements.
- Added type validations and other internal code improvements.
GetMLModelEvaluation
- Added type validations and other internal code improvements.
SaneDocReports
- Added type validations and other internal code improvements.
1.19.2 - 2657207 (March 28, 2022)
Scripts
CommonServerPython
- Added generic methods to be used in fetch-incidents commands implementing the look-back functionality, which addresses cases where incidents are indexed on the 3rd-party products after their creation time and thus not fetched.
- Updated Docker image to demisto/python:2.7.18.27799.
- Added the create_indicator_result_with_dbotscore_unknown. Use this function when an API response to an indicator is not found.
1.19.0 - 2654641 (March 27, 2022)
Scripts
CommonServerPython
- Added the execute_commands function for executing multiple commands.
- Added an option to create a generic CommandRunner for a script that wraps several commands from different integrations.
See CommandRunner Documentation.
1.18.22 - 2631562 (March 23, 2022)
Scripts
CommonServerPython
- Added the message parameter into the DBotScore class.
1.18.21 - 2624637 (March 22, 2022)
Scripts
CommonServerPython
- Added the function get_pack_version which extracts the pack version by several queries.
1.18.20 - 2615718 (March 20, 2022)
Scripts
CommonServer
Fixed an issue where the code was not compatible with ES5.
1.18.19 - 2593688 (March 16, 2022)
Scripts
CommonServer
- Added the function mergeVersionedIntegrationContext to update the integration context. (This method behaves similarly to set_to_integration_context_with_retries in CommonServerPython).
CommonServerPython
Added the add_sensitive_log_strs function to mask sensitive strings in all loggers.
1.18.17 - R2589896 (March 16, 2022)
Scripts
CreateIndicatorRelationship
- The entity_b_type argument is no longer required.
- Fixed an issue where the CreateIndicatorRelationship command would fail when using the entity_b_query argument without providing the entity_b_type argument.
1.18.16 - 2536574 (March 8, 2022)
Scripts
SanePdfReports
- Docker image has been updated to: demisto/sane-pdf-reports:1.0.0.27172.
- Added the tableTextMaxLength argument for limiting the maximum text length of table cells.
CreateIndicatorRelationship
- Added an exception in cases where the entity_b_type parameter is not supplied.
1.18.14 - 2510561 (March 3, 2022)
Scripts
CommonServerPython
- Fixed an issue in the email regex value where it accepted spaces as part of the email address.
1.18.13 - 2507216 (March 3, 2022)
Scripts
DBotSuggestClassifierMapping
- Updated the script to Python 3.
GetIncidentsByQuery
- Changed the default values of the limit and the pageSize parameters.
CommonServerPython
- Added the remove_duplicates_from_list_arg function for removing duplicated items in list arguments.
1.18.10 - 2475198 (February 25, 2022)
Scripts
CommonServerPython
- Add support for lists and nested items in tableToMarkdown when using JsonTransformer argument.
GetIncidentsByQuery
- Added verification that query was parsed correctly.
DBotBuildPhishingClassifier
- Added support for the case when query argument is an empty string.
1.18.8 - 2419785 (February 15, 2022)
Scripts
CommonServerPython
- Internal code improvements.
GetIncidentsByQuery
Added support for splitting the populateFields argument into a list separated by "|" together with a comma-separated list.
1.18.6 - 2340785 (February 1, 2022)
Scripts
CommonServerPython
- UrlRegex: Enhanced the URL regex with the following:
- Added support to IPv6 based IPs.
- Added support for defanged URLs.
- Added support for Integer based IPs.
- Added support for octet based IPs.
- Added support for hex based IPs.
1.18.5 - 2318351 (January 27, 2022)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.18.4 - 2267744 (January 18, 2022)
Scripts
CommonServerPython
- Improved implementation of calculation of memory footprint of objects.
- Improved implementation for printing values.
- You can now see the modules memory footprint in the profiling dump.
1.18.3 - 2244042 (January 12, 2022)
Scripts
DBotFindSimilarIncidentsByIndicators
Added query argument.
1.18.2 - 2233034 (January 10, 2022)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.18.1 - 2214870 (January 6, 2022)
Scripts
DBotFindSimilarIncidentsByIndicators
- Change context field name from DBotFindSimilarIncidents to DBotFindSimilarIncidentsByIndicators.
1.18.0 - 2204013 (January 4, 2022)
Scripts
CommonServerPython
- Added the register_module_line and the fix_traceback_line_numbers functions.
Use fix_traceback_line_numbers on calls made to traceback.format_exc() in order to match the traceback line numbers with the integration/script source code.
1.17.7 - 2179441 (December 29, 2021)
Scripts
CommonServerPython
- Added support to control HTTP read timeout via server advanced coninguration.
- Added the get_last_mirror_run and set_last_mirror_run functions to support the new setLastMirrorRun, getLastMirrorRun server mirroring commands.
1.17.5 - 2167894 (December 27, 2021)
Scripts
DBotShowClusteringModelInfo
- Updated the Docker image to: demisto/python3:3.9.8.24399.
DeleteIndicatorRelationships
- Updated the Docker image to: demisto/python3:3.9.8.24399.
SearchIndicatorRelationships
- Updated the Docker image to: demisto/python3:3.9.8.24399.
1.17.4 - R2146019 (December 21, 2021)
Scripts
CommonServerPython
- Fixed a typo in a log message.
1.17.3 - 2132227 (December 18, 2021)
Scripts
CommonServerPython
- Use signal profiling dump only on non-Windows OS.
1.17.2 - 2130530 (December 18, 2021)
Scripts
CommonServerPython
- Added memory dump to the thread dump capability when receiving a signal.
- Maintenance and stability enhancements.
1.16.6 - 2083673 (December 9, 2021)
Scripts
CommonServerPython
- Added the
register_signal_handler_threads_dumpfunction which adds the ability to do a thread dump with a signal.
ValidateContent
- Maintenance and stability enhancements.
- Update the Docker image to: demisto/xsoar-tools:1.0.0.25075
SanePdfReports
- Update the Docker image to: demisto/sane-pdf-reports:1.0.0.25047
1.16.3 - 2037725 (December 1, 2021)
Scripts
SanePdfReports
- Fixed an issue in which the report was not rendering properly
- Update the Docker image to: demisto/sane-pdf-reports:1.0.0.24958
CheckDockerImageAvailable
- Updated the Docker image to: demisto/python:2.7.18.24398.
HighlightWords
- Updated the Docker image to: demisto/python:2.7.18.24398.
1.16.0 - 2028555 (November 30, 2021)
Scripts
CommonServerPython
- Added the json_transform_mapping argument to tableToMardown. to set properties to transform complex JSONs to markdown.
- Added the is_auto_json_transform argument to tableToMardown to try transforming complex JSONs automatically.
1.15.9 - 2026003 (November 29, 2021)
Scripts
SanePdfReports
- Update the Docker image to: demisto/sane-pdf-reports:1.0.0.24891
1.15.8 - 2020903 (November 28, 2021)
Scripts
Multiple Scrips Changes:
Added reference to permissions in description and README.
- FindSimilarIncidentsByText
- GetIncidentsByQuery
1.15.7 - 2009340 (November 25, 2021)
Scripts
CommonServerPython
- Fixed an issue where arg_to_number did not handle unicode object on python 2.7.
1.15.6 - 1999336 (November 23, 2021)
Scripts
CommonServerPython
- Updated the way IndicatorsSearcher searches for indicators when using iterator.
CreateIndicatorRelationship
- Updated the way indicators are loaded before updating their relationships.
GetIndicatorsByQuery
- Updated the way indicators are loaded.
1.15.5 - 1959372 (November 16, 2021)
Scripts
CommonServerPython
- Fixed an issue where escaping the backtick character ( ` ) was not handled correctly in tableToMarkdown.
- Updated the Docker image to: demisto/python:2.7.18.24398.
1.15.4 - 1951840 (November 15, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.15.3 - 1947770 (November 14, 2021)
Scripts
CommonServerPython
- Improved sensitive data masking in the logger object. This fixes the case that URL-encoded strings of sensitive data were sometimes not obfuscated.
SanePdfReports
- Docker image has been updated to: demisto/sane-pdf-reports:1.0.0.24346.
- Improve auto page break.
- Display chart legend percentage with precision.
1.15.1 - 1938694 (November 12, 2021)
Scripts
CommonServerPython
Added the indicator_value_to_clickable function to get the indicators list and return a dictionary of clickable indicators.
- Maintenance and stability enhancements.
1.14.1 - 1926804 (November 10, 2021)
Scripts
CommonServerPython
- Fixed a bug in BaseClient class when choosing xml as resp_type which raised a python exception
1.14.0 - 1882648 (November 2, 2021)
Scripts
CommonServerPython
- Fixed a typo in the error message when trying to create an indicator with an unsupported score value.
Multiple Scripts Updated
Breaking Change The following breaking change applies for organizations that implement pre-set roles on their incidents:
DBotRole has been removed from these automations. This change will affect any playbook that is dependent on, or runs, these automations.
These automations will now run using the default Limited User role, unless you explicitly change the permissions.
For more information, see the section about permissions here:
https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-2/cortex-xsoar-admin/playbooks/automations.html
- GetIncidentsByQuery
- FindSimilarIncidentsByText
1.13.43 - 1855807 (October 27, 2021)
Scripts
CommonServerPython
- Changed emailRegex to limit the local part to 64 characters and the domain part to 253 characters per RFC3696.
1.13.42 - 1825451 (October 21, 2021)
Scripts
DBotTrainTextClassifierV2
Added instructions for validating that the ML model is correct before storing it.
CommonServerPython
- Added get_tenant_account_name function.
1.13.40 - 1820031 (October 20, 2021)
Scripts
WordTokenizerNLP
- Deprecated. Use DBotPreProcessTextData instead.
1.13.39 - 1790547 (October 13, 2021)
Scripts
CommonServerPython
- Changed pascalToSpace function to replace tokens in place, so tokens that are substrings of other tokens won't also be replaced.
1.13.38 - 1775750 (October 10, 2021)
Scripts
DBotBuildPhishingClassifier
Improved the memory consumption of the script.
1.13.37 - 7966081 (October 6, 2021)
Scripts
CommonServerPython
- Added the date_fields argument to the tableToMarkdown function to support displaying dates in a human-readable format.
1.13.36 - 7933644 (October 4, 2021)
Scripts
CommonServerPython
- Fixed an issue where the integration_name argument in the DBotScore was empty for 5.0.0 Servers.
1.13.35 - 7856211 (September 30, 2021)
Scripts
SaneDocReports
- Updated the Docker image to: demisto/sane-doc-reports:1.0.0.24118.
1.13.34 - 7789574 (September 26, 2021)
Scripts
CheckDockerImageAvailable
- Updated the Docker image to: demisto/python:2.7.18.24066.
HighlightWords
- Updated the Docker image to: demisto/python:2.7.18.24066.
1.13.33 - 7740378 (September 23, 2021)
Scripts
CreateIndicatorRelationship
- Updated the Docker image to: demisto/python3:3.9.7.24076.
DBotShowClusteringModelInfo
- Updated the Docker image to: demisto/python3:3.9.7.24076.
GetIncidentsByQuery
- Updated the Docker image to: demisto/python3:3.9.7.24076.
SearchIndicatorRelationships
- Updated the Docker image to: demisto/python3:3.9.7.24076.
1.13.32 - 7640590 (September 16, 2021)
Scripts
GetIndicatorsByQuery
- Updated the Docker image to: demisto/python3:3.9.7.24076.
DeleteIndicatorRelationships
- Updated the Docker image to: demisto/python3:3.9.7.24076.
1.13.31 - 7567740 (September 12, 2021)
Scripts
CommonServerPython
- Fixed an issue where the HTTP session failed to be closed when the BaseClient was used as global.
1.13.30 - 7526437 (September 9, 2021)
Scripts
DBotTrainTextClassifierV2
Improved the memory consumption of the script.
1.13.29 - 7423160 (September 2, 2021)
Scripts
CommonServer
- Added CSS border to the HTML returned table in the tableToHTNL function.
1.13.28 - 7371081 (August 31, 2021)
Scripts
SanePdfReports
- Docker image has been updated to: demisto/sane-pdf-reports:1.0.0.24026.
- Add support of markdown images
- Fix CSV report with script based table
1.13.27 - 7360649 (August 30, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
- Updated the Docker image to: demisto/python:2.7.18.24019.
1.13.26 - 7329260 (August 28, 2021)
Scripts
CommonServerPython
- Fixed an issue where there was an attempt to close a session that was not initialized.
1.13.25 - 7285831 (August 26, 2021)
Scripts
CommonServerPython
- add to_readable() to DBotScore object, returns the text representation of the score
1.13.24 - 7259008 (August 25, 2021)
Scripts
StixParser
- Fixed an issue where the automation script failed to parse SSDEEP values.
- Updated the Docker image to: demisto/stix:1.0.0.23135.
1.13.23 - 415742 (August 24, 2021)
Scripts
CommonServerPython
Changed the CustomIndicator Value field name to value.
1.13.22 - 415124 (August 23, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.13.21 - 414272 (August 20, 2021)
Scripts
CommonServer
- Fixed the months mapping of October and December in the month_names_short object.
1.13.20 - 412749 (August 18, 2021)
Scripts
CommonServerPython
- Added a new type of indicator - CustomIndicator.
1.13.19 - 411893 (August 16, 2021)
Scripts
CommonServerPython
- Fixed an issue where when given a specific case in the
_http_request()method, theresfield ofDemistoExceptionwould not be filled. - Added
resp_type=responseto return the rawRequests.responseobject.
1.13.18 - 411341 (August 15, 2021)
Scripts
CommonServerPython
- Added support to auto append
http://protocol to proxy urls configured without a protocol. This resolves issues seen where recent versions of urllib3 failed parsing proxy urls.
1.13.17 - 411157 (August 13, 2021)
Scripts
DBotFindSimilarIncidents
Fixed bug due to the updated Docker image.
DBotFindSimilarIncidentsByIndicators
Fixed bug due to the updated Docker image.
DBotTrainClustering
Fixed bug due to the updated Docker image.
1.13.16 - 411022 (August 12, 2021)
Scripts
SanePdfReports
- Docker image has been updated to: demisto/sane-pdf-reports:1.0.0.23912.
- Layouts containing pie graph sections with vertical legends have been improved.
1.13.15 - 410734 (August 12, 2021)
Scripts
DBotFindSimilarIncidents
- Updated the Docker image to: demisto/ml:1.0.0.23334.
DBotFindSimilarIncidentsByIndicators
- Updated the Docker image to: demisto/ml:1.0.0.23334.
DBotTrainClustering
- Updated the Docker image to: demisto/mlclustering:1.0.0.23151.
1.13.14 - 409479 (August 10, 2021)
Scripts
DBotPreProcessTextData
Added functionality for filtering texts in languages that differ from the language specified in the language argument.
DBotBuildPhishingClassifier
Added functionality for filtering texts in languages that differ from the language specified in the language argument.
DBotPredictPhishingWords
Added functionality for filtering texts in languages that differ from the language specified in the language argument.
DBotTrainClustering
Added option to use word level embedding for tf-idf.
1.13.12 - 408673 (August 8, 2021)
Scripts
CommonServerPython
- Allow update of IndicatorsSearcher._original_limit via the limit property.
1.13.11 - 406668 (August 5, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.13.10 - 404180 (July 30, 2021)
Scripts
CreateIndicatorRelationship
- Breaking Change: Removed the STIX prefix from the option list names in the entity_b_type argument.
- Added new entity types Campaign, Course of Action, Intrusion Set, Infrastructure to option list names in the entity_b_type argument.
- Updated the Docker image to: *demisto/python3:3.9.6.22912
1.13.9 - 403617 (July 28, 2021)
Scripts
DBotPredictPhishingWords
- Increased timeout.
- Updated the Docker image to: demisto/ml:1.0.0.20606.
DBotBuildPhishingClassifier
- Added the trainingAlgorithm argument that enables using different training modes for training a phishing classifier.
- Updated the Docker image to: demisto/ml:1.0.0.19023.
DBotPreProcessTextData
- Maintenance and stability enhancements.
- Updated the Docker image to: demisto/ml:1.0.0.20606.
GetIncidentsByQuery
- Maintenance and stability enhancements.
- Updated the Docker image to: demisto/python3:3.9.4.19537.
GetMLModelEvaluation
- Increased timeout.
- Updated the Docker image to: demisto/ml:1.0.0.15569.
DBotTrainTextClassifierV2
- Added the trainingAlgorithm argument that enables using different training modes for training a phishing classifier.
- Updated the Docker image to: demisto/ml:1.0.0.15569.
1.13.8 - 402821 (July 27, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
- Added the fail_on_error argument to the execute_command function.
- Added the Attack Pattern class to the Common class.
1.13.5 - 401551 (July 23, 2021)
Scripts
CommonServerPython
- Removed the integration_name argument from DBotScore. The integration name will automatically be determined by the DBotScore object.
1.13.4 - 401053 (July 22, 2021)
Scripts
CommonServerPython
- Improved handling of IndicatorsSearcher iterator when searchAfter is empty.
- Updated the Docker image to: demisto/python:2.7.18.22912.
1.13.3 - 398660 (July 16, 2021)
Scripts
CommonServerPython
- Improved sensitive data masking in the logger object. This fixes the case that JSON encoded strings of sensitive data were sometimes not obfuscated.
1.13.2 - 398245 (July 15, 2021)
Scripts
CheckDockerImageAvailable
- Updated the Docker image to: demisto/python:2.7.18.20958.
CommonServerPython
- Updated the Docker image to: demisto/python:2.7.18.20958.
DBotShowClusteringModelInfo
- Updated the Docker image to: demisto/python3:3.9.5.22665.
DBotSuggestClassifierMapping
- Updated the Docker image to: demisto/python:2.7.18.20958.
HighlightWords
- Updated the Docker image to: demisto/python:2.7.18.20958.
1.13.1 - 397182 (July 13, 2021)
Scripts
DBotMLFetchData
- Added BERT-based representation to the output.
- Updated the Docker image to: demisto/fetch-data:1.0.0.22177.
CommonServerPython
- Added an iterator for the IndicatorsSearcher class.
1.12.24 - 394234 (July 7, 2021)
Scripts
DBotTrainClustering
- Maintenance and stability enhancements.
DBotFindSimilarIncidents
- Updated the Docker image to: demisto/ml:1.0.0.21456.
1.12.23 - 393823 (July 6, 2021)
Scripts
SanePdfReports
- Docker image has been updated to: demisto/sane-pdf-reports:1.0.0.22268.
- Experimental pie chart labels support
- Optional table headers styling
- Markdown text alignment and styling support
- Duration section improvements
CreateIndicatorRelationship
- Fixed an issue where the File argument was misspelled.
CommonServerPowerShell
Updated the Docker image to: demisto/powershell:7.1.3.22028.
DBotTrainClustering
Fixed the number of clusters selected.
CommonServerPython
- Maintenance and stability enhancements.
1.12.18 - 392682 (July 5, 2021)
Scripts
SearchIndicatorRelationships
- Breaking Change: Remove the STIX prefix from the option list names in the entity_types argument.
- Added new entity types Campaign, Course of Action, Intrusion Set, Infrastructure to option list names in the entity_types argument.
- Updated the Docker image to: demisto/python3:3.9.5.21272.
1.12.17 - 392184 (July 2, 2021)
Scripts
CommonServerPython
- Added the execute_command wrapper function.
1.12.16 - 391562 (June 30, 2021)
Scripts
CommonServerPython
- Improved the default processing logic of integration parameters when None values are set.
1.12.15 - 391074 (June 29, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.12.14 - 389268 (June 24, 2021)
Scripts
DBotTrainClustering
- Fixed an issue where the script caused the associated widget to not work properly.
1.12.13 - 387494 (June 21, 2021)
Scripts
CreateIndicatorRelationship
- Fixed an issue where creating new relationships was not working for indicators that were already in the database.
1.12.12 - 386916 (June 20, 2021)
Scripts
CommonServer
- Added the getDemistoVersion and the isDemistoVersionGE methods to compare Cortex XSOAR server versions.
- Added the getVersionedIntegrationContext and the setVersionedIntegrationContext methods to support versioned integration cache (available from Cortex XSOAR version 6.2.0).
1.12.11 - 386517 (June 17, 2021)
Scripts
SaneDocReports
- Documentation and metadata improvements.
SanePdfReports
- Documentation and metadata improvements.
1.12.10 - 385669 (June 16, 2021)
Scripts
CommonServerPython
- Added the support_multithreading function which adds locking on the calls to the Cortex XSOAR server from the Demisto object.
1.12.9 - 385013 (June 15, 2021)
Scripts
DBotTrainClustering
- Maintenance and stability enhancements.
1.12.8 - 384775 (June 14, 2021)
Scripts
SanePdfReports
- Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.20952.
- 6.2 includes the following functionality changes for reports, dashboards, and widgets:
- Support the option to force print the full height for long widget tables and charts
- Responsive axis
- Label axis
- Support duration formats
- Support hiding 'Others' group
- New empty state showing no results returned
- Show borders
- Show the reference line
- Support date formatting
- Multiple bug fixes
- The legend order
- Show/Hide the legend
- Auto page widget breaks
- Labels and layout fixes
CommonServerPython
- Maintenance and stability enhancements.
1.12.6 - 383719 (June 13, 2021)
Scripts
CommonServer
- Fixed an issue where the isIPInSubnet method failed to detect the 0.0.0.0 IP address as part of its subnet.
1.12.5 - 383163 (June 10, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.12.4 - 379915 (June 7, 2021)
Scripts
DBotMLFetchData
- Documentation and metadata improvements.
SanePdfReports
- Documentation and metadata improvements.
DBotSuggestClassifierMapping
- Documentation and metadata improvements.
SaneDocReports
- Documentation and metadata improvements.
1.12.3 - 378296 (June 6, 2021)
Scripts
SaneDocReports
- Fixed an issue where incorrect bar chart values caused an error.
- Updated the Docker image to: demisto/sane-doc-reports:1.0.0.20692.
1.12.2 - 376689 (June 5, 2021)
Scripts
CommonServerPython
- Improved secrets mechanism detection and obfuscation of log prints.
1.12.1 - 376482 (June 4, 2021)
Scripts
CommonServerPowerShell
- Added usage of versioned integration context.
- Updated the Docker image to: demisto/powershell-ubuntu:7.1.3.20270.
1.12.0 - 376375 (June 3, 2021)
Scripts
DBotPreProcessTextData
- Maintenance and stability enhancements.
- Updated the Docker image to: demisto/ml:1.0.0.20606.
DBotPredictPhishingWords
- Maintenance and stability enhancements.
- Updated the Docker image to: demisto/ml:1.0.0.20606.
1.11.9 - 373941 (June 2, 2021)
Scripts
FindSimilarIncidentsByText
- Fixed an issue where the automation performed an all-time search even if a time frame was specified.
- Updated the Docker image to: demisto/sklearn:1.0.0.19770.
1.11.8 - R372947 (June 1, 2021)
Scripts
DBotTrainClustering
Added suffix in cases where clusters have the same name.
1.11.7 - 371040 (May 30, 2021)
Scripts
CreateIndicatorRelationship
- Maintenance and stability enhancements.
CommonServerPython
- Maintenance and stability enhancements.
- Maintenance and stability enhancements.
1.11.5 - 370262 (May 30, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.11.4 - 367553 (May 26, 2021)
Scripts
New: DBotShowClusteringModelInfo
- Show clustering model incidents
- Show clustering model summary
1.11.3 - 366242 (May 25, 2021)
Scripts
DBotPredictPhishingWords
Updated the Docker image to support the new version of the out-of-the-box model.
1.11.2 - 364719 (May 24, 2021)
Scripts
DBotTrainClustering
Added fields used for clustering to the output JSON.
1.11.1 - 363752 (May 24, 2021)
Scripts
CommonServerPython
- Fixed an issue where the is_demisto_version_ge method returned an incorrect response.
1.11.0 - 362239 (May 23, 2021)
Scripts
CommonServerPython
- Added new class ScheduledCommand - to be used with CommandResults.scheduled_command to configure the command to poll.
1.10.30 - 361149 (May 20, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
- Breaking Change Fixed an issue where using the Email context indicator class created the context with the wrong prefix ('EMAIL' instead of 'Email'). Please note: this is a backward compatibility break for the email command in the IPQualityScore and Threat Crowd v2 integrations
New: DBotTrainClustering
Train clustering model on any incidents type.
1.10.27 - 355114 (May 12, 2021)
Scripts
CommonServerPython
- Added the
entry_typefield to theCommandResultsconstructor.
Nonedefaults toEntryType.NOTE, as it did before adding this argument.
1.10.26 - 354205 (May 12, 2021)
Scripts
SearchIndicatorRelationships
- Maintenance and stability enhancements.
- Maintenance and stability enhancements.
DeleteIndicatorRelationships
- Maintenance and stability enhancements.
CreateIndicatorRelationship
- Maintenance and stability enhancements.
1.10.24 - 351231 (May 9, 2021)
Scripts
CommonServerPython
- Added new parameter for the class IndicatorsSearcher, filter_fields - comma separated fields to filter (e.g. "name,type").
GetIncidentsByQuery
- Improved implementation of the script in order to consume less memory.
- Updated the Docker image to: demisto/python3:3.9.4.18682.
1.10.22 - 349049 (May 6, 2021)
Scripts
New: DeleteIndicatorRelationships
- This automation allows to delete a relationship between indicator objects based on the relationship id. (Available from Cortex XSOAR 6.2.0).
CommonServerPython
- Maintenance and stability enhancements.
CreateIndicatorRelationship
- Maintenance and stability enhancements.
1.10.19 - 347778 (May 5, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
Maintenance and stability enhancements. - Fixed a bug where using search indicators indicators were duplicated in server version 6.1.0 or higher.
New: CreateIndicatorRelationship
Creates relationships between indicators (Available from Cortex XSOAR 6.2.0).
New: SearchIndicatorRelationships
Searches for relationships according to given arguments (Available from Cortex XSOAR 6.2.0).
1.10.15 - 346806 (May 5, 2021)
Scripts
CommonServerPython
- Fixed an issue in the Common class, which would cause a failure while using to_context on a list of FeedRelatedIndicators objects.
1.10.14 - 343943 (May 3, 2021)
Scripts
CommonServerPython
- Added new classes to the Common class:
- ThreatTypes.
- Publications.
- CommunityNotes.
- Added arguments to the IP, URL, File and Domain classes.
1.10.13 - 343491 (May 2, 2021)
Scripts
CommonServerPython
- Improved implementation of the return_results method in order to handle a list of mixed results objects.
1.10.12 - 342151 (May 2, 2021)
Scripts
DBotFindSimilarIncidents
- Removes duplicates for nested fields.
- Allows the user to use multi-select fields.
DBotMLFetchData
- Maintenance and stability enhancements.
DBotPreProcessTextData
- Added text preprocessing stage when applied on multiple inputs.
DBotPredictPhishingWords
- Updated preprocessing stage to be compatible with training.
1.10.10 - 341456 (May 1, 2021)
Scripts
FindSimilarIncidentsByText
- Maintenance and stability enhancements.
1.10.9 - 341097 (April 29, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.10.8 - 339883 (April 28, 2021)
Scripts
CommonServerPython
Added the following optional fields to the Endpoint indicator:
- Status
- Vendor
- IsIsolated
1.10.7 - 338750 (April 27, 2021)
Scripts
StixParser
- Fixed an issue where the script occasionally failed to parse IPv6 indicators.
- Upgraded the Docker image to: demisto/stix:1.0.0.19265.
CommonServerPython
- Improved support for relations between indicators.
1.10.5 - 337506 (April 26, 2021)
Scripts
ValidateContent
- Increased the timeout for the script to 10 minutes.
- Added support to run validation on single content items of all types.
- Upgraded the Docker image to demisto/xsoar-tools:1.0.0.19258.
CommonServerPython
- Updated the context key of relationships from Relations to Relationships.
1.10.3 - 336317 (April 25, 2021)
Scripts
DBotPredictPhishingWords
- Added support for predicting multiple emails at once.
DBotBuildPhishingClassifier
- Maintenance and stability enhancements.
CommonServerPython
- Fixed an unnecessary error that was raised while searching indicators.
1.10.1 - 334155 (April 22, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.10.0 - 332763 (April 21, 2021)
Scripts
CommonServerPython
- Added support to enable usage of the AutoFocus API key (XSOAR server version 6.2.0+).
- Added support for relations between indicators.
1.8.12 - 331662 (April 20, 2021)
Scripts
DBotPredictPhishingWords
- Updated the Docker image to: demisto/ml:1.0.0.19023.
DBotMLFetchData
- Updated the Docker image to: demisto/fetch-data:1.0.0.19057.
1.8.10 - 330475 (April 19, 2021)
Scripts
CommonServerPython
- Added an option to search indicators according to server version.
GetIndicatorsByQuery
- Fixed an issue where searching more than 10K indicators failed when using ElasticSearch.
1.8.9 - 327772 (April 13, 2021)
Scripts
DBotPredictPhishingWords
Updated the script to support the new version of the out-of-the-box model.
1.8.8 - 326870 (April 12, 2021)
Scripts
DBotFindSimilarIncidentsByIndicators
Fixed an issue where if you query an incident that does not exist, it will no longer cause an error.
DBotFindSimilarIncidents
Fixed an issue in the return format of the DBotFindSimilarIncidents automation. The Contents output will now be in JSON format.
CommonServerPython
- Added to CommandResults support for Polling Entry results, which enable integrations to run a polling sequence (server version 6.2.0+).
1.8.5 - 324227 (April 9, 2021)
Scripts
CommonServerPython
- Improved the error handling in the incoming mirroring flow.
1.8.4 - 323432 (April 8, 2021)
Scripts
CommonServerPython
- Fixed an issue in the Common class, which would cause a failure while using to_context on a list of FeedRelatedIndicators objects.
1.8.3 - 322974 (April 7, 2021)
Scripts
CommonServerPython
Modified the BaseClient._http_request function to mount the retry HTTP adapter to the session only if the number of retries was specified.
1.8.2 - 321670 (April 6, 2021)
Scripts
SanePdfReports
- Added support for automatic page breaks in reports:
- Charts will now automatically drop to a new page (including the header) if there is not enough space in the current page.
- Table rows and section fields will now drop to a new page in order to prevent text from spliting between pages.
- When a table widget will span across several pages, the column's header will repeat in each page.
- Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.18186.
1.8.1 - 317508 (April 2, 2021)
Scripts
New: DrawRelatedIncidentsCanvas
- Draw incidents and indicators on the canvas to map and visualize their connections.
DBotPredictPhishingWords
Made improvements that make this script easier to run from the Playground.
1.7.30 - 316394 (March 31, 2021)
Scripts
CommonServerPython
- Added the FeedRelatedIndicators class which Implements an interface for "FeedRelatedIndicators" extensions.
- Added the feed_related_indicators and the malware_family arguments to the IP, URL, File and Domain classes.
- Added the tags argument to the IP and URL classes.
- Added the organization_name and organization_type arguments to the IP class.
- Fixed an issue in BaseClient, which caused the request to ignore REQUEST_CA_BUNDLE when proxy was set to false.
1.7.28 - 311095 (March 22, 2021)
Scripts
CommonServerPython
Fixed an issue in the CommandResult.to_context function that would result in no DBotScore being created in the entry context while passing an indicator.
1.7.27 - 308339 (March 18, 2021)
Scripts
CommonServerPython
- Added support for the fetch-credentials command in the return_error function.
ValidateContent
- Maintenance and stability enhancements.
New: DBotFindSimilarIncidents
- Find past similar incidents based on incident fields' similarity. Includes an option to also display indicators similarity. (Available from Cortex XSOAR 5.0.0).
New: DBotFindSimilarIncidentsByIndicators
- Finds similar incidents based on indicators' similarity. Indicators' contribution to the final score is based on their scarcity. (Available from Cortex XSOAR 5.0.0).
1.7.23 - 303568 (March 14, 2021)
Scripts
CommonServerPowerShell
- Fixed the FileResult function to support file info entries.
1.7.22 - 300692 (March 10, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.7.21 - 296242 (March 5, 2021)
Scripts
New: ValidateContent
- Runs validation and linting on content items.
1.7.20 - 295871 (March 4, 2021)
Scripts
CommonServerPython
- Fixed an issue where TableToMarkdown modified the headers parameter when removeNull=True.
1.7.19 - 294860 (March 3, 2021)
Scripts
FindSimilarIncidentsByText
- The script will now run on a separate container.
1.7.18 - R293470 (March 2, 2021)
Scripts
SanePdfReports
- Fixed an issue where stacked charts could have been empty if the group by argument was not provided.
- Fixed an issue where line chart sizing in report could have gotten out of bounds.
- Added support for paddings in list widgets.
- Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.17031.
1.7.17 - 290267 (February 25, 2021)
Scripts
CommonServerPython
- Added an EMAIL class.
1.7.16 - R286068 (February 21, 2021)
Scripts
DBotMLFetchData
- Maintenance and stability enhancements.
1.7.15 - 282386 (February 16, 2021)
Scripts
1.7.14 - 280617 (February 14, 2021)
Scripts
CommonServerPython
- Deleted mirroring logging in GetRemoteDataResponse class that used an invalid key.
1.7.13 - 279146 (February 11, 2021)
Scripts
CommonServerPython
- Improved sensitive data masking in the logger object.
1.7.12 - 276438 (February 9, 2021)
Scripts
CommonServerPowerShell
- Fixed an issue in TableToMarkdown where the outputted table included the type of the object instead of its content.
- Upgraded the Docker image to demisto/powershell:7.1.1.16151.
1.7.10 - 275462 (February 8, 2021)
Scripts
DBotPredictPhishingWords
- When the emailsubject or emailBody arguments are empty, the script will access the value of those incident fields to obtain their values.
- Changed the logic of word highlighting.
- Updated the Docker image to: demisto/ml:1.0.0.16162.
1.7.9 - 270429 (February 3, 2021)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.7.8 - 269882 (February 2, 2021)
Scripts
CommonServerPowerShell
Added the ParseDateRange function to parse date ranges as "3 days".
DBotTrainTextClassifierV2
- Added support for tag fields of type list.
- Added support for non UTF-8 tag values.
- Updated the Docker image to: demisto/ml:1.0.0.15569.
1.7.6 - 269341 (February 2, 2021)
Scripts
DBotMLFetchData
The script now collects additional data:
- Whether or not an email is a forwarded message
- The average embeddings of the email subject
- Pre-process the subject email to remove [] prefixes
- Additional features that might indicate if the incident was closed automatically
GetMLModelEvaluation
- Updated the Docker image to: demisto/ml:1.0.0.15569.
1.7.4 - 266583 (January 30, 2021)
Scripts
CheckDockerImageAvailable
- Updated to support checking docker availability at xsoar-registry.
1.7.3 - 266021 (January 28, 2021)
Scripts
CommonServerPython
- Fixed an issue where several incident types were not extracted correctly in the GetMappingFieldsResponse class.
1.7.2 - 264879 (January 27, 2021)
Scripts
SanePdfReports
- Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.15795.
CommonServerPython
- Moved all IAM classes to separate module - IAMApiModule.
1.7.0 - R263971 (January 27, 2021)
Scripts
CommonServerPython
- Added the ability to mark an entry as a note for results of the CommandResults function by using the mark_as_note flag.
1.6.8 - 258053 (January 21, 2021)
Scripts
CommonServerPython
- Added the reliability argument to the DBotScore class.
1.6.7 - R256226 (January 19, 2021)
Scripts
CommonServerPython
- You can now log the return value from a function in debug mode when using the logger decorator.
1.6.6 - R253472 (January 16, 2021)
Scripts
CommonServerPowerShell
- Fixed an issue within the DemistoObject's GetIntegrationContext method, it will now support Cortex XSOAR version 5.5.0 and above.
1.6.5 - 249060 (January 11, 2021)
Scripts
CommonServerPython
- Added support for XML body in the generated cURL query in debug mode.
1.6.4 - 248485 (January 10, 2021)
Scripts
DBotBuildPhishingClassifier
- Upgraded the Docker image to demisto/ml:1.0.0.13629.
- The script will now run on a separate container.
1.6.3 - 244777 (January 6, 2021)
Scripts
CommonServerPython
- Internal code improvements.
1.6.2 - 242050 (January 4, 2021)
Scripts
CommonServerPython
- Added support for logging Python warnings.
1.6.1 - 237162 (December 29, 2020)
Scripts
CommonServerPython
- Added the cURL queries which are generated from the sent HTTP requests to the debug-mode log.
1.6.0 - 235964 (December 28, 2020)
Scripts
DBotMLFetchData
Updated the Docker image to: demisto/fetch-data:1.0.0.14842.
CommonServerPython
- Added the IAMUserAppData and IAMCommand classes to support generic implementation for IAM CRUD commands.
1.5.6 - 234922 (December 27, 2020)
Scripts
CommonServerPython
- Improved debug-mode logging.
1.5.5 - 228403 (December 21, 2020)
Scripts
SanePdfReports
- Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.14791.
1.5.4 - 226956 (December 20, 2020)
Scripts
- ##### GetIncidentsByQuery
- For efficient database queries, you should set the FromDate and toDate arguments.
1.5.3 - 226142 (December 20, 2020)
Scripts
CommonServerPython
- Improved the log formatter to remove sensitive URL query parameters.
1.5.2 - 224620 (December 17, 2020)
Scripts
CommonServerPython
Added support for clickable URL fields using the url argument in the tableToMarkdown method.
1.5.1 - 223270 (December 16, 2020)
Scripts
CommonServerPython
- Fixed an issue with the aws_table_to_markdown function which failed on empty list.
1.5.0 - 220344 (December 14, 2020)
Scripts
CommonServerPowerShell
- Fixed the setIntegrationContext method in the $Demisto class.
- Added new helper function - Convert to boolean from string.
1.4.5 - 215428 (December 9, 2020)
Scripts
CommonServerPython
- Added the tags field to the Domain indicator class.
1.4.4 - 214879 (December 8, 2020)
Scripts
CommonServerPython
- Updated BaseClient._http_request to include an optional argument of an empty codes list.
- Added CRYPTOCURRENCY to DBotScoreType.
- Added Cryptocurrency indicator context to Common.
1.4.2 - 211750 (December 6, 2020)
Scripts
CommonServerPython
- Fixed an issue encountered when using demisto/python3:latest docker image. Automation/Integration was failing with an error:
'timezone' is not defined.
1.4.1 - 210886 (December 5, 2020)
Scripts
CommonServerPython
- Added new function arg_to_number
- Added new function arg_to_datetime
- Improved how CommandResults handles empty lists provided as outputs
- Small bug fixes in CommandResults
1.3.42 - 209731 (December 3, 2020)
Scripts
CommonServerPython
- Added the Common.Certificate, Common.CertificatePublicKey, Common.CertificateExtension and Common.GeneralName classes to support the Certificate standard context.
1.3.41 - 202407 (November 26, 2020)
Scripts
CommonServerPython
- Added the GetModifiedRemoteDataArgs and GetModifiedRemoteDataResponse classes to support the get-modified-remote-data mirroring command.
1.3.40 - 194714 (November 20, 2020)
Scripts
GetIncidentsByQuery
Added support for wildcards in the incident types argument.
DBotMLFetchData
Updated support for custom phishing types in the incident fetch query.
DBotTrainTextClassifierV2
Updated calculation of minimum precision to be the minimum score of the precision per-class scores.
DBotPreProcessTextData
Removed log messages for texts that exceed the maximum allowed text length.
GetMLModelEvaluation
Merged the two result entries to a single entry.
DBotBuildPhishingClassifier
Added an enhancement to fetch only incidents of labels which are relevant for the model training.
1.3.38 - 189700 (November 16, 2020)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.3.37 - 188530 (November 15, 2020)
Scripts
CommonServerPython
- Added a default value for the url_suffix argument in the BaseClient _http_request method.
1.3.36 - 186511 (November 13, 2020)
Scripts
CommonServerPython
- Added support to IgnoreAutoExtract in the CommandResults object.
1.3.35 - 184310 (November 11, 2020)
Scripts
CommonServerPython
Removed log print of the object stored in the integration cache.
1.3.34 - 182227 (November 10, 2020)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.3.33 - R181757 (November 10, 2020)
Scripts
CommonServerPowerShell
- Fixed a bug in TableToMarkdown where boolean values of False were not shown.
- Fixed parsing of nested lists in TableToMarkdown.
1.3.32 - 176085 (November 5, 2020)
Scripts
CommonServerPython
- Fixed an issue where the tableToMarkdown method mishandled pipe characters (|) in the table headers.
1.3.31 - 173864 (November 4, 2020)
Scripts
CommonServerPython
Improved initial logging for debug-mode.
1.3.30 - 172814 (November 4, 2020)
Scripts
SanePdfReports
- Updated the script to stop all Chromium zombie processes when the script finishes.
- Updated the Docker image to: demisto/sane-pdf-reports:1.0.0.13239.
1.3.29 - 171979 (November 3, 2020)
Scripts
SaneDocReportsV2
- Updated the Docker image to demisto/sane-doc-reports:1.0.0.13194.
1.3.28 - 171369 (November 3, 2020)
Scripts
CommonServerPython
Improved sensitive data masking in the logger object.
1.3.27 - 170366 (November 2, 2020)
Scripts
SanePdfReports
- Updated the Docker image to demisto/sane-pdf-reports:1.0.0.13185.
1.3.26 - 168811 (November 1, 2020)
Scripts
CommonServerPython
- Added ACCOUNT to DBotScoreType
- Added Account indicator context to Common
1.3.25 - 167102 (October 31, 2020)
Scripts
DBotTrainTextClassifierV2
Converted the script to Python 3.
DBotPredictPhishingWords
Converted the script to Python 3.
1.3.24 - 166096 (October 29, 2020)
Scripts
GetMLModelEvaluation
Fixed a bug related to metrics display.
1.3.23 - 165801 (October 29, 2020)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.3.22 - R164151 (October 28, 2020)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.3.21 - 163183 (October 28, 2020)
Scripts
CommonServerPython
- Added support for lists of CommandResults objects to the return_results function.
- Deprecated CommandResults.indicators and added CommandResults.indicator to replace it.
1.3.20 - 157408 (October 23, 2020)
Scripts
CommonServerPython
- Modified the set_integration_context function to be agnostic to the version argument type.
1.3.19 - 156323 (October 22, 2020)
Scripts
GetMLModelEvaluation
Updated the script to Python 3.
DBotPreProcessTextData
Updated the script to Python 3.
1.3.18 - 155569 (October 21, 2020)
Scripts
CommonServerPython
Added the following classes, which are used in IAM integrations.
- IAMUserProfile
- IAMVendorActionResult
- IAMErrors*
1.3.17 - R152917 (October 20, 2020)
Scripts
DBotPreProcessTextData
Updated the script to Python 3.
1.3.16 - 142836 (October 12, 2020)
Scripts
- DBotTrainTextClassifierV2
Internal code improvements
1.3.15 - 141209 (October 11, 2020)
Scripts
GetIncidentsByQuery
Updated the script to Python 3.
1.3.14 - 137260 (October 6, 2020)
Scripts
GetIncidentsByQuery
Queries incidents in batches (paging). You can set the batch range by passing the pageSize argument. The default is 500.
1.3.13 - 136312 (October 6, 2020)
Scripts
CommonServerPython
- Fixed an issue where an unneeded import error was raised.
1.3.12 - 134224 (October 4, 2020)
Scripts
DBotTrainTextClassifierV2
Added a validation to check that phishingLabels is consistent with the input incidents.git
1.3.11 - 133716 (October 4, 2020)
Scripts
WordTokenizerNLP
Fixed a performance issue.
1.3.10 - 130392 (September 30, 2020)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.3.9 - 126522 (September 25, 2020)
Scripts
CommonServerPython
- Maintenance and stability enhancements.
1.3.8 - 125461 (September 24, 2020)
Scripts
DBotPredictPhishingWords
Added the language and tokenizer arguments, which enable you to get predictions for text in additional languages.
1.3.6 - R124496 (September 23, 2020)
Scripts
CommonServerPython
- Added support for SHA512 regex and parsing.
1.3.5 - 122808 (September 22, 2020)
Scripts
WordTokenizerNLP
Implemented maximum input text length permitted for pre-processing.
DBotPreProcessTextData
Texts that exceed the maximum text length for pre-processing are now discarded.
1.3.4 - 122344 (September 22, 2020)
Scripts
CommonServerPython
- Added
get_demisto_version_as_strandget_x_content_info_headersfunctions.
1.3.3 - 121319 (September 21, 2020)
Scripts
CommonServerPython
Fixed an issue in the debug logger output.
1.3.2 - 120455 (September 19, 2020)
Scripts
GetIncidentsByQuery
- Updated the script to execute using the DBot role.
- Upgraded the Docker image to 2.7.18.10627.
FindSimilarIncidentsByText
Updated the script to execute using the DBot role.
1.3.1 - 114702 (September 13, 2020)
Scripts
CommonServerPython
Improved handling of input for the parse_date_frame function.
1.3.0 - 114451 (September 13, 2020)
Scripts
SaneDocReports
- Maintenance and stability enhancements.
DBotMLFetchData
- Maintenance and stability enhancements.
DBotSuggestClassifierMapping
- Maintenance and stability enhancements.
SanePdfReports
- Maintenance and stability enhancements.
1.2.5 - 113234 (September 11, 2020)
Scripts
CommonServerPython
Added the timeline object to the CommandResult class.
1.2.4 - 112955 (September 10, 2020)
Scripts
DBotPredictPhishingWords
- Changed the name of the labelProbabilityThreshold argument to confidenceThreshold.
- Changed the default value of the run once parameter to true.
DBotTrainTextClassifierV2
Fixed a typo in an error message
1.2.3 - 112827 (September 10, 2020)
Scripts
CommonServerPowerShell
Added the TableToMarkdown method.
1.2.2 - 111755 (September 10, 2020)
Scripts
DBotPredictPhishingWords
- Maintenance and stability enhancements.
1.2.1 - 108852 (September 8, 2020)
Scripts
CommonServerPython
- Added the build_number argument to the is_demisto_version_ge function and adjusted the is_versioned_context_available function accordingly.
1.2.0 - 107362 (September 7, 2020)
Scripts
CommonServerPython
- Enhance function
dict_safe_get, Support nested list/dict, Return type validation.
1.1.22 - 104795 (September 5, 2020)
Scripts
CommonServerPython
Added the return_results function and the CommandResults class to the Script Helper documentation.
1.1.21 - 103101 (September 3, 2020)
Scripts
DBotMLFetchData
- Added "Created" field to collected features
1.1.20 - 101258 (September 2, 2020)
Scripts
New: GetIndicatorsByQuery
Returns indicators that match the defined query and exports them to a file.
1.1.19 - 100566 (September 1, 2020)
Scripts
SaneDocReports
- Fixed an issue regarding trend percentage calculation.
1.1.18 - 99057 (August 31, 2020)
Scripts
CommonServerPython
Maintenance and stability enhancements.
1.1.17 - 96898 (August 27, 2020)
Scripts
CommonServerPython
Fixed an issue in the return_outputs function where the content type was incorrect.
1.1.16 - 96628 (August 27, 2020)
Scripts
SaneDocReports
- Fixed an issue regarding the table readable headers.
1.1.15 - 95210 (August 26, 2020)
Scripts
CommonServerPython
- Fixed an issue with mirroring mapper scheme.
1.1.14 - 94020 (August 24, 2020)
Scripts
CommonServerPython
Added the following code objects, which simplifies creating widgets.
- TextWidget
- TrendWidget
- NumberWidget
- BarColumnPieWidget
- LineWidget
- TableOrListWidget
1.1.13 - 92954 (August 23, 2020)
Scripts
WordTokenizerNLP
- Updated the script docker image to the latest version.
1.1.12 - R89419 (August 17, 2020)
Scripts
CommonServerPython
- Added mirroring functionality as part of common code.
1.1.11 - 86723 (August 12, 2020)
Scripts
SaneDocReports
- Updated the sane-doc-reports Docker image.
- Fixed a typo in the duration minutes label.
1.1.10 - 84899 (August 10, 2020)
1.1.9 - 83548 (August 8, 2020)
Scripts
CommonServerPython
- Fixed an issue in which improper Context DT key was generated when only outputs_prefix was provided to the CommandResults object.
1.1.8 - R83038 (August 6, 2020)
Scripts
CommonServerPython
- added error_handler argument to BaseClient's http_request method. This argument retrieves the http request in case of an error and handles the error itself bypassing the client’s error handling.
1.1.7 - R79187 (August 2, 2020)
Scripts
SaneDocReports
- Updates the sane-doc-reports docker image
- Fixes markdown HTML tag inconsistencies.
- Fixes trend direction icons as well as edge cases when there are large values.
- Fixes markdown placeholder styles.
- Fixes an issue where an array would be returned instead of
0when the number is zero. - Fixes empty markdown page break elements not working.
PUBLISHER
Cortex
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | August 2, 2020 | |
| Last Release | November 22, 2022 |