enable automation on artifacts

splunk-soar-connectors · Dec 18, 2024 · 1622e6c · 1622e6c
1 parent da9393a
commit 1622e6c
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 22 deletions.
diff --git a/release_notes/3.6.1.md b/release_notes/3.6.1.md
@@ -0,0 +1 @@
+* Enabled automations for created artifacts
diff --git a/zerofox.json b/zerofox.json
@@ -15,7 +15,7 @@
             "name": "Diego Ramirez"
         },
         {
-            "name": "Felipe Garrido"
+            "name": "Leonardo de Requesens"
         }
     ],
     "license": "Copyright (c) ZeroFox, 2024",
@@ -26,7 +26,9 @@
     "min_phantom_version": "6.1.1",
     "fips_compliant": false,
     "app_wizard_version": "1.0.0",
-    "pip_dependencies": {},
+    "pip_dependencies": {
+        "wheel": []
+    },
     "configuration": {
         "zerofox_api_token": {
             "description": "ZeroFox API Token",

diff --git a/zerofox_connector.py b/zerofox_connector.py
@@ -108,7 +108,7 @@ def build_artifact(self, container_id, alert):
         artifact["tags"] = [alert["network"]]
         artifact["start_time"] = now.strftime("%Y-%m-%dT%H:%M:%S.%fZ")
         artifact["source_data_identifier"] = alert["id"]
-        artifact["run_automation"] = False
+        artifact["run_automation"] = True
 
         # get screenshot from metadata
         try:
@@ -750,13 +750,9 @@ def _modify_alert_tag(self, param):
         # Return success, no need to set the message, only the status
         self.save_progress("Alert Tag Passed")
 
-        self.debug_print(
-            "-------------------------------------------------------------"
-        )
-        self.debug_print("%s response: %s" % (self._banner, response))
-        self.debug_print(
-            "-------------------------------------------------------------"
-        )
+        self.debug_print("--------------------")
+        self.debug_print(f"{self._banner} response: {response}")
+        self.debug_print("--------------------")
 
         return action_result.set_status(phantom.APP_SUCCESS)
 
@@ -825,13 +821,10 @@ def _threat_submit(self, param):
         # Return success, no need to set the message, only the status
         self.save_progress("Threat Submit Passed")
 
-        self.debug_print(
-            "-------------------------------------------------------------"
-        )
+        self.debug_print("--------------------")
+
         self.debug_print("%s response: %s" % (self._banner, response))
-        self.debug_print(
-            "-------------------------------------------------------------"
-        )
+        self.debug_print("--------------------")
 
         return action_result.set_status(phantom.APP_SUCCESS)
 
@@ -973,13 +966,9 @@ def _take_alert_action(self, param):
         # Return success, no need to set the message, only the status
         self.save_progress("Alert Action Passed")
 
-        self.debug_print(
-            "-------------------------------------------------------------"
-        )
+        self.debug_print("--------------------")
         self.debug_print("%s response: %s" % (self._banner, response))
-        self.debug_print(
-            "-------------------------------------------------------------"
-        )
+        self.debug_print("--------------------")
 
         return action_result.set_status(phantom.APP_SUCCESS)