demisto / content-docs Goto Github PK
View Code? Open in Web Editor NEWDemisto Content Developer Docs
Home Page: https://xsoar.pan.dev/
License: MIT License
Demisto Content Developer Docs
Home Page: https://xsoar.pan.dev/
License: MIT License
The explanation in the video about the Autofocus "Samples Search" is not accurate. It instructs the users to click on:
_ API
However, the correct/easiest way to grab the JSON query is to click on the "Export Search" button.
It would be nice if you could edit the video and at least modify the voice over to provide the right instructions
The various pages show inconsistent size limits for the integration logo (4KB vs 10KB).
Pages affected:
Settle on a single size limit.
There are typos in https://xsoar.pan.dev/docs/integrations/code-conventions#commandresults.
results = CommandResults(
outputs='VirusTotal.IP',
outputs_key_field='Address',
outputs={
'Address': '8.8.8.8',
'ASN': 12345
}
)
return_results(results)
It is not possible to set the same keyword argument(outputs
).
Apparently, the first outputs
is a typo of outputs_prefix
.
Replace outputs
with outputs_prefix
.
Need new lines in the section that is in the image above
also it is not clear what this section is trying to say
Documentation is not complete : the onCall parameter is not explained
Write the documentation :)
On the deployment of #22 @mchasepan sees this on his system:
It should show "Automate the future"
"with Demisto". Also the links on top should not return carriage.
@sserrata @csestito could you please have a look?
Thanks!
Customer mentioned they would like a simple example of this script and the purpose of it.
Here's what I provided them:
!SetMultipleValues parent=test_parent keys=key1,key2,key3 values=val1,valu2,val3
Directory.ReadWrite.All application permission for Microsoft Graph basically grants the application "God Mode" privileges on Azure AD and this certainly should not be needed, or if it is needed there should be really good justification as to why it is needed and other lesser privileged permissions can't be utilized instead to follow a least privileged model.
User.ReadWrite.All is also problematic here, unless there is a good reason for it.
Update the docs to illustrate why these permissions are needed, or implement a new set of permissions to better follow a least privilege model.
Link to partner-owned integration is wrong in https://xsoar.pan.dev/docs/partners/development-partners#how-it-works #5 -
It should be: https://xsoar.pan.dev/docs/partners/partner-owned-integration
Typo in the very last link on the page: "Playboook"
Video is not starting
Buttons (i.e. Sign Up Now and Download the partnership agreement) are not displayed in the rendered file. They are displayed in the v1 website (https://demisto.developers.paloaltonetworks.com/docs/en/get-started)
The description paragraph is saying "For more information, refer to the on-boarding walkthroughs in the help section."
however, there is no help section with walkthrough available.
Either delete this line or link for the help section (it's not on the product as well)
Thank you for taking the time to help us improve our documentation! Please describe the problem and a suggested fix below and we'll get back to you as soon as we can. --DevRel
The "Architecture Basics" links are broken.
Current URL: https://demisto-content-docs.netlify.com/docs/en/dev-architecture
Suggested URL: https://demisto-content-docs.netlify.com/docs/dev-architecture
Did a quick web crawl to get all the links in https://demisto.pan.dev/docs/welcome, and checked them to see if any were broken, will try to update this output to find the pages these links are located at:
Update or remove links
OTRS needs to be configured correctly for pyOTRS (and our integration) to work.
We should link to/or mirror the advice under the prerequisites section at https://pypi.org/project/PyOTRS/
In particular - ensuring that the following is provided:
This YAML configuration template includes the Route: /TicketList endpoint that is required for PyOTRS but which is not included in the default OTRS webservice setup.
The manage credentials link at the top of the doc points to the old docs. We need to point here:
https://xsoar.pan.dev/docs/reference/articles/managing-credentials
The parameter " Do not use by default " is not documented.
Please explain the purpose of this setting and its effect(s).
Unformatted table in xdr-get-incidents section of the doc page.
Typo on Cortex - spelled "Coretx" in multiple locations on the page.
There are some missing conventions in the code conventions page (https://xsoar.pan.dev/docs/integrations/code-conventions):
The current Create an Integration tutorial uses a code conventions different from those described in Code Conventions.
Tutorial page:
import requests
import json
import collections
# disable insecure warnings
requests.packages.urllib3.disable_warnings()
PROXY = demisto.params().get('proxy')
INSECURE = demisto.params().get('insecure')
BASE_URL = demisto.params().get('url')
API_KEY = demisto.params().get('apikey')
URL_SUFFIX = 'yoda'
if not demisto.params().get('proxy', False):
del os.environ['HTTP_PROXY']
del os.environ['HTTPS_PROXY']
del os.environ['http_proxy']
del os.environ['https_proxy']
'''HELPER FUNCTIONS'''
def http_request(method, URL_SUFFIX, json=None):
if method is 'GET':
headers = {}
elif method is 'POST':
if not API_KEY:
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json'
}
else:
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'X-FunTranslations-Api-Secret': API_KEY
}
r = requests.request(
method,
BASE_URL + URL_SUFFIX,
data=json,
headers=headers,
verify=INSECURE
)
if r.status_code is not 200:
return_error('Error in API call [%d] - %s' % (r.status_code, r.reason))
return r.json()
# Allows nested keys to be accesible
def makehash():
return collections.defaultdict(makehash)
'''MAIN FUNCTIONS'''
def translate(text):
query = { 'text': text }
search = json.dumps(query)
r = http_request('POST', URL_SUFFIX, search)
return r
def translate_command():
text = demisto.args().get('text')
contxt = makehash()
human_readable = makehash()
res = translate(text)
contents = res['contents']
if 'translated' in contents:
human_readable['Original'] = text
human_readable['Translation'] = contents['translated']
contxt['Original'] = text
contxt['Translation'] = contents['translated']
ec = {'YodaSpeak.TheForce(val.Original && val.Original == obj.Original)': contxt}
demisto.results({
'Type': entryTypes['note'],
'ContentsFormat': formats['markdown'],
'Contents': res,
'HumanReadable': tableToMarkdown('Yoda Says...', human_readable),
'EntryContext': ec
})
''' EXECUTION '''
LOG('command is %s' % (demisto.command(), ))
try:
if demisto.command() == 'yoda-speak-translate':
translate_command()
elif demisto.command() == 'test-module':
text = 'I have the high ground!'
translate(text)
demisto.results('ok')
except Exception, e:
demisto.debug('The Senate? I am the Senate!')
LOG(e.message)
LOG.print_log()
return_error(e.message)
Code convention page:
def main():
"""
PARSE AND VALIDATE INTEGRATION PARAMS
"""
username = demisto.params().get('credentials').get('identifier')
password = demisto.params().get('credentials').get('password')
# Remove trailing slash to prevent wrong URL path to service
base_url = urljoin(demisto.params()['url'], '/api/v1/suffix')
verify_certificate = not demisto.params().get('insecure', False)
# How many time before the first fetch to retrieve incidents
first_fetch_time = demisto.params().get('fetch_time', '3 days').strip()
proxy = demisto.params().get('proxy', False)
LOG(f'Command being called is {demisto.command()}')
try:
client = Client(
base_url=base_url,
verify=verify_certificate,
auth=(username, password),
proxy=proxy)
if demisto.command() == 'test-module':
# This is the call made when pressing the integration Test button.
result = test_module(client)
demisto.results(result)
elif demisto.command() == 'fetch-incidents':
# Set and define the fetch incidents command to run after activated via integration settings.
next_run, incidents = fetch_incidents(
client=client,
last_run=demisto.getLastRun(),
first_fetch_time=first_fetch_time)
demisto.setLastRun(next_run)
demisto.incidents(incidents)
elif demisto.command() == 'helloworld-say-hello':
return_outputs(*say_hello_command(client, demisto.args()))
# Log exceptions
except Exception as e:
return_error(f'Failed to execute {demisto.command()} command. Error: {str(e)}')
if __name__ in ('__main__', '__builtin__', 'builtins'):
main()
Update the tutorial content or add clarifying statement regarding coding style.
Several commands are not documented at all, including all the commands starting with splunk-kv-store
Write the documentation
Images were published to the base directory
Add to static/img or remove.
When running npm run build
locally, the build function does:
"build": "copyfiles -E -V -f docs/doc_imgs/* static/doc_imgs/. && replace 'doc_imgs' '/doc_imgs' docs/* --include='*.md*' && docusaurus build",
This has two issues:
.gitignore
.With this issues, if you test the build locally then you need to revert before adding files to staging and committing.
tried your tutorial step by step integrate demisto to PyCharm and everything is fine event when i set the apikey it returns seuccessfull when i verify it but when i try to run it like what you said on the video it returns result below.
Please contact me @ [email protected]
We are trying to integrate our mailing phishing using demisto and I believe i am missing something here
DBot
June 8, 2020 4:52 PM
Scripts returned an error
Command:
!Hi5DevTeam dev="Shachar"
Hide reason
Reason
Error from Scripts is : Script failed to run: Runner request timeout reached (script timeout) for script [Hi5DevTeam]. timeout: [5m0s] (2618) (2603)
In the Incidents section, there is a word, "incdients". It should probably be 'incidents'
Link to go to Proofpoint TAP v2 example leads to a 404 page.
https://demisto.developers.paloaltonetworks.com/docs/integrations/code-conventions
Incorrect link : https://github.com/demisto/content/tree/master/Integrations/ProofpointTAP_v2
Add the correct link.
The optional field "from" on the search event integration don't work on MISP 2.4.119
Broken link to demisto-sdk readme's and a couple of typos
Typos: pre-commit hook to check that possible
Fix link to point to correct location: https://github.com/demisto/demisto-sdk/tree/master/demisto_sdk/commands/secrets
npm install
complains about a security issue documented here: https://www.npmjs.com/advisories/1014
Under Commands-external commands, there is a word, "repuration". I think you mean reputation
The first paragraph has a trailing slash.
The link to HelloWorld is a 404.
Not needed
Fix the link and remove the slash.
In Authentication section, the link is wrong: https://xsoar.pan.dev/docs/reference/integrations/microsoft-management-activity-api-(O365/Azure-Events)
Not sure where the link shall point.
The documentation mentions "The value to set to the key. Can be an array. Usually, a DQ expression.", but what is a DQ expression?
Yoda Speak integration code written with Python 2.x and produce errors when running within the newer Python 3.x oriented versions of Cortex XSOAR 5.5+
Suggest either at least mention that code have to be run under Python 2.x
Or as a best solution to provide the code for Python 3.x versions as well by substituting (is -> ==) and (is not -> !=)
I could provide PR by adding separate sections for Python 2 and 3 code correspondingly.
Required URLs to open in Proxies are not listed in the integration doc.
Add a section with requirements including below URLs:
oproxy.demisto.ninja (license validation)
api.us.cdl.paloaltonetworks.com (mandatory)
api.nl.cdl.paloaltonetworks.com (optional, if CDL is in Europe)
Thank you for taking the time to help us improve our documentation! Please describe the problem and a suggested fix below and we'll get back to you as soon as we can. --DevRel
Table of contents menu is appearing in the wrong place on the doc page.
Identify the code block that is causing the issue. As with similar issues in the past, it's likely due to a code block not wrapping properly which extends the width, resulting in the overflow.
Hi, everyone.
I am reading documentation at this link. There is one step, where I should run
demisto-sdk lint
command on the folder Packs/HelloWorld/Integrations/HelloWorld using -d
option.
Command:
demisto-sdk lint -d /path/to/demisto/content/Packs/HelloWorld/Integrations/HelloWorld/
Command result:
Usage: demisto-sdk lint [OPTIONS]
Error: no such option: -d
But, when I run command with -i
argument, everything works fine.
demisto-sdk lint -i /path/to/demisto/content/Packs/HelloWorld/Integrations/HelloWorld/
Maybe something changes, and requires documentation update ?
I am using python 3.8.3
and demisto_sdk 1.1.2
.
Thanks.
The link at the first paragraph points to ZD artical
should point to Palo Alto Networks tech docs here https://xsoar.pan.dev/docs/reference/articles/managing-credentials
Missing additionalinfo
in the integration parameters description for tooltip
Add the additionalinfo
to the documentation
Stale / incorrect information
Under the documentation for the CommandResults
section, the parameter for the human readable content is incorrect
Change from human_readable
to readable_output
Missing image in: /docs/integration-docs
There is a link to: /doc_imgs/65404184-313ced00-dde0-11e9-9257-e61e2943fd75.gif
that is missing in the doc_imgs
directory.
I've tried to find the original image in the content
repo but couldn't find it.
Backticks in example command syntax for !cdl-query-logs get rendered as markdown styling elements when viewed in the browser and do not come through when copying/pasting text to another window. This causes the requirement of backticks in the query to be unclear in the documentation.
Escape the backticks in the example SQL syntax for the cdl-query-logs command so they are visible in the browser.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.