[Marketplace Contribution] XQLDSHelper #37968
Conversation
|
|
content-bot
added
Contribution
content-bot
changed the base branch from
master
to
contrib/xsoar-contrib_spearmin10-contrib-XQLDSHelper
|
Thanks for contributing to the XSOAR marketplace. To receive credit for your generous contribution, please ask the reviewer to update your information in the pack contributors file. See more information here link |
content-bot
added
the
Contribution Form Filled
…nto spearmin10-contrib-XQLDSHelper
…nto spearmin10-contrib-XQLDSHelper
…nto spearmin10-contrib-XQLDSHelper
|
Hi @talzich I've fixed them. Could you please review again? |
|
@spearmin10 I think we had a misunderstanding. I don't see the the query time limitation mechanism we discussed. To be clear, I was talking about limiting the overall time all the queries take. e.g if you run 2 queries, the first takes 5 seconds and the second takes 6 seconds, a third try should not be executed. If that indeed what you implemented and I missed it, please let me know so I could take another look. |
…nto spearmin10-contrib-XQLDSHelper
…nto spearmin10-contrib-XQLDSHelper
@talzich I'm not sure if this is what you meant, but I've added |
…nto spearmin10-contrib-XQLDSHelper
|
@talzich I misunderstood. I've modified the script to set a maximum duration for the query. |
|
Yes, your latest change is what I meant. However, 180 seconds is too much. Do you believe this is the time required to complete all the queries? If so, we will need to have a different solution |
|
@talzich I set it to 180 seconds, as it matches the default timeout value of 180 seconds in XSOAR. It can be adjusted by the argument parameter if needed. The actual time it takes depends on things like how many times the script is run in parallel and the amount of data being queried, so it’s difficult to estimate. I think if a user sets 5 or fewer widgets on a single dashboard, 60 seconds should be enough. However, if more widgets are added to the dashboard, it will likely take more time. |
…nto spearmin10-contrib-XQLDSHelper
|
@talzich I set the default query duration timeout to 60 seconds. |
…nto spearmin10-contrib-XQLDSHelper
talzich
merged commit 5c8bffd
into
demisto:contrib/xsoar-contrib_spearmin10-contrib-XQLDSHelper
|
Thank you for your contribution. Your external PR has been merged and the changes are now included in an internal PR for further review. The internal PR will be merged to the master branch within 3 business days. |
* [Marketplace Contribution] XQLDSHelper (#37968) * "pack contribution initial commit" * Added test cases and update README * Added CONTRIBUTORS.json * Fixed * Added README and doc_files * Fixed CONTRIBUTORS * Fixed README * Fixed README * Fixed test * Fixed README * Fixed pack_metadata.json * Fixed * Fixed * Fixed * Fixed * Fixed * Fixed for pylint * Fixed * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fixed for pylint * Fiexed for pylint * Fixed README * Fixed README * Fixed README * Fixed README * Fixed README * Fixed README * Fixed README * Fixed README * Fixed README * Update README * Update README * Update README * Update README * Update README * Update for more elegance * Small changes * Small changes * Small changes * Added test cases * Added the xql.conditions feature * Update test scripts * Update test cases * Update README * Update .query.conditions * Update test cases and fixed scripts * Fixed file permissions * Fixed samples * Fixed issues where the record set could not retrieve more than 1000 records * Fixed test script * Comment out debug prints * Added a new argument parameter, `triple_quotes_to_string`, to write XQL in a readable format within a template. * Fixed * Fixed * Update docker image * blind fix * blind fix * blind fix * Update docker image * revert * Update * pre-commit * remove unnecessary files * Update * Update for new feature * Update * Fixed for pylint * Update README * Added query_timeout_duration * Set default query_timeout_duration to 60 seconds. --------- Co-authored-by: spearmin10 <[email protected]> Co-authored-by: Masahiko Inoue <[email protected]> Co-authored-by: Tal Zichlinsky <[email protected]> * Fix validation --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: spearmin10 <[email protected]> Co-authored-by: Masahiko Inoue <[email protected]> Co-authored-by: Tal Zichlinsky <[email protected]> Co-authored-by: TalZich <[email protected]>
Status
Contributor
@spearmin10
Description
Run an XQL query and creates an entry for the General Purpose Dynamic Section to display a graph or table widget based on the results. The query is executed by the
xdr-xql-generic-querycommand.Auto-Generated Documentation Requiring Modification
Video Link
パスコード: 1Q8$AzL4=whttps://paloaltonetworks.zoom.us/rec/share/SY1BApnqiRxHh2XVIKfNbeqTRDRewffOSRVrzZbB5fR6AaXWY5ZdCI6Frv_7CPR_.alyDA9k25UZZ5Yfx