Skip to content

Commit

Permalink
Bug fixes and enchancements in integration (#30751)
Browse files Browse the repository at this point in the history 
* Bug fixes and enchancements in integration (#30292)

* New PR with all the changes

* Updated RN

* Fixed issues in files' format

* Fixed fieldnames

* Fixed field's name in layout file

* Fixed field's name in layout file

* Fixed field's name in layout file

* Removed -Layout suffix

* Updated layout file

* Formatted files

* Fixed playbook

* Updated RNs

* Made changes in object files, uploading updated ones

* Formatted files and bugs, test failure fixes

* Updated RN, tests, playbook changes and formatting

* Updated RN

---------

Co-authored-by: Yehuda Rosenberg <[email protected]>

* RN

* mistake

* RN

---------

Co-authored-by: cyble-dev <[email protected]>
Co-authored-by: Yehuda Rosenberg <[email protected]>
Co-authored-by: Yehuda <[email protected]>
  • Loading branch information
@content-bot @cyble-dev @RosenbergYehuda
4 people authored Nov 8, 2023
1 parent 287f674 commit 98bece4
Show file tree
Hide file tree
Showing 27 changed files with 2,019 additions and 1,095 deletions.
4 changes: 3 additions & 1 deletion Packs/CybleEventsV2/.pack-ignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,6 @@ ignore=IN126
ignore=RM108

[known_words]
cyble
cyble
CVV
autorun
98 changes: 98 additions & 0 deletions Packs/CybleEventsV2/Classifiers/classifier-CybleEventsv2-Incoming-Mapper.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
{
"description": "",
"feed": false,
"id": "CybleEventsv2-Incoming-Mapper",
"mapping": {
"Cyble Vision Alert V2": {
"dontMapEventToLabels": false,
"internalMapping": {
"Additional Data": {
"simple": "data_message"
},
"CybleEventsV2 Application": {
"simple": "application"
},
"CybleEventsV2 CE Filename": {
"simple": "filename"
},
"CybleEventsV2 CE Username": {
"simple": "username"
},
"CybleEventsV2 Card Brand": {
"simple": "card_brand"
},
"CybleEventsV2 Card CVV": {
"simple": "card_cvv"
},
"CybleEventsV2 Card Expiry": {
"simple": "card_expiry"
},
"CybleEventsV2 Card Level": {
"simple": "card_level"
},
"CybleEventsV2 Card No.": {
"simple": "card_no"
},
"CybleEventsV2 Card Type": {
"simple": "card_type"
},
"Event ID": {
"complex": {
"filters": [],
"root": "event_id",
"transformers": []
}
},
"Event Type": {
"complex": {
"filters": [],
"root": "event_type",
"transformers": []
}
},
"CybleEventsV2 Keyword": {
"simple": "keyword"
},
"CybleEventsV2 Password": {
"simple": "password"
},
"CybleEventsV2 URL": {
"simple": "url"
},
"dbotMirrorDirection": {
"simple": ".='Out'"
},
"dbotMirrorId": {
"simple": "event_id"
},
"dbotMirrorInstance": {
"simple": "mirrorInstance"
},
"dbotMirrorTags": {
"simple": ".=['severity','status']"
},
"name": {
"complex": {
"filters": [],
"root": "name",
"transformers": []
}
},
"occurred": {
"simple": "created_at"
},
"severity": {
"complex": {
"filters": [],
"root": "severity",
"transformers": []
}
}
}
}
},
"name": "CybleEventsv2-Incoming-Mapper",
"type": "mapping-incoming",
"version": -1,
"fromVersion": "6.10.0"
}
22 changes: 22 additions & 0 deletions Packs/CybleEventsV2/Classifiers/classifier-CybleEventsv2-Outgoing-Mapper.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"description": "",
"feed": false,
"id": "CybleEventsv2-Outgoing-Mapper",
"mapping": {
"Cyble Vision Alert V2": {
"dontMapEventToLabels": true,
"internalMapping": {
"id": {
"simple": "eventid"
},
"severity": {
"simple": "severity"
}
}
}
},
"name": "CybleEventsv2-Outgoing-Mapper",
"type": "mapping-outgoing",
"version": -1,
"fromVersion": "6.10.0"
}
32 changes: 32 additions & 0 deletions Packs/CybleEventsV2/IncidentFields/incidentfield-Application.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{
"id": "incident_cybleeventsv2application",
"version": -1,
"modified": "2023-11-03T08:12:46.912634844Z",
"name": "CybleEventsV2 Application",
"ownerOnly": false,
"description": "Compromised endpoints: Application",
"cliName": "cybleeventsv2application",
"type": "shortText",
"closeForm": false,
"editForm": true,
"required": false,
"neverSetAsRequired": false,
"isReadOnly": false,
"useAsKpi": false,
"locked": false,
"system": false,
"content": true,
"group": 0,
"hidden": false,
"openEnded": false,
"associatedTypes": [
"Cyble Vision Alert V2"
],
"associatedToAll": false,
"unmapped": false,
"unsearchable": true,
"caseInsensitive": false,
"sla": 0,
"threshold": 72,
"fromVersion": "6.10.0"
}
32 changes: 32 additions & 0 deletions Packs/CybleEventsV2/IncidentFields/incidentfield-CE_Filename.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{
"id": "incident_cybleeventsv2cefilename",
"version": -1,
"modified": "2023-11-03T08:28:55.182914432Z",
"name": "CybleEventsV2 CE Filename",
"ownerOnly": false,
"description": "Compromised endpoints: Filename",
"cliName": "cybleeventsv2cefilename",
"type": "shortText",
"closeForm": false,
"editForm": true,
"required": false,
"neverSetAsRequired": false,
"isReadOnly": false,
"useAsKpi": false,
"locked": false,
"system": false,
"content": true,
"group": 0,
"hidden": false,
"openEnded": false,
"associatedTypes": [
"Cyble Vision Alert V2"
],
"associatedToAll": false,
"unmapped": false,
"unsearchable": true,
"caseInsensitive": false,
"sla": 0,
"threshold": 72,
"fromVersion": "6.10.0"
}
32 changes: 32 additions & 0 deletions Packs/CybleEventsV2/IncidentFields/incidentfield-CE_Username.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{
"id": "incident_cybleeventsv2ceusername",
"version": -1,
"modified": "2023-11-03T08:14:57.291377526Z",
"name": "CybleEventsV2 CE Username",
"ownerOnly": false,
"description": "Compromised endpoints: Username",
"cliName": "cybleeventsv2ceusername",
"type": "shortText",
"closeForm": false,
"editForm": true,
"required": false,
"neverSetAsRequired": false,
"isReadOnly": false,
"useAsKpi": false,
"locked": false,
"system": false,
"content": true,
"group": 0,
"hidden": false,
"openEnded": false,
"associatedTypes": [
"Cyble Vision Alert V2"
],
"associatedToAll": false,
"unmapped": false,
"unsearchable": true,
"caseInsensitive": false,
"sla": 0,
"threshold": 72,
"fromVersion": "6.10.0"
}
32 changes: 32 additions & 0 deletions Packs/CybleEventsV2/IncidentFields/incidentfield-Card_Brand.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{
"id": "incident_cybleeventsv2cardbrand",
"version": -1,
"modified": "2023-11-01T17:28:52.96473009Z",
"name": "CybleEventsV2 Card Brand",
"ownerOnly": false,
"description": "Card Brand",
"cliName": "cybleeventsv2cardbrand",
"type": "shortText",
"closeForm": false,
"editForm": true,
"required": false,
"neverSetAsRequired": false,
"isReadOnly": false,
"useAsKpi": false,
"locked": false,
"system": false,
"content": true,
"group": 0,
"hidden": false,
"openEnded": false,
"associatedTypes": [
"Cyble Vision Alert V2"
],
"associatedToAll": false,
"unmapped": false,
"unsearchable": true,
"caseInsensitive": false,
"sla": 0,
"threshold": 72,
"fromVersion": "6.10.0"
}
32 changes: 32 additions & 0 deletions Packs/CybleEventsV2/IncidentFields/incidentfield-Card_CVV.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{
"id": "incident_cybleeventsv2cardcvv",
"version": -1,
"modified": "2023-11-01T17:28:53.399763556Z",
"name": "CybleEventsV2 Card CVV",
"ownerOnly": false,
"description": "Card CVV",
"cliName": "cybleeventsv2cardcvv",
"type": "shortText",
"closeForm": false,
"editForm": true,
"required": false,
"neverSetAsRequired": false,
"isReadOnly": false,
"useAsKpi": false,
"locked": false,
"system": false,
"content": true,
"group": 0,
"hidden": false,
"openEnded": false,
"associatedTypes": [
"Cyble Vision Alert V2"
],
"associatedToAll": false,
"unmapped": false,
"unsearchable": true,
"caseInsensitive": false,
"sla": 0,
"threshold": 72,
"fromVersion": "6.10.0"
}
32 changes: 32 additions & 0 deletions Packs/CybleEventsV2/IncidentFields/incidentfield-Card_Expiry.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{
"id": "incident_cybleeventsv2cardexpiry",
"version": -1,
"modified": "2023-11-01T17:28:53.790728925Z",
"name": "CybleEventsV2 Card Expiry",
"ownerOnly": false,
"description": "Card Expiry",
"cliName": "cybleeventsv2cardexpiry",
"type": "shortText",
"closeForm": false,
"editForm": true,
"required": false,
"neverSetAsRequired": false,
"isReadOnly": false,
"useAsKpi": false,
"locked": false,
"system": false,
"content": true,
"group": 0,
"hidden": false,
"openEnded": false,
"associatedTypes": [
"Cyble Vision Alert V2"
],
"associatedToAll": false,
"unmapped": false,
"unsearchable": true,
"caseInsensitive": false,
"sla": 0,
"threshold": 72,
"fromVersion": "6.10.0"
}
32 changes: 32 additions & 0 deletions Packs/CybleEventsV2/IncidentFields/incidentfield-Card_Level.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{
"id": "incident_cybleeventsv2cardlevel",
"version": -1,
"modified": "2023-11-01T17:28:54.409441163Z",
"name": "CybleEventsV2 Card Level",
"ownerOnly": false,
"description": "Card Level",
"cliName": "cybleeventsv2cardlevel",
"type": "shortText",
"closeForm": false,
"editForm": true,
"required": false,
"neverSetAsRequired": false,
"isReadOnly": false,
"useAsKpi": false,
"locked": false,
"system": false,
"content": true,
"group": 0,
"hidden": false,
"openEnded": false,
"associatedTypes": [
"Cyble Vision Alert V2"
],
"associatedToAll": false,
"unmapped": false,
"unsearchable": true,
"caseInsensitive": false,
"sla": 0,
"threshold": 72,
"fromVersion": "6.10.0"
}
Loading

0 comments on commit 98bece4

Please sign in to comment.