IPStack: Open-source plugin #7

jschipp-r7 · 2019-06-11T17:07:40Z

Proposed Changes

Describe the proposed changes:

Open-source our IPStack plugin
Permission granted from service

PR Requirements

Developers, verify you have completed the following items by checking them off:

Functional Checklist

Work fully completed
Functional
- Any new actions/triggers include JSON test files in the tests/ directory created with ./run -c sample $action > tests/$action.json
- Tests should all pass unless it's a negative test. Negative tests have a naming convention of tests/$action_bad.json
- Unsuccessful tests should fail by raising an exception causing the plugin to die and an object should be returned on successful test
- Add functioning test results to PR, sanitize any output if necessary
  - Single action/trigger ./run -T tests/example.json -d -j
  - All actions/triggers shortcut ./run -T all -d -j (use PR format at end)
- Add functioning run results to PR, sanitize any output if necessary
  - Single action/trigger ./run -R tests/example.json -d -j
  - All actions/triggers shortcut ./run -R all -d -j (use PR format at end)

Assessment

You must validate your work to reviewers:

Run make validate and make sure everything passes
Run the assessment tool: ./run -A -R all -T all. For single action validation: ./run -A -R tests/my_action.json -T tests/my_action.json
Copy (./run ... | pbcopy) and paste the output in a new post on this PR.
Add UI screenshot of the workflow used for testing
Add UI screenshot of the job output used for testing
Add UI screenshot of the artifact (See rules in UI Checklist) used for testing

* tried to implement fix- pending new library upload to test properly: * initial fix commit. Lots in here, sorry about that * fixed up trigger to make it functional * black formatting * ready to merge except for help.md * added comments, supported versions, manually fixed up help.md * regen with supported versions * fixing some validation issues * fixed prospector errors, down to regen issues now * fixed param issue in search for exploit * fixed prospector msg * removed another entry from checksum * added type hints * ran black formatting * reformatting pt 2 Co-authored-by: Mike Rinehart <[email protected]> [SOAR-7005] Update Teams Plugin with Troubleshooting from Discuss (#1021) * add troubleshoot message about teams to help.md * attempt fixing input violations in help.md * Update plugins/microsoft_teams/help.md with correct troubleshooting message Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/microsoft_teams/help.md taking out unnec brackets Co-authored-by: Mike Rinehart <[email protected]> * revert help.md dictionaries * fix plugins/microsoft_teams/help.md dictionary Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Jira: Fix bug in "Get Comments", failing normalize_user in Jira Cloud (#991) * Add pass-thru is_cloud for normalize_user The action for Get Comments never relays the state of the endpoint as on-premise or cloud, but requires this state to return successfully. By using the same process as is present in other actions, passing of the client is_cloud boolean through the normalize_comment function and on to the normalize_user function with a default value of False. * Fix bug normalize_comment not receiving connection.is_cloud With the action Get Comments, normalize_comment calls upon the function normalize_user. This dependent function requires knowledge of the state of is_cloud from the client connection. This change passes the connection.is_cloud state into normalize_comment. * bump version * Updated version minor as previous Get Comments action only worked with Jira Server. Now works with both Server and Cloud. * updated checksum with icon-plugin tool * Update help.md * Regenerate checksum. * Add missing newline to help.md. Passing local validation. Co-authored-by: Max Berezin <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: pmara-r7 <[email protected]> Co-authored-by: Maxim Berezin <[email protected]> SOAR-7007: Fix Get Alerts Trigger in Microsoft ATP (#1017) * Regen * Add changelog * fix missed fixes * Fix Prospector warnings * Add timeout-decorator * Comment out test placeholders * Blacken * Lint jira Co-authored-by: Elijah Martin-Merrill <[email protected]> Co-authored-by: Maxim Berezin <[email protected]> Co-authored-by: PJ Mara <[email protected]> [MC-615][MC-664][MC-665] Add new actions in Google Drive plugin (#993) * [MC-615][MC-664][MC-665] Add new actions in Google Drive plugin * [MC-615][MC-664][MC-665] Reformat test_move_file.py * Update plugins/google_drive/plugin.spec.yaml Change Move File action description Co-authored-by: jrose-r7 <[email protected]> * Update help.md. * Update checksum * [MC-615][MC-664][MC-665] Update Create File in Folder action * Update input examples for connection in help.md * [MC-708][MC-731][MC-732] Update Python version and code refactoring in Google Drive plugin * [MC-708][MC-731][MC-732] Update requirements.txt and help.md Co-authored-by: Max Berezin <[email protected]> Co-authored-by: jrose-r7 <[email protected]> Co-authored-by: Maxim Berezin <[email protected]> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: pmara-r7 <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> MC-380 - PaloAlto Wildfire - Connection Test (#1019) * [MC-380] Added connection test * [MC-380] Make regenerate * [MC-380] Added `supported_versions` and removed unsupported keyworks. * [MC-380] Resolve the issue with importing plugin + make regenerate. * Version pin in requirements.txt * [MC-380] Updated the existing unit test to use mock response * black validation failure fix Co-authored-by: Mike Rinehart <[email protected]> [MC-690][MC-728][MC-729][MC-730][MC-749] Code refactor and add new action in Subnet plugin (#1016) * [MC-690][MC-728][MC-729][MC-730][MC-749] Code refactor and add new action in Subnet plugin * [MC-690][MC-728][MC-729][MC-730][MC-749] Remove unnecessary f-string * Test * Remove init.py * [MC-690][MC-728][MC-729][MC-730][MC-749] Update help.md and requirements.txt * [MC-690][MC-728][MC-729][MC-730][MC-749] Remove trailing space * [MC-690][MC-728][MC-729][MC-730][MC-749] Update plugin spec Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Max Berezin <[email protected]> MC-742 - ElasticSearch - Bugfix - Routing Issue (#1014) * [MC-724] Corrected the `index_document` action. * [MC-724] Minor code improvements. * [MC-724] Search document routing fix. * [MC-724] Corrected `update_document` action + black formatting. * Added unit additional unit test for search_document with route * [MC-724] Make regenerate * [MC-724] Added `supported_versions` + make regenerate * [MC-742] Remove unused variables and add unit test with no routing. * [MC-742] Applied black formatting. Co-authored-by: PJ Mara <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Update README.md (#1023) * Update README.md * Update README.md Co-authored-by: PJ Mara <[email protected]> Co-authored-by: PJ Mara <[email protected]> [SOAR-7134] update troubleshooting and requirements messaging for RBAC permissions (#1024) * update troubleshooting and requirements messaging for RBAC permissions * update get notifications troubleshooting info link * Update plugins/carbon_black_defense/help.md Co-authored-by: Mike Rinehart <[email protected]> * consolidate api key requirements info * punctuation in troubleshooting section Co-authored-by: Mike Rinehart <[email protected]> Update Python 3 Script documentation & install g++ (#1025) * Update documentation * Update help.md Co-authored-by: PJ Mara <[email protected]> SOAR-5837: Scrub Anomali API key from logger (#943) * Add a util to scrub API keys from URLs using regex. * Import logging to get_observables action, add formatter to logger Black format Update help.md and bump version number * Regenerate plugin. * Black format * Generate unit tests * Fix formatter import * caught exception * Only suppress ConnectionErrors, wrap censored original error in PluginException Replace logging formatter with simple util function * Black format * Regenerate plugin. * Add examples to plugin spec to satisfy validator, regenerate plugin * Abstract send request to Connection class for all actions, delete utils * Change example user to match example style guide * Update plugins/anomali_threatstream/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/anomali_threatstream/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/anomali_threatstream/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/anomali_threatstream/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/anomali_threatstream/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/anomali_threatstream/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * help.md validates with plugin spec * Raise plugin exception from None instead of additional Connection error * Change send() parameters signature and add plugin root init * Add connection test and API key suppression check * Black format * Add get observables unit test Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Joey McAdams <[email protected]> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: pmara-r7 <[email protected]> SQL plugin change example in PORT input and update util.py file with Python3 (#1003) * [MC-706] SQL plugin change example in PORT input and update util.py file with Python3 * Implement Pylint fixes for dict.get() and catch Exception * Add version numbers to supported DB software * Regenerate checksum Co-authored-by: pmara-r7 <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Max Berezin <[email protected]> Co-authored-by: Maxim Berezin <[email protected]> Xdr monitor incident events bug fix (#1026) * Add monitor alert task to palo alto xdr plugin * style * remove unused import * changed to minor version bumo since there arent any non-backward compatible changes * changed to get incidents endpoint, added inputs to the tasks * delete old get alerts task * remove unecessary code * remove alert sources parameter since the XDR api behaves very inconsistently when it is present * update checksum * Update help.md * Update help.md * simplify conditions as per code review comments, fix json list representation in plugin spec and docs file * incident bug fix * fix bug where None value fields could be returned in incidents * fix help.md, requirements section can only accept bullet points, move non-bullet points to setup section * Comment out unused tests * Add supported product versions Co-authored-by: jrose-r7 <[email protected]> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> [MC-676][MC-727] Update Domain Extractor in Extractit plugin (#1015) * [MC-676][MC-727] Update Domain Extractor in Extractit plugin * [MC-676][MC-727] Update requirements.txt * [MC-676][MC-727] Add comments in extractor.py * [MC-676][MC-727] Reformat * [MC-676][MC-727] Add comments in extractor.py and fix unit tests Co-authored-by: PJ Mara <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: jrose-r7 <[email protected]> Co-authored-by: Max Berezin <[email protected]> Fix error messaging around invalid credentials (#1022) Co-authored-by: PJ Mara <[email protected]> Co-authored-by: Max Berezin <[email protected]> [MC-492][MC-694][MC-491][MC-726] Add Get Blocked Hosts and Block Host actions to Cisco ASA (#994) * [MC-492][MC-694] Add Get Blocked Hosts action to Cisco ASA * [MC-492][MC-694] Add section for supported version * Scrub test example input * [MC-491][MC-726] Add Block Host action to Cisco ASA * [MC-492][MC-694][MC-491][MC-726] Update requirements.txt * [MC-492][MC-694][MC-491][MC-726] Add ignore comments * [MC-492][MC-694][MC-491][MC-726] Reformat Co-authored-by: Max Berezin <[email protected]> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Maxim Berezin <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: PJ Mara <[email protected]> IntSights plugin (#1009) * [MC-683] Init plugin | Add action Get Indicator by Value * IntSights new actions and trigger draft * [MC-717] Add action Get Indicator By Value * [MC-683][MC-673][MC-681][MC-682][MC-684][MC-686][MC-688][MC-687] Add new Plugin IntSights * [MC-717][MC-718][MC-719][MC-720][MC-721][MC-722][MC-723][MC-725] Update help.md * Revert: Add microsoft ATP Black reformat * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/icon_intsights/actions/takedown_request/action.py Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/icon_intsights/connection/connection.py Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/icon_intsights/util/api.py Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * [MC-683] Fix help * [MC-683] Fix help * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * [MC-683] Change plugin name to rapid7_intsights * [MC-683] Change plugin name to rapid7_intsights * [MC-683] Fix unit tests * [MC-683] Fix unit tests * [MC-683] Add clean to enrich_indicator output * [MC-683] Add clean to enrich_indicator output * Add icon * New graphics * Fix unit_test path while getting payload * Add cutom type * Regenerate plugin and Black format * Update help.md for validator * Update plugins/rapid7_intsights/help.md * [MC-683] Set some output to required false Co-authored-by: r7-kszczepanskagorna <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Maxim Berezin <[email protected]> [MC-740] Fix threatscore KeyError (#1031) * [MC-740] Fix threatscore KeyError * Update plugins/hybrid_analysis/help.md * used refactor to change hash to hash_ in 2 files Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: PJ Mara <[email protected]> Co-authored-by: PJ Mara <[email protected]> Remove ISOLATE_MACHINE remediate option from Cybereason documentation (#1035) * Update docs to remove ISOLATE_MACHINE remediate option * Update changelog MC-301 & MC-809 - Cybereason - New Action - Delete Registry Key (#1028) * Make regenerate * Added delete registry key action. * Using example email address. * Action + black formatting. * Removed user email address and using an example one. * Added tests and example payloads. * Added example output and corrected the inputs * [MC-301] Added comment to get_machine_targets. * Update .CHECKSUM * Update checksum Co-authored-by: PJ Mara <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> [MC-709][MC-810] Support extraction from binary files for all actions in Extractit plugin (#1030) * [MC-709] Support extraction from binary files for all actions * [MC-709][MC-810] Update extractor.py and unit tests * Replace manual file open/close with "with" context for Prospector validation * [MC-709][MC-810] Remove manual closing of file Co-authored-by: PJ Mara <[email protected]> Co-authored-by: Max Berezin <[email protected]> Elasticsearch fix search action (#988) * MC-677 Fix search example input in help.md | Add exception message in search action * Regen and fix docs * Fix syntax in action.py * [MC-677] Fix search example input in help.md | Add exception message in search action * [MC-677] Fix search example input in help.md | Add exception message in search action * Black reformat * [MC-677] Fix help | Fix unit test | Add unit test to check wrong query input * [MC-677] Fix help | Fix unit test | Add unit test to check wrong query input * Update plugins/elasticsearch/komand_elasticsearch/actions/search_documents/action.py * Update plugins/elasticsearch/unit_test/test_search_documents.py * Update expected error string * Black format. Co-authored-by: Jon Schipp <[email protected]> Co-authored-by: Jon Schipp <[email protected]> Co-authored-by: Maxim Berezin <[email protected]> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Max Berezin <[email protected]> Co-authored-by: PJ Mara <[email protected]> [SOAR-7434] ipstack schema update (#1040) * updated komand to icon runtime * added time_zone fix * passing individual unit tests * fixed unit test bug * black reformat * fixed api url * added ignore pylint unused args because implementation is blank * increased version from 2->3 and reformat * fixing prospector Add support of ! character to the URL extraction (#1041) 1. Update Regex to support ! character to the URL extractor 2. Update plugin minor version 3. Add a test string to the Unit test set 4. Update help.md to include release details 5. Regenerate the plugin files JIRA: SOAR-7356 [MC-754][MC-838][MC-839][MC-840] PDF Reader plugin - Fix Extract Text action (#1038) * [MC-754] Fix Extract Text action * [MC-754] Update plugin spec * [MC-754][MC-838][MC-839][MC-840] Update Dockerfile and Extract Text action * [MC-754] Update Extract Text action * [MC-754][MC-838][MC-839][MC-840] Update error messaging in Extract Text action * Update plugins/pdf_reader/help.md Co-authored-by: Max Berezin <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Add new trigger in Rapid7 IntSights plugin (#1033) * [MC-683] Init plugin | Add action Get Indicator by Value * IntSights new actions and trigger draft * [MC-717] Add action Get Indicator By Value * [MC-683][MC-673][MC-681][MC-682][MC-684][MC-686][MC-688][MC-687] Add new Plugin IntSights * [MC-717][MC-718][MC-719][MC-720][MC-721][MC-722][MC-723][MC-725] Update help.md * Revert: Add microsoft ATP Black reformat * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/icon_intsights/actions/takedown_request/action.py Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/icon_intsights/connection/connection.py Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/icon_intsights/util/api.py Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * [MC-683] Fix help * [MC-683] Fix help * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * [MC-683] Change plugin name to rapid7_intsights * [MC-683] Change plugin name to rapid7_intsights * [MC-683] Fix unit tests * [MC-683] Fix unit tests * [MC-683] Add clean to enrich_indicator output * [MC-683] Add clean to enrich_indicator output * Add icon * New graphics * Fix unit_test path while getting payload * [MC-771][MC-808] plugin.spec and action code * Add cutom type * [MC-771][MC-808] Add unit tests * [MC-771][MC-808] Add unit tests * [MC-771][MC-808] Fix description * [MC-771][MC-808] Fix f-string in API * [MC-771][MC-808] Fix unit_test expecteds files * [MC-685][MC-724] Add new trigger New Alert with unittest * [MC-685][MC-724] Add new trigger New Alert with unittest * [MC-685][MC-724] Add new trigger New Alert with unittest * [MC-685][MC-724] Add new trigger New Alert with unittest * [MC-685][MC-724] black * [MC-685][MC-724] Add module to requirements * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: jrose-r7 <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: PJ Mara <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: PJ Mara <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: jrose-r7 <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: jrose-r7 <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: jrose-r7 <[email protected]> * [MC-771][MC-808] Add pagination to action get_cve_by_id * [MC-771][MC-808] Add pagination to action get_cve_by_id * [MC-771][MC-808] Black format * [MC-685] Add new case to unit tests, Change descriptions in plugin.spec * [MC-685] Black format * [MC-685] Add new case to unit tests, Change descriptions in plugin.spec * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: jrose-r7 <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: jrose-r7 <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: jrose-r7 <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * [MC-685] Fix query in get_cve * [MC-685] Fix query in get_cve * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * [MC-685] Fix validator issues * [MC-717] Fix score from integer to float * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/help.md Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * Update plugins/rapid7_intsights/plugin.spec.yaml Co-authored-by: Mike Rinehart <[email protected]> * [MC-685] Fix input enum errors Co-authored-by: r7-kszczepanskagorna <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: Mike Rinehart <[email protected]> Co-authored-by: jrose-r7 <[email protected]> Co-authored-by: PJ Mara <[email protected]> Co-authored-by: Max Berezin <[email protected]> Fix plugin validator GH Action [MC-800] Improve error messaging in Palo Alto MineMeld plugin (#1046) (#1051) [MC-800] Update PaloAltoMineMeld to 1.0.1 with below: 1. Update unit tests 2. Update requirements. txt [MC-801] Fix Set Address Object action in Palo Alto PAN-OS plugin (#1047) (#1055) Co-authored-by: dsliwinski-r7 <[email protected]> Microsoftteams_3.1.5 (#1058) * [MC-772] Add `microsoft_teams` keyword * [MC-772] Fix unit tests * Update plugins/microsoft_teams/help.md [SOAR-7961] Configurable interval for devo (#1059) (#1065) * configurable interval * set interval default to 10 seconds [MC-751] - ServiceNow Get Attachments (#1054) Automox Plugin: Initial release of plugin with base management functionality (#1042) Cisco Umbrella Destinations Lists The below actions have been added: dGet dAdd dDelete dlGet dlGetAll dlPatch dlDelete dlCreate Updated acronyms in spec file Update plugins/cisco_umbrella_destinations/plugin.spec.yaml text fix to capitalize acronyms Co-authored-by: jrose-r7 <[email protected]> Update plugins/cisco_umbrella_destinations/plugin.spec.yaml text fix to capitalize acronyms Co-authored-by: jrose-r7 <[email protected]> Update plugins/cisco_umbrella_destinations/plugin.spec.yaml text fix to capitalize acronyms Co-authored-by: jrose-r7 <[email protected]> Updated spec Changing org_id & dl_id to input Added basic PluginException error handling removed unitTests & greeting yaml Updated examples in spec file Added PluginException to api.py & removed from actions Removed unused imports Final api.py Updated api.py Fixed broken logger .. Commented out connection bug for now Change return to pass Fix prospector issue #1 Fix prospector issue #2 Validators fix attempt#1 Fix validators #2 Fix validators #3 Fix validators #4 Fix validators #5 Fix validators #6 Fix validators #7 Added black formatting Test black #1 Black formatting complete Moved orgID to connection input Black formatting #2 Fix prospector issue #3 -- Cisco Umbrella Destinations Lists The below actions have been added: dGet dAdd dDelete dlGet dlGetAll dlPatch dlDelete dlCreate Changing org_id & dl_id to input Added basic PluginException error handling removed unitTests & greeting yaml Updated examples in spec file Added PluginException to api.py & removed from actions Final api.py Updated api.py Fixed broken logger Commented out connection bug for now Change return to pass Validators fix attempt#1 Fix validators #2 Fix validators #3 Fix validators #4 Fix validators #5 Fix validators #6 Fix validators #7 Added black formatting Black formatting complete Moved orgID to connection input Cisco Umbrella Destinations Lists The below actions have been added: dGet dAdd dDelete dlGet dlGetAll dlPatch dlDelete dlCreate Changing org_id & dl_id to input Added basic PluginException error handling removed unitTests & greeting yaml Updated examples in spec file Added PluginException to api.py & removed from actions Final api.py Updated api.py Fixed broken logger Commented out connection bug for now Change return to pass Validators fix attempt#1 Fix validators #2 Fix validators #3 Fix validators #4 Fix validators #5 Fix validators #6 Fix validators #7 Added black formatting Black formatting complete Moved orgID to connection input Test Commit #1 Updated help.md & plugin spec Black formatting #3

IPStack: Open-source plugin

* Init commit - Simple connection test refactor * Spec mapped draft * Add new trigger outline * Trigger template * Fix snyk | Succesful scan API call | manifest fixed for new trigger * Save point #1 * Save point #2 * Map inputs * Start mapping outputs * Save point #3 * Save point #4 * All API calls mapped * Save point #5 * Add task init and update risk score to float * Add msft strip and remove nexpose id * Save point #6 query search and api calls * Update output, successful call and outputs * Update docstrings and type hints * Save point #7 * Save point #8 * Update single line in query * filter results and status_id * query fixed * Condense results finished * Changes made to filter * Cacheing begin * Save point #9 * Save point #10 * Dockerfile restored and debugging statements * Get latest to get latest completed * Trigger + cacheing works * it works .. * Trigger working and doc strings added * Some prospector issues fixed * Prospector fixes * Version updated to 620 * Remove software update id * Removed risk score * Help MD fix etc * Remove risk score * Update help md again * Update dockerfile * Add asset group & cve input * Small dot updates plus verify method * Updated to paged resource request * Update to determine cache for resource request * Black formatting * Update doc strings and comments * Update single letter variables * Fix prospector * Add severity and cvss score input * Validator fix * Update to remove condense results * Remove hostname and ip input * Update spec file with corrections * Remove caching * Add dot get * Fix plugin validator * Update :fingerscrossed

* [PLGN-561] Insight VM - Scan Completion Trigger (#2087) * Init commit - Simple connection test refactor * Spec mapped draft * Add new trigger outline * Trigger template * Fix snyk | Succesful scan API call | manifest fixed for new trigger * Save point #1 * Save point #2 * Map inputs * Start mapping outputs * Save point #3 * Save point #4 * All API calls mapped * Save point #5 * Add task init and update risk score to float * Add msft strip and remove nexpose id * Save point #6 query search and api calls * Update output, successful call and outputs * Update docstrings and type hints * Save point #7 * Save point #8 * Update single line in query * filter results and status_id * query fixed * Condense results finished * Changes made to filter * Cacheing begin * Save point #9 * Save point #10 * Dockerfile restored and debugging statements * Get latest to get latest completed * Trigger + cacheing works * it works .. * Trigger working and doc strings added * Some prospector issues fixed * Prospector fixes * Version updated to 620 * Remove software update id * Removed risk score * Help MD fix etc * Remove risk score * Update help md again * Update dockerfile * Add asset group & cve input * Small dot updates plus verify method * Updated to paged resource request * Update to determine cache for resource request * Black formatting * Update doc strings and comments * Update single letter variables * Fix prospector * Add severity and cvss score input * Validator fix * Update to remove condense results * Remove hostname and ip input * Update spec file with corrections * Remove caching * Add dot get * Fix plugin validator * Update :fingerscrossed * [PLGN-634] InsightVM - Asset Search | JsonDecode Error (#2185) * Improved error handling ever so slightly * Changed single letter variables * Change error to data

* Init commit - Simple connection test refactor * Spec mapped draft * Add new trigger outline * Trigger template * Fix snyk | Succesful scan API call | manifest fixed for new trigger * Save point #1 * Save point #2 * Map inputs * Start mapping outputs * Save point #3 * Save point #4 * All API calls mapped * Save point #5 * Add task init and update risk score to float * Add msft strip and remove nexpose id * Save point #6 query search and api calls * Update output, successful call and outputs * Update docstrings and type hints * Save point #7 * Save point #8 * Update single line in query * filter results and status_id * query fixed * Condense results finished * Changes made to filter * Cacheing begin * Save point #9 * Save point #10 * Dockerfile restored and debugging statements * Get latest to get latest completed * Trigger + cacheing works * it works .. * Trigger working and doc strings added * Some prospector issues fixed * Prospector fixes * Version updated to 620 * Remove software update id * Removed risk score * Help MD fix etc * Remove risk score * Update help md again * Update dockerfile * Add asset group & cve input * Small dot updates plus verify method * Updated to paged resource request * Update to determine cache for resource request * Black formatting * Update doc strings and comments * Update single letter variables * Fix prospector * Add severity and cvss score input * Validator fix * Update to remove condense results * Remove hostname and ip input * Update spec file with corrections * Remove caching * Add dot get * Fix plugin validator * Update :fingerscrossed

IPStack: Open-source plugin

c059730

zyoutz-r7 approved these changes Jun 11, 2019

View reviewed changes

joey-mcadams approved these changes Jun 11, 2019

View reviewed changes

jschipp-r7 merged commit bcf07b4 into master Jun 11, 2019

jschipp-r7 deleted the ipstack branch June 11, 2019 18:10

cmcnally-r7 added a commit that referenced this pull request Jan 17, 2022

Fix validators #7

0adfef2

cmcnally-r7 added a commit that referenced this pull request Jan 18, 2022

Fix validators #7

c700ff4

cmcnally-r7 added a commit that referenced this pull request Jan 19, 2022

Fix validators #7

ab71a5b

cmcnally-r7 added a commit that referenced this pull request Jan 20, 2022

Fix validators #7

e97d609

cmcnally-r7 added a commit that referenced this pull request Jan 20, 2022

Fix validators #7

cab931c

mberezin-r7 pushed a commit that referenced this pull request Jun 6, 2022

Merge pull request #7 from rapid7/ipstack

323a5a7

IPStack: Open-source plugin

cmcnally-r7 added a commit that referenced this pull request Nov 15, 2023

Save point #7

27f4e79

cmcnally-r7 added a commit that referenced this pull request Nov 17, 2023

Save point #7

0d6a945

cmcnally-r7 added a commit that referenced this pull request Dec 1, 2023

Save point #7

52204fe

cmcnally-r7 added a commit that referenced this pull request Dec 1, 2023

Save point #7

daeb5b5

cmcnally-r7 added a commit that referenced this pull request Dec 4, 2023

Save point #7

cc08332

cmcnally-r7 added a commit that referenced this pull request Dec 5, 2023

Save point #7

299c21c

cmcnally-r7 added a commit that referenced this pull request Dec 6, 2023

Save point #7

9ef027f

cmcnally-r7 added a commit that referenced this pull request Dec 7, 2023

Save point #7

6d98c98

cmcnally-r7 added a commit that referenced this pull request Dec 11, 2023

Save point #7

6660374

cmcnally-r7 added a commit that referenced this pull request Dec 11, 2023

Save point #7

7bdcd74

cmcnally-r7 added a commit that referenced this pull request Dec 12, 2023

Save point #7

e3e9ff8

cmcnally-r7 added a commit that referenced this pull request Dec 12, 2023

Save point #7

f6f3dfe

cmcnally-r7 added a commit that referenced this pull request Dec 13, 2023

Save point #7

87f4819

cmcnally-r7 mentioned this pull request Dec 13, 2023

[PLGN-561] Insight VM - Scan Completion Trigger (#2087) #2182

Merged

17 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

IPStack: Open-source plugin #7

IPStack: Open-source plugin #7

jschipp-r7 commented Jun 11, 2019

IPStack: Open-source plugin #7

IPStack: Open-source plugin #7

Conversation

jschipp-r7 commented Jun 11, 2019

Proposed Changes

PR Requirements

Functional Checklist

Assessment