From 0885c4c9ce1187f461f173bcae8a62dd6a6a355b Mon Sep 17 00:00:00 2001 From: epintzov Date: Tue, 21 May 2024 12:32:46 +0300 Subject: [PATCH] app_server --- add-on/TA-Demisto/TA-Demisto.aob_meta | 2 +- .../bin/ta_demisto/alert_actions_base.py | 16 ++++++++++------ add-on/TA-Demisto/default/addon_builder.conf | 2 +- add-on/TA-Demisto/default/alert_actions.conf | 1 - add-on/TA-Demisto/default/app.conf | 2 +- add-on/TA-Demisto/default/server.conf | 3 ++- .../TA-Demisto/default/ta_demisto_settings.conf | 9 +++++++++ 7 files changed, 24 insertions(+), 11 deletions(-) diff --git a/add-on/TA-Demisto/TA-Demisto.aob_meta b/add-on/TA-Demisto/TA-Demisto.aob_meta index db0624d5..d45b9fb0 100644 --- a/add-on/TA-Demisto/TA-Demisto.aob_meta +++ b/add-on/TA-Demisto/TA-Demisto.aob_meta @@ -1 +1 @@ -{"alert_action_builder": {"modular_alerts": [{"description": "", "largeIcon": "iVBORw0KGgoAAAANSUhEUgAAAEgAAABICAYAAABV7bNHAAAAAXNSR0IArs4c6QAADd1JREFUeF7tnAmQXEUZx/9fz8zu5lBBCBuT3Xlv5s1yhEPKFFchJEgoCIIQEeQSikslYKBE8QJBheARbgGrUKFADhFMVG6VoxJQAkIi7uJu5s17PXuYkGwCGpLZnff6s3qOzWR3Z+ZNMuvBblelNvve191f/97XX19fL2EiVSRAE3wqE5gAVMVCJgBNANo5JzJhQRMWNGFBO0fg/8GC4vH4hwA0k+/vTkQfUMxT4ftdqZ6eN8e09QEK/6/6oHg0+nFQaAGBZwOYDqbdQPwBAA0AX21LeX2ANoypyH8cUHNz85QpTU1zBOh6Bg4s3zq+alwBMk2zKQQcB4UvgjAXQGPlTz++AIUs07wDjDMB6C4UII0PQJSIRmcxibsBHBaASonIOABkmuaBIcbPkfc1Nfq79zkgc7ppigZ+nYh2rc1yitLvY0CGYcTCoAdq71Y5OP8E8A5Ad3OW7osMRjZ1buj8145B3vlcNZp9sArjhnknAZ8HEAqWAwMgPEzAUiiVZKUGQKFzIHAGIDIgXkOKlnqCf+W6biZgmXURqzugtmj0BB+0jIiCwOkD6CGf+DrXdd8pbZFlxK4D+FvDWtlPhOuzzA9LKf9RFwL/yaWGZVmt8PwVAKJV6lVMeEIw39Ai5asvAN5wecuIfQ/gq0aUw+yBaCVDLE7J1JMAeCxB1dWC4tHot4nEtVVGLAbj/sapky/p6OjYXK5xZSyoVHwLmC620879YwmpboBM05weYiwFcGjlL0pPICzOt2377UpyAQDp7GsZfGFKyifGyorqBigejc4jEo9XWUK8gXDouGpwdGPLdrGRJP5BHD4mmU62jwWk+gEyjJ8S6IJySjLze4rVWW5392+CNKQGQGDG7zLe4Ol9fX1bgpRdi0xdAM3G7Mg7Rn8vgGkVKn8+42VP7e3t7Q+iYMAuViyqn1mdnkqn/xCk7Fpk6gLIikZng8RrlSpmxuWptHtrUOVqsSBdJoFuSkrniqDlB5WrC6CEYSxk0B0VKlWCVduadDoVVLFaAQF4y5burKDlB5WrDyDTvFlbSPlK2bal3BOACqpY7YDYU0K0OI6zLmgdQeTqAihuxB4l8CllHTTo0ZR0Tg2iUFGmRh+Uz0aYb7vu07XUU022LoAsI/Y4wJ+sAOjOlHQuqaZM6fvaLSgH6Dzbde+tpZ5qsnUCZD4FvZ1aJjFwV0q6C6sps9OAmM610859tdRTTbZegB4E9Mq7bFpmS3dBNWV2FhCzmJdKp/5YSz3VZOsEKLYE4ApDLPfYUuoFbOCF5Q50sWyWVXM6nd5UrdG1vK8LoDbTPE/lt1bLJvbEXqneVFdQ5WoFxMDqlHQrHCMFrXl7uboAslqt/SD8iqegxPhGMu3+IKgV1TiKMUA32NIZvn+0Y1RKctUFEICwZZhJAEZ5jeglJXBK0HlKjRa0Tgk61XGc5TtNZFgB9QIEyzBuA+hLFRTcyuCLUlLqveqqqRYLIuBBRMLnJ5PJgaoF1yhQN0Cx1tgRQuBJgKdW0KHLAx8npXSq6RnUghjoDLE6vpZlTLW6S9/XDVAikZjGnvcYGEdUVIC5vUlNPbK9p31jJbmAgN5Wgo5xHOevtTS6Ftm6AdLz2LhpLiLGTQBEBSX0emxZGPyVzgqWVK2LEeAw+ApbSr2/FHiNVwscLVtPQNh75szdvHBkJQPxKor4DLQLhSuT3e7vR2tgBQvSMJ6B8q+0u7s7xhJO3QHpAhNm4lBmT89mJwf4WlsJdI9H/KPGxsb+zs5OvYmfm0wOA6SfbQZ4PRMtGfS8e3t6erYGKH+nRepqQUVt4lFzMRH0zLohiIYM3khMK0jgDShKQvB6Zj4cTAeD+G1mSgqmVRnOrujp6anou4LUV4vMmADac8aM3f2Ghl9XddgjNdXdJwvAB2jx1uzAzbvssovX0dGhnwVeptQCoJrsmADSlZqmaYaYfoV8eN0O1PM+Dl4Y6mrxeBv5/p0AHV07pHEAqGBJ00MKjwB8GIjC1Ux62/txAkg3uKWlZVJTOHw5My8EqCUYpHEESAOZO3duuM91E77C90E4scpkUvvk8RXlWmI1Ih6NfkIIsYgZ+wOYCSAy0qrGL6Aci9mzZ0c2bty4T8j3D1AUOkyAZzOwNwAddT+uLaiiC9KLXvK8mR7RJsdxZDB/NXZSOzA/GTtl/hdLngBU5atMAJoAtHMdd8KCglpQIhrdl4lyQ6xPlHJdd+2wvKLNMPZSwK5KCI+Zu4aF7grTNKMRRW0M7MqCBSu1WRD1/iuT6Vq3bt17o+mSSCQaVUbtiZDfqi/TkSJfwd+kdZBSulVW8SJhGB8F0DRUdiSSTCaT60erKxaLfTSk1Ih9KiJSyg+9xxHuTqVS75bmHbIgKxo9HCT0iUMjM15FWHyuVLjNMPZRoEcBfJjAryES0acIQ4rETfNyYlyYm/jpG4NExECGgH6A06TE95LdzrOllcfj8Sh8/3oCfRzg3QGaVNgh1Btna4nxSGhS442dnaNH2lstLQmEwo8B2KNQro6gvcVOuz8aDaxlmHojb0QMEQFKAQMESMW02Ek7epczl7brYomoeQ0TCodv/B1byu9rg7Isaw9kvZdAlNCbW4roaNd1VxXLiEfNRUS4paDUuwRs0Sd5DDQSoE859A3CG20pv1Ks2DCMj4RBzwPYS+cjYBMDWymfT1+Z0v+YgXtEJLxwtCOdhBG7kME/LszE/cLP5yJe9rS/jxLqZxnmagAHIB9rXRqCrIPep+SXP9zvAfsXA9W3A5QD4fk/AaADDdYDfO6A77/SGAprJXRwwnoiXJR03aFAzEKe5wDsS8AqKPoa4NmKWUA0NIP8A4jpWBD9rXjyOWvatKkDk6c8AmA+8l/uTl/RUoqQDHle2AdmEQkdDaLfswJ91ZHOjaXWV7igdx8YOu6oA4TlYHwBwLvCx7FretxXhnezbYDwJofFl4fee14TEc0BSO+CEgi32a572QgL0g9yu4GRyCv6kEJXxqAHCHxRge61tpQ35Hf88ikWi+0lFOugJRPA07Z09UK0NHKeWlpamjKZTHjDhg25SymWYRwFkO4auxJwV4t0Fw2Ptp8xY8bkyZGGlxnQPiYVyg4e0tXXt6FYbyEu++96acKE7wx63t2NoXA6pyfjVjvtjoh4GwJEtNx2nSNLAc4Fwt2GqcuzwHjVTrsHjwpIP2wzzQNVPihcN1onZubHmrZuOa9j/frtouMTicQHOestA3BUQdZl0AoCVgOqXQnRW3DoQ5dQ4oaxkBi3gpBh4PRygeCWYVwN0HcB9BP4xKSUfyo2KhE1v63BANgqWO2nDw7jRux+Ap+t5bOs2oZHelQCpLdkGkNhDSgKxjN22s3FO406zOuRhQe9W0A5k9UyWQIfkpTyjeFmq3/Pj4BiCZjnDdsUGwTQB2CVAH9zjZRvafm4aX6dGIsBrAP4FFvKl0cr1zLNc8HQEWP/BOGzxfC6wkfRsQA67PghW7r6qicMw9gnDNK+sQGMy+y0e1tpuUOAgHYQhvyhUmoqgU4iIl2OIPCFSSl/VhZQvLX1IBLiKYB2K2yiRxj4q8dqboX4GxFvbf0YCbGAiI5mJovBkwjQI5NgxvIGP7tAO8/CiLckfy+MT7Wl1M56RLKM2KUA3w5gExE+nXTdF3JddBs4/evDULwml1kI7WT1SNoM4C+bM1vnlE4vSgCNVp22BQ9QL9pSHlMcBUdYUCwWO0D46rH8iIXVgrCMGdqhTQb4rgHfv7L0TEpbWyaTEcPOqWjmzJkfbgyFDgTR1wk0Tw/bStBJjuOstEzzZDDdD/AkJlyVcl09Wg5PwjKM3wF0PIBeD3yEPtPX18qnNk56EIRPlWll8bGeXmwHvwSQ7u468F0nPYLpqBRi8ONZpb7Q3d2trT6XtgOUH3r1/rGel6DXzw7OGwTSkxoa7gLjHAAZVliY6nbvKRZgmubeIebbweK3oabIQ11dXUOOVO/5vLuh/1YGLgbwNhFOSrrunxPTE9O40dP+xMrNkxTOSna7zxTLTACNyjRvIMaluaGbcJ/tuufpOVLhHqweRVuZ8CYBdiko1sM143DKfVC6zpbONdsOI/PDPDFWhtjPhQT6wCQW4t5Cm98iVp9JptP6xHYEoIgVNZeAcKmejwC8KCWl7v9K79GorPcs5S/nZpjFCal0SncLZbW27gcKPQlCKwB9V2I1CGuYKQviPYlzt38iAL8UVuq0zsLXsQxjgb52CUB3YybGchZ6moAmJsyhwvwIzO2+oGOKM/uEEbuEwbeznmspmu90bx8TlPOfWU8HlR6VGygi4UOKc6htFkQrbOkMBVlYhjGfQb+g/CT4AUQiFxTzFC2ILCP2rcINvyYG3ZTJDlxdejkkEU3sy8JbCkYbgHb2xRmpntSbsVisWTD/AIzTkPc3o6W3iLAw6bovls5wdVdjxjUF8MPz6YPCZcqna52ebdEblmmuBOMgPRT7AkeOdkUzEY2dzcT6HpmvBM13nPzMuBygvKVv/CqD9Z/CyAL0Q1s6VxcmsIDVbO2BJu80QSR85s0pKUeNN8w5bwofKgSTr9TrqXRa3y7MJdM0dwkBJ0NhDohbAAoxqJfZ/62RTi8d7VahzjcXc8M9rfJ4FnojnxNgDDCwihU9WApGy86aNmtqdsqW8/X/mXlFUsrXy3yQsBWLXSyYSTGvsaXUFoW4YZwZItqdFfUl045eNm2XrGj0XCHEhxSzooGBXybXrl0/sZovQ3g0H1RFdHy+/jdBLyijwQEVSgAAAABJRU5ErkJggg==", "smallIcon": "iVBORw0KGgoAAAANSUhEUgAAACQAAAAkCAYAAADhAJiYAAAAAXNSR0IArs4c6QAABIdJREFUWEftl19oHFUUxr8zsxvSFjHWP63JZuZmZ1tsGtSQgrUo9UWQ1qIUfCiCD/UliihVoYggiPhQKYKgGH2piIrFgvpgweKfloK0PtiC0Fq7M7l3ssaqbWKrSTfJzBy5m51kkm66s21M89B92zv3nvOb73z33DuERfajRcaD60D1KnLVCgkhWjKMNxnYFhK6pZS/1Et6uedXDORY4gOAHgdxJk4QEtYsONAqy8pHZBSBS/234EBCiHtMxpG5JF9QoNbW1qVLsk0jc8CcA3CYQN9EIR0wmg2/WCyOXYmXUnvIscUggNuTSQg4OToxvm5wcHBUjxdscZKBOwAwgCOukhsahUoFVLDtbgb9NCM4o8/15VPJsQTQ5DDzWddXt1UBU7GlAnJs+y+AbklELLtKLpmd4RKgSecfKir5QCqaWjulxkLTsUWQHB8Lg6WlUuliGiA9Z4Kj5b7vD6eBqquQZVk3ZckYSgSLXCXNWsFrKVSpHHiPp9T2eQESQqw0Gb8ngp1xlZxh7vjZ3EA46im5/v8C+sNVcmUjClV33L3zBdRiMpL1b7xkHPV5vj9jR84FV9dDAIyqqafmDv9z4cahoaELaU19cWJ8Wdyr6qmUBgiOLf4EcOt0MA5cpbLpgHi/q9TmeiDx83RAuVwBZuZ0MiiDvvJU/8OXbYyA9lsrgGhegXQwxxb6hHdmBT6RicIHTw0M6GMleXSAGX3erE6eBiqVQjpQT09P9u+z58raUzUCawW+AOh7Dulrr+TNUDMNSEMliydblpXPkuHOlWBBrx8xREdHxwoj4jO1oK4JUAzi2PaLAO1KlvCaAk0dF21tucjMPk2Eu9k0ej3P8xvxzOy5qU19NUkaWXsdqJ5aFYXyltgJwuuWks0HgcCxxSmA/3WV6uns7Gwqj4wMEWhZNRi7SlZ6Ub49v46M6GhsbAZGJqJw9UC1UVYbqr5fg6KwUBwYqLSMvBDbiPFJEo4Ijxal/HKqZAVLHGBCFxP2EqM3vqLm20UvGXjXVXISPp+3YuM6togAfttV6tlq8u8A3OkqWbnu5i3xChGeJ9C+CNEmTyl9jMRAOmbL5Dr7fYAecZVcMcNDecsOichg02jxPO+8nrw2l1teNjP6M0f/Joij7UXf/yh++xhU/48/leIxxxbDDH6BDeNbI2JJ2Uyz/jyqKjQNZIn3QHjIVdKeVignNrKJgxV5wfuKSj2WkNRcZdurIxibAN4NwhuulDsdW+jy6ets5fDsaOu4y8jw8SqQvraEAJd0wQBYBHqmqPrfqVGy8lgYFEql0m8VoPjeXK3jfscWZQY/4Sn1cV6IlwygO2LeaxAFzPicGW95vtzh2MIFqIkMPBlF0Q1EtAeMw66Smx1bnABwHoRXKy/GvBag3Ro2qZDT3t4Fw/zZDIPcrzFQQYhDDBx3pXxOry1Y1haQ8VpAWN8UBDeHZuZDAGuq5v3BVXJrrJ5jiU9B2AhwSEyfFX25Q4tcsMUx4mjrad/39Fy9OcZHRn/kjLkFQdAFGC+7qv++SuktsQvEG1yl7l90feg/+koOQ1C7m7MAAAAASUVORK5CYII=", "label": "Create XSOAR Incident", "short_name": "create_xsoar_incident", "parameters": [{"format_type": "text", "required": false, "name": "incident_name", "label": "Name", "default_value": "Event from Splunk for host $result.host$", "help_string": "", "type": "", "value": "Event from Splunk for host $result.host$"}, {"format_type": "text", "required": false, "name": "occurred", "label": "Time Occurred (epoch)", "default_value": "", "help_string": "", "type": "", "value": ""}, {"format_type": "dropdownlist", "required": false, "name": "send_all_servers", "label": "Send Alert to all the Servers", "default_value": "no", "help_string": "", "possible_values": {"Yes": "yes", "No": "no"}, "type": "", "value": "no"}, {"format_type": "dropdownlist", "required": false, "name": "server_url", "label": "XSOAR Server", "default_value": "", "help_string": "Send incidents to the specified server.", "possible_values": {"Option1": "option1"}, "type": ""}, {"format_type": "text", "required": false, "name": "type", "label": "Type", "default_value": "", "help_string": "", "type": "", "value": ""}, {"format_type": "text", "required": false, "name": "custom_fields", "label": "Custom Fields", "default_value": "", "help_string": "A comma separated 'key:value' custom fields pairs, e.g. killchain:1.1.1.1,User:john,key:\"value,with,commas\"", "type": "", "value": ""}, {"format_type": "text", "required": false, "name": "labels", "label": "Labels", "default_value": "", "help_string": "If Labels field is empty, all fields from Splunk will be passed into XSOAR incident labels unless specified in Ignore labels section.", "type": "", "value": ""}, {"format_type": "text", "required": false, "name": "ignore_labels", "label": "Ignore Labels", "default_value": "", "help_string": "e.g. dest,User", "type": "", "value": ""}, {"format_type": "dropdownlist", "required": false, "name": "severity", "label": "Severity", "default_value": "0", "help_string": "", "possible_values": {"Unknown": "0", "Informational": "0_5", "Low": "1", "Medium": "2", "High": "3", "Critical": "4"}, "type": "", "value": "0"}, {"format_type": "text", "required": false, "name": "details", "label": "Details", "default_value": "Incident created from data available in Splunk", "help_string": "Include tokens to insert text based on search results.", "type": "", "value": "Incident created from data available in Splunk"}], "code": "\n# encoding = utf-8\n\ndef process_event(helper, *args, **kwargs):\n \"\"\"\n # IMPORTANT\n # Do not remove the anchor macro:start and macro:end lines.\n # These lines are used to generate sample code. If they are\n # removed, the sample code will not be updated when configurations\n # are updated.\n\n [sample_code_macro:start]\n\n # The following example sends rest requests to some endpoint\n # response is a response object in python requests library\n response = helper.send_http_request(\"http://www.splunk.com\", \"GET\", parameters=None,\n payload=None, headers=None, cookies=None, verify=True, cert=None, timeout=None, use_proxy=True)\n # get the response headers\n r_headers = response.headers\n # get the response body as text\n r_text = response.text\n # get response body as json. If the body text is not a json string, raise a ValueError\n r_json = response.json()\n # get response cookies\n r_cookies = response.cookies\n # get redirect history\n historical_responses = response.history\n # get response status code\n r_status = response.status_code\n # check the response status, if the status is not sucessful, raise requests.HTTPError\n response.raise_for_status()\n\n\n # The following example gets and sets the log level\n helper.set_log_level(helper.log_level)\n\n # The following example gets account information\n user_account = helper.get_user_credential(\"\")\n\n # The following example gets the setup parameters and prints them to the log\n ssl_cert_loc = helper.get_global_setting(\"ssl_cert_loc\")\n helper.log_info(\"ssl_cert_loc={}\".format(ssl_cert_loc))\n validate_ssl = helper.get_global_setting(\"validate_ssl\")\n helper.log_info(\"validate_ssl={}\".format(validate_ssl))\n\n # The following example gets the alert action parameters and prints them to the log\n incident_name = helper.get_param(\"incident_name\")\n helper.log_info(\"incident_name={}\".format(incident_name))\n\n occurred = helper.get_param(\"occurred\")\n helper.log_info(\"occurred={}\".format(occurred))\n\n send_all_servers = helper.get_param(\"send_all_servers\")\n helper.log_info(\"send_all_servers={}\".format(send_all_servers))\n\n server_url = helper.get_param(\"server_url\")\n helper.log_info(\"server_url={}\".format(server_url))\n\n type = helper.get_param(\"type\")\n helper.log_info(\"type={}\".format(type))\n\n custom_fields = helper.get_param(\"custom_fields\")\n helper.log_info(\"custom_fields={}\".format(custom_fields))\n\n labels = helper.get_param(\"labels\")\n helper.log_info(\"labels={}\".format(labels))\n\n ignore_labels = helper.get_param(\"ignore_labels\")\n helper.log_info(\"ignore_labels={}\".format(ignore_labels))\n\n severity = helper.get_param(\"severity\")\n helper.log_info(\"severity={}\".format(severity))\n\n details = helper.get_param(\"details\")\n helper.log_info(\"details={}\".format(details))\n\n\n # The following example adds two sample events (\"hello\", \"world\")\n # and writes them to Splunk\n # NOTE: Call helper.writeevents() only once after all events\n # have been added\n helper.addevent(\"hello\", sourcetype=\"sample_sourcetype\")\n helper.addevent(\"world\", sourcetype=\"sample_sourcetype\")\n helper.writeevents(index=\"summary\", host=\"localhost\", source=\"localhost\")\n\n # The following example gets the events that trigger the alert\n events = helper.get_events()\n for event in events:\n helper.log_info(\"event={}\".format(event))\n\n # helper.settings is a dict that includes environment configuration\n # Example usage: helper.settings[\"server_uri\"]\n helper.log_info(\"server_uri={}\".format(helper.settings[\"server_uri\"]))\n [sample_code_macro:end]\n \"\"\"\n\n helper.log_info(\"Alert action create_xsoar_incident started.\")\n\n # TODO: Implement your alert action logic here\n return 0\n", "uuid": "0e801d2582d341078cba61c1395d90f2"}]}, "basic_builder": {"appname": "TA-Demisto", "friendly_name": "Demisto Add-on for Splunk", "version": "4.0.0", "author": "Palo Alto Networks", "description": "This application provides an alert action to create an incident in Cortex XSOAR.", "theme": "#3c6188", "large_icon": "iVBORw0KGgoAAAANSUhEUgAAAEgAAABICAYAAABV7bNHAAAAAXNSR0IArs4c6QAADd1JREFUeF7tnAmQXEUZx/9fz8zu5lBBCBuT3Xlv5s1yhEPKFFchJEgoCIIQEeQSikslYKBE8QJBheARbgGrUKFADhFMVG6VoxJQAkIi7uJu5s17PXuYkGwCGpLZnff6s3qOzWR3Z+ZNMuvBblelNvve191f/97XX19fL2EiVSRAE3wqE5gAVMVCJgBNANo5JzJhQRMWNGFBO0fg/8GC4vH4hwA0k+/vTkQfUMxT4ftdqZ6eN8e09QEK/6/6oHg0+nFQaAGBZwOYDqbdQPwBAA0AX21LeX2ANoypyH8cUHNz85QpTU1zBOh6Bg4s3zq+alwBMk2zKQQcB4UvgjAXQGPlTz++AIUs07wDjDMB6C4UII0PQJSIRmcxibsBHBaASonIOABkmuaBIcbPkfc1Nfq79zkgc7ppigZ+nYh2rc1yitLvY0CGYcTCoAdq71Y5OP8E8A5Ad3OW7osMRjZ1buj8145B3vlcNZp9sArjhnknAZ8HEAqWAwMgPEzAUiiVZKUGQKFzIHAGIDIgXkOKlnqCf+W6biZgmXURqzugtmj0BB+0jIiCwOkD6CGf+DrXdd8pbZFlxK4D+FvDWtlPhOuzzA9LKf9RFwL/yaWGZVmt8PwVAKJV6lVMeEIw39Ai5asvAN5wecuIfQ/gq0aUw+yBaCVDLE7J1JMAeCxB1dWC4tHot4nEtVVGLAbj/sapky/p6OjYXK5xZSyoVHwLmC620879YwmpboBM05weYiwFcGjlL0pPICzOt2377UpyAQDp7GsZfGFKyifGyorqBigejc4jEo9XWUK8gXDouGpwdGPLdrGRJP5BHD4mmU62jwWk+gEyjJ8S6IJySjLze4rVWW5392+CNKQGQGDG7zLe4Ol9fX1bgpRdi0xdAM3G7Mg7Rn8vgGkVKn8+42VP7e3t7Q+iYMAuViyqn1mdnkqn/xCk7Fpk6gLIikZng8RrlSpmxuWptHtrUOVqsSBdJoFuSkrniqDlB5WrC6CEYSxk0B0VKlWCVduadDoVVLFaAQF4y5burKDlB5WrDyDTvFlbSPlK2bal3BOACqpY7YDYU0K0OI6zLmgdQeTqAihuxB4l8CllHTTo0ZR0Tg2iUFGmRh+Uz0aYb7vu07XUU022LoAsI/Y4wJ+sAOjOlHQuqaZM6fvaLSgH6Dzbde+tpZ5qsnUCZD4FvZ1aJjFwV0q6C6sps9OAmM610859tdRTTbZegB4E9Mq7bFpmS3dBNWV2FhCzmJdKp/5YSz3VZOsEKLYE4ApDLPfYUuoFbOCF5Q50sWyWVXM6nd5UrdG1vK8LoDbTPE/lt1bLJvbEXqneVFdQ5WoFxMDqlHQrHCMFrXl7uboAslqt/SD8iqegxPhGMu3+IKgV1TiKMUA32NIZvn+0Y1RKctUFEICwZZhJAEZ5jeglJXBK0HlKjRa0Tgk61XGc5TtNZFgB9QIEyzBuA+hLFRTcyuCLUlLqveqqqRYLIuBBRMLnJ5PJgaoF1yhQN0Cx1tgRQuBJgKdW0KHLAx8npXSq6RnUghjoDLE6vpZlTLW6S9/XDVAikZjGnvcYGEdUVIC5vUlNPbK9p31jJbmAgN5Wgo5xHOevtTS6Ftm6AdLz2LhpLiLGTQBEBSX0emxZGPyVzgqWVK2LEeAw+ApbSr2/FHiNVwscLVtPQNh75szdvHBkJQPxKor4DLQLhSuT3e7vR2tgBQvSMJ6B8q+0u7s7xhJO3QHpAhNm4lBmT89mJwf4WlsJdI9H/KPGxsb+zs5OvYmfm0wOA6SfbQZ4PRMtGfS8e3t6erYGKH+nRepqQUVt4lFzMRH0zLohiIYM3khMK0jgDShKQvB6Zj4cTAeD+G1mSgqmVRnOrujp6anou4LUV4vMmADac8aM3f2Ghl9XddgjNdXdJwvAB2jx1uzAzbvssovX0dGhnwVeptQCoJrsmADSlZqmaYaYfoV8eN0O1PM+Dl4Y6mrxeBv5/p0AHV07pHEAqGBJ00MKjwB8GIjC1Ux62/txAkg3uKWlZVJTOHw5My8EqCUYpHEESAOZO3duuM91E77C90E4scpkUvvk8RXlWmI1Ih6NfkIIsYgZ+wOYCSAy0qrGL6Aci9mzZ0c2bty4T8j3D1AUOkyAZzOwNwAddT+uLaiiC9KLXvK8mR7RJsdxZDB/NXZSOzA/GTtl/hdLngBU5atMAJoAtHMdd8KCglpQIhrdl4lyQ6xPlHJdd+2wvKLNMPZSwK5KCI+Zu4aF7grTNKMRRW0M7MqCBSu1WRD1/iuT6Vq3bt17o+mSSCQaVUbtiZDfqi/TkSJfwd+kdZBSulVW8SJhGB8F0DRUdiSSTCaT60erKxaLfTSk1Ih9KiJSyg+9xxHuTqVS75bmHbIgKxo9HCT0iUMjM15FWHyuVLjNMPZRoEcBfJjAryES0acIQ4rETfNyYlyYm/jpG4NExECGgH6A06TE95LdzrOllcfj8Sh8/3oCfRzg3QGaVNgh1Btna4nxSGhS442dnaNH2lstLQmEwo8B2KNQro6gvcVOuz8aDaxlmHojb0QMEQFKAQMESMW02Ek7epczl7brYomoeQ0TCodv/B1byu9rg7Isaw9kvZdAlNCbW4roaNd1VxXLiEfNRUS4paDUuwRs0Sd5DDQSoE859A3CG20pv1Ks2DCMj4RBzwPYS+cjYBMDWymfT1+Z0v+YgXtEJLxwtCOdhBG7kME/LszE/cLP5yJe9rS/jxLqZxnmagAHIB9rXRqCrIPep+SXP9zvAfsXA9W3A5QD4fk/AaADDdYDfO6A77/SGAprJXRwwnoiXJR03aFAzEKe5wDsS8AqKPoa4NmKWUA0NIP8A4jpWBD9rXjyOWvatKkDk6c8AmA+8l/uTl/RUoqQDHle2AdmEQkdDaLfswJ91ZHOjaXWV7igdx8YOu6oA4TlYHwBwLvCx7FretxXhnezbYDwJofFl4fee14TEc0BSO+CEgi32a572QgL0g9yu4GRyCv6kEJXxqAHCHxRge61tpQ35Hf88ikWi+0lFOugJRPA07Z09UK0NHKeWlpamjKZTHjDhg25SymWYRwFkO4auxJwV4t0Fw2Ptp8xY8bkyZGGlxnQPiYVyg4e0tXXt6FYbyEu++96acKE7wx63t2NoXA6pyfjVjvtjoh4GwJEtNx2nSNLAc4Fwt2GqcuzwHjVTrsHjwpIP2wzzQNVPihcN1onZubHmrZuOa9j/frtouMTicQHOestA3BUQdZl0AoCVgOqXQnRW3DoQ5dQ4oaxkBi3gpBh4PRygeCWYVwN0HcB9BP4xKSUfyo2KhE1v63BANgqWO2nDw7jRux+Ap+t5bOs2oZHelQCpLdkGkNhDSgKxjN22s3FO406zOuRhQe9W0A5k9UyWQIfkpTyjeFmq3/Pj4BiCZjnDdsUGwTQB2CVAH9zjZRvafm4aX6dGIsBrAP4FFvKl0cr1zLNc8HQEWP/BOGzxfC6wkfRsQA67PghW7r6qicMw9gnDNK+sQGMy+y0e1tpuUOAgHYQhvyhUmoqgU4iIl2OIPCFSSl/VhZQvLX1IBLiKYB2K2yiRxj4q8dqboX4GxFvbf0YCbGAiI5mJovBkwjQI5NgxvIGP7tAO8/CiLckfy+MT7Wl1M56RLKM2KUA3w5gExE+nXTdF3JddBs4/evDULwml1kI7WT1SNoM4C+bM1vnlE4vSgCNVp22BQ9QL9pSHlMcBUdYUCwWO0D46rH8iIXVgrCMGdqhTQb4rgHfv7L0TEpbWyaTEcPOqWjmzJkfbgyFDgTR1wk0Tw/bStBJjuOstEzzZDDdD/AkJlyVcl09Wg5PwjKM3wF0PIBeD3yEPtPX18qnNk56EIRPlWll8bGeXmwHvwSQ7u468F0nPYLpqBRi8ONZpb7Q3d2trT6XtgOUH3r1/rGel6DXzw7OGwTSkxoa7gLjHAAZVliY6nbvKRZgmubeIebbweK3oabIQ11dXUOOVO/5vLuh/1YGLgbwNhFOSrrunxPTE9O40dP+xMrNkxTOSna7zxTLTACNyjRvIMaluaGbcJ/tuufpOVLhHqweRVuZ8CYBdiko1sM143DKfVC6zpbONdsOI/PDPDFWhtjPhQT6wCQW4t5Cm98iVp9JptP6xHYEoIgVNZeAcKmejwC8KCWl7v9K79GorPcs5S/nZpjFCal0SncLZbW27gcKPQlCKwB9V2I1CGuYKQviPYlzt38iAL8UVuq0zsLXsQxjgb52CUB3YybGchZ6moAmJsyhwvwIzO2+oGOKM/uEEbuEwbeznmspmu90bx8TlPOfWU8HlR6VGygi4UOKc6htFkQrbOkMBVlYhjGfQb+g/CT4AUQiFxTzFC2ILCP2rcINvyYG3ZTJDlxdejkkEU3sy8JbCkYbgHb2xRmpntSbsVisWTD/AIzTkPc3o6W3iLAw6bovls5wdVdjxjUF8MPz6YPCZcqna52ebdEblmmuBOMgPRT7AkeOdkUzEY2dzcT6HpmvBM13nPzMuBygvKVv/CqD9Z/CyAL0Q1s6VxcmsIDVbO2BJu80QSR85s0pKUeNN8w5bwofKgSTr9TrqXRa3y7MJdM0dwkBJ0NhDohbAAoxqJfZ/62RTi8d7VahzjcXc8M9rfJ4FnojnxNgDDCwihU9WApGy86aNmtqdsqW8/X/mXlFUsrXy3yQsBWLXSyYSTGvsaXUFoW4YZwZItqdFfUl045eNm2XrGj0XCHEhxSzooGBXybXrl0/sZovQ3g0H1RFdHy+/jdBLyijwQEVSgAAAABJRU5ErkJggg==", "small_icon": "iVBORw0KGgoAAAANSUhEUgAAACQAAAAkCAYAAADhAJiYAAAAAXNSR0IArs4c6QAABIdJREFUWEftl19oHFUUxr8zsxvSFjHWP63JZuZmZ1tsGtSQgrUo9UWQ1qIUfCiCD/UliihVoYggiPhQKYKgGH2piIrFgvpgweKfloK0PtiC0Fq7M7l3ssaqbWKrSTfJzBy5m51kkm66s21M89B92zv3nvOb73z33DuERfajRcaD60D1KnLVCgkhWjKMNxnYFhK6pZS/1Et6uedXDORY4gOAHgdxJk4QEtYsONAqy8pHZBSBS/234EBCiHtMxpG5JF9QoNbW1qVLsk0jc8CcA3CYQN9EIR0wmg2/WCyOXYmXUnvIscUggNuTSQg4OToxvm5wcHBUjxdscZKBOwAwgCOukhsahUoFVLDtbgb9NCM4o8/15VPJsQTQ5DDzWddXt1UBU7GlAnJs+y+AbklELLtKLpmd4RKgSecfKir5QCqaWjulxkLTsUWQHB8Lg6WlUuliGiA9Z4Kj5b7vD6eBqquQZVk3ZckYSgSLXCXNWsFrKVSpHHiPp9T2eQESQqw0Gb8ngp1xlZxh7vjZ3EA46im5/v8C+sNVcmUjClV33L3zBdRiMpL1b7xkHPV5vj9jR84FV9dDAIyqqafmDv9z4cahoaELaU19cWJ8Wdyr6qmUBgiOLf4EcOt0MA5cpbLpgHi/q9TmeiDx83RAuVwBZuZ0MiiDvvJU/8OXbYyA9lsrgGhegXQwxxb6hHdmBT6RicIHTw0M6GMleXSAGX3erE6eBiqVQjpQT09P9u+z58raUzUCawW+AOh7Dulrr+TNUDMNSEMliydblpXPkuHOlWBBrx8xREdHxwoj4jO1oK4JUAzi2PaLAO1KlvCaAk0dF21tucjMPk2Eu9k0ej3P8xvxzOy5qU19NUkaWXsdqJ5aFYXyltgJwuuWks0HgcCxxSmA/3WV6uns7Gwqj4wMEWhZNRi7SlZ6Ub49v46M6GhsbAZGJqJw9UC1UVYbqr5fg6KwUBwYqLSMvBDbiPFJEo4Ijxal/HKqZAVLHGBCFxP2EqM3vqLm20UvGXjXVXISPp+3YuM6togAfttV6tlq8u8A3OkqWbnu5i3xChGeJ9C+CNEmTyl9jMRAOmbL5Dr7fYAecZVcMcNDecsOichg02jxPO+8nrw2l1teNjP6M0f/Joij7UXf/yh++xhU/48/leIxxxbDDH6BDeNbI2JJ2Uyz/jyqKjQNZIn3QHjIVdKeVignNrKJgxV5wfuKSj2WkNRcZdurIxibAN4NwhuulDsdW+jy6ets5fDsaOu4y8jw8SqQvraEAJd0wQBYBHqmqPrfqVGy8lgYFEql0m8VoPjeXK3jfscWZQY/4Sn1cV6IlwygO2LeaxAFzPicGW95vtzh2MIFqIkMPBlF0Q1EtAeMw66Smx1bnABwHoRXKy/GvBag3Ro2qZDT3t4Fw/zZDIPcrzFQQYhDDBx3pXxOry1Y1haQ8VpAWN8UBDeHZuZDAGuq5v3BVXJrrJ5jiU9B2AhwSEyfFX25Q4tcsMUx4mjrad/39Fy9OcZHRn/kjLkFQdAFGC+7qv++SuktsQvEG1yl7l90feg/+koOQ1C7m7MAAAAASUVORK5CYII=", "visible": false, "tab_version": "4.1.0", "tab_build_no": "0", "build_no": 1}, "global_settings_builder": {"global_settings": {"proxy_settings": {"proxy_type": "http"}, "log_settings": {}, "credential_settings": [], "customized_settings": [{"format_type": "text", "required": false, "name": "ssl_cert_loc", "label": "SSL Certificate Location", "default_value": "", "help_string": "", "internal_name": "", "type": "text", "value": ""}, {"format_type": "checkbox", "required": false, "name": "validate_ssl", "label": "Validate SSL", "default_value": 0, "help_string": "", "internal_name": "", "type": "checkbox", "value": 0}]}}} \ No newline at end of file +{"alert_action_builder": {"modular_alerts": [{"description": "", "largeIcon": "iVBORw0KGgoAAAANSUhEUgAAAEgAAABICAYAAABV7bNHAAAAAXNSR0IArs4c6QAADd1JREFUeF7tnAmQXEUZx/9fz8zu5lBBCBuT3Xlv5s1yhEPKFFchJEgoCIIQEeQSikslYKBE8QJBheARbgGrUKFADhFMVG6VoxJQAkIi7uJu5s17PXuYkGwCGpLZnff6s3qOzWR3Z+ZNMuvBblelNvve191f/97XX19fL2EiVSRAE3wqE5gAVMVCJgBNANo5JzJhQRMWNGFBO0fg/8GC4vH4hwA0k+/vTkQfUMxT4ftdqZ6eN8e09QEK/6/6oHg0+nFQaAGBZwOYDqbdQPwBAA0AX21LeX2ANoypyH8cUHNz85QpTU1zBOh6Bg4s3zq+alwBMk2zKQQcB4UvgjAXQGPlTz++AIUs07wDjDMB6C4UII0PQJSIRmcxibsBHBaASonIOABkmuaBIcbPkfc1Nfq79zkgc7ppigZ+nYh2rc1yitLvY0CGYcTCoAdq71Y5OP8E8A5Ad3OW7osMRjZ1buj8145B3vlcNZp9sArjhnknAZ8HEAqWAwMgPEzAUiiVZKUGQKFzIHAGIDIgXkOKlnqCf+W6biZgmXURqzugtmj0BB+0jIiCwOkD6CGf+DrXdd8pbZFlxK4D+FvDWtlPhOuzzA9LKf9RFwL/yaWGZVmt8PwVAKJV6lVMeEIw39Ai5asvAN5wecuIfQ/gq0aUw+yBaCVDLE7J1JMAeCxB1dWC4tHot4nEtVVGLAbj/sapky/p6OjYXK5xZSyoVHwLmC620879YwmpboBM05weYiwFcGjlL0pPICzOt2377UpyAQDp7GsZfGFKyifGyorqBigejc4jEo9XWUK8gXDouGpwdGPLdrGRJP5BHD4mmU62jwWk+gEyjJ8S6IJySjLze4rVWW5392+CNKQGQGDG7zLe4Ol9fX1bgpRdi0xdAM3G7Mg7Rn8vgGkVKn8+42VP7e3t7Q+iYMAuViyqn1mdnkqn/xCk7Fpk6gLIikZng8RrlSpmxuWptHtrUOVqsSBdJoFuSkrniqDlB5WrC6CEYSxk0B0VKlWCVduadDoVVLFaAQF4y5burKDlB5WrDyDTvFlbSPlK2bal3BOACqpY7YDYU0K0OI6zLmgdQeTqAihuxB4l8CllHTTo0ZR0Tg2iUFGmRh+Uz0aYb7vu07XUU022LoAsI/Y4wJ+sAOjOlHQuqaZM6fvaLSgH6Dzbde+tpZ5qsnUCZD4FvZ1aJjFwV0q6C6sps9OAmM610859tdRTTbZegB4E9Mq7bFpmS3dBNWV2FhCzmJdKp/5YSz3VZOsEKLYE4ApDLPfYUuoFbOCF5Q50sWyWVXM6nd5UrdG1vK8LoDbTPE/lt1bLJvbEXqneVFdQ5WoFxMDqlHQrHCMFrXl7uboAslqt/SD8iqegxPhGMu3+IKgV1TiKMUA32NIZvn+0Y1RKctUFEICwZZhJAEZ5jeglJXBK0HlKjRa0Tgk61XGc5TtNZFgB9QIEyzBuA+hLFRTcyuCLUlLqveqqqRYLIuBBRMLnJ5PJgaoF1yhQN0Cx1tgRQuBJgKdW0KHLAx8npXSq6RnUghjoDLE6vpZlTLW6S9/XDVAikZjGnvcYGEdUVIC5vUlNPbK9p31jJbmAgN5Wgo5xHOevtTS6Ftm6AdLz2LhpLiLGTQBEBSX0emxZGPyVzgqWVK2LEeAw+ApbSr2/FHiNVwscLVtPQNh75szdvHBkJQPxKor4DLQLhSuT3e7vR2tgBQvSMJ6B8q+0u7s7xhJO3QHpAhNm4lBmT89mJwf4WlsJdI9H/KPGxsb+zs5OvYmfm0wOA6SfbQZ4PRMtGfS8e3t6erYGKH+nRepqQUVt4lFzMRH0zLohiIYM3khMK0jgDShKQvB6Zj4cTAeD+G1mSgqmVRnOrujp6anou4LUV4vMmADac8aM3f2Ghl9XddgjNdXdJwvAB2jx1uzAzbvssovX0dGhnwVeptQCoJrsmADSlZqmaYaYfoV8eN0O1PM+Dl4Y6mrxeBv5/p0AHV07pHEAqGBJ00MKjwB8GIjC1Ux62/txAkg3uKWlZVJTOHw5My8EqCUYpHEESAOZO3duuM91E77C90E4scpkUvvk8RXlWmI1Ih6NfkIIsYgZ+wOYCSAy0qrGL6Aci9mzZ0c2bty4T8j3D1AUOkyAZzOwNwAddT+uLaiiC9KLXvK8mR7RJsdxZDB/NXZSOzA/GTtl/hdLngBU5atMAJoAtHMdd8KCglpQIhrdl4lyQ6xPlHJdd+2wvKLNMPZSwK5KCI+Zu4aF7grTNKMRRW0M7MqCBSu1WRD1/iuT6Vq3bt17o+mSSCQaVUbtiZDfqi/TkSJfwd+kdZBSulVW8SJhGB8F0DRUdiSSTCaT60erKxaLfTSk1Ih9KiJSyg+9xxHuTqVS75bmHbIgKxo9HCT0iUMjM15FWHyuVLjNMPZRoEcBfJjAryES0acIQ4rETfNyYlyYm/jpG4NExECGgH6A06TE95LdzrOllcfj8Sh8/3oCfRzg3QGaVNgh1Btna4nxSGhS442dnaNH2lstLQmEwo8B2KNQro6gvcVOuz8aDaxlmHojb0QMEQFKAQMESMW02Ek7epczl7brYomoeQ0TCodv/B1byu9rg7Isaw9kvZdAlNCbW4roaNd1VxXLiEfNRUS4paDUuwRs0Sd5DDQSoE859A3CG20pv1Ks2DCMj4RBzwPYS+cjYBMDWymfT1+Z0v+YgXtEJLxwtCOdhBG7kME/LszE/cLP5yJe9rS/jxLqZxnmagAHIB9rXRqCrIPep+SXP9zvAfsXA9W3A5QD4fk/AaADDdYDfO6A77/SGAprJXRwwnoiXJR03aFAzEKe5wDsS8AqKPoa4NmKWUA0NIP8A4jpWBD9rXjyOWvatKkDk6c8AmA+8l/uTl/RUoqQDHle2AdmEQkdDaLfswJ91ZHOjaXWV7igdx8YOu6oA4TlYHwBwLvCx7FretxXhnezbYDwJofFl4fee14TEc0BSO+CEgi32a572QgL0g9yu4GRyCv6kEJXxqAHCHxRge61tpQ35Hf88ikWi+0lFOugJRPA07Z09UK0NHKeWlpamjKZTHjDhg25SymWYRwFkO4auxJwV4t0Fw2Ptp8xY8bkyZGGlxnQPiYVyg4e0tXXt6FYbyEu++96acKE7wx63t2NoXA6pyfjVjvtjoh4GwJEtNx2nSNLAc4Fwt2GqcuzwHjVTrsHjwpIP2wzzQNVPihcN1onZubHmrZuOa9j/frtouMTicQHOestA3BUQdZl0AoCVgOqXQnRW3DoQ5dQ4oaxkBi3gpBh4PRygeCWYVwN0HcB9BP4xKSUfyo2KhE1v63BANgqWO2nDw7jRux+Ap+t5bOs2oZHelQCpLdkGkNhDSgKxjN22s3FO406zOuRhQe9W0A5k9UyWQIfkpTyjeFmq3/Pj4BiCZjnDdsUGwTQB2CVAH9zjZRvafm4aX6dGIsBrAP4FFvKl0cr1zLNc8HQEWP/BOGzxfC6wkfRsQA67PghW7r6qicMw9gnDNK+sQGMy+y0e1tpuUOAgHYQhvyhUmoqgU4iIl2OIPCFSSl/VhZQvLX1IBLiKYB2K2yiRxj4q8dqboX4GxFvbf0YCbGAiI5mJovBkwjQI5NgxvIGP7tAO8/CiLckfy+MT7Wl1M56RLKM2KUA3w5gExE+nXTdF3JddBs4/evDULwml1kI7WT1SNoM4C+bM1vnlE4vSgCNVp22BQ9QL9pSHlMcBUdYUCwWO0D46rH8iIXVgrCMGdqhTQb4rgHfv7L0TEpbWyaTEcPOqWjmzJkfbgyFDgTR1wk0Tw/bStBJjuOstEzzZDDdD/AkJlyVcl09Wg5PwjKM3wF0PIBeD3yEPtPX18qnNk56EIRPlWll8bGeXmwHvwSQ7u468F0nPYLpqBRi8ONZpb7Q3d2trT6XtgOUH3r1/rGel6DXzw7OGwTSkxoa7gLjHAAZVliY6nbvKRZgmubeIebbweK3oabIQ11dXUOOVO/5vLuh/1YGLgbwNhFOSrrunxPTE9O40dP+xMrNkxTOSna7zxTLTACNyjRvIMaluaGbcJ/tuufpOVLhHqweRVuZ8CYBdiko1sM143DKfVC6zpbONdsOI/PDPDFWhtjPhQT6wCQW4t5Cm98iVp9JptP6xHYEoIgVNZeAcKmejwC8KCWl7v9K79GorPcs5S/nZpjFCal0SncLZbW27gcKPQlCKwB9V2I1CGuYKQviPYlzt38iAL8UVuq0zsLXsQxjgb52CUB3YybGchZ6moAmJsyhwvwIzO2+oGOKM/uEEbuEwbeznmspmu90bx8TlPOfWU8HlR6VGygi4UOKc6htFkQrbOkMBVlYhjGfQb+g/CT4AUQiFxTzFC2ILCP2rcINvyYG3ZTJDlxdejkkEU3sy8JbCkYbgHb2xRmpntSbsVisWTD/AIzTkPc3o6W3iLAw6bovls5wdVdjxjUF8MPz6YPCZcqna52ebdEblmmuBOMgPRT7AkeOdkUzEY2dzcT6HpmvBM13nPzMuBygvKVv/CqD9Z/CyAL0Q1s6VxcmsIDVbO2BJu80QSR85s0pKUeNN8w5bwofKgSTr9TrqXRa3y7MJdM0dwkBJ0NhDohbAAoxqJfZ/62RTi8d7VahzjcXc8M9rfJ4FnojnxNgDDCwihU9WApGy86aNmtqdsqW8/X/mXlFUsrXy3yQsBWLXSyYSTGvsaXUFoW4YZwZItqdFfUl045eNm2XrGj0XCHEhxSzooGBXybXrl0/sZovQ3g0H1RFdHy+/jdBLyijwQEVSgAAAABJRU5ErkJggg==", "smallIcon": "iVBORw0KGgoAAAANSUhEUgAAACQAAAAkCAYAAADhAJiYAAAAAXNSR0IArs4c6QAABIdJREFUWEftl19oHFUUxr8zsxvSFjHWP63JZuZmZ1tsGtSQgrUo9UWQ1qIUfCiCD/UliihVoYggiPhQKYKgGH2piIrFgvpgweKfloK0PtiC0Fq7M7l3ssaqbWKrSTfJzBy5m51kkm66s21M89B92zv3nvOb73z33DuERfajRcaD60D1KnLVCgkhWjKMNxnYFhK6pZS/1Et6uedXDORY4gOAHgdxJk4QEtYsONAqy8pHZBSBS/234EBCiHtMxpG5JF9QoNbW1qVLsk0jc8CcA3CYQN9EIR0wmg2/WCyOXYmXUnvIscUggNuTSQg4OToxvm5wcHBUjxdscZKBOwAwgCOukhsahUoFVLDtbgb9NCM4o8/15VPJsQTQ5DDzWddXt1UBU7GlAnJs+y+AbklELLtKLpmd4RKgSecfKir5QCqaWjulxkLTsUWQHB8Lg6WlUuliGiA9Z4Kj5b7vD6eBqquQZVk3ZckYSgSLXCXNWsFrKVSpHHiPp9T2eQESQqw0Gb8ngp1xlZxh7vjZ3EA46im5/v8C+sNVcmUjClV33L3zBdRiMpL1b7xkHPV5vj9jR84FV9dDAIyqqafmDv9z4cahoaELaU19cWJ8Wdyr6qmUBgiOLf4EcOt0MA5cpbLpgHi/q9TmeiDx83RAuVwBZuZ0MiiDvvJU/8OXbYyA9lsrgGhegXQwxxb6hHdmBT6RicIHTw0M6GMleXSAGX3erE6eBiqVQjpQT09P9u+z58raUzUCawW+AOh7Dulrr+TNUDMNSEMliydblpXPkuHOlWBBrx8xREdHxwoj4jO1oK4JUAzi2PaLAO1KlvCaAk0dF21tucjMPk2Eu9k0ej3P8xvxzOy5qU19NUkaWXsdqJ5aFYXyltgJwuuWks0HgcCxxSmA/3WV6uns7Gwqj4wMEWhZNRi7SlZ6Ub49v46M6GhsbAZGJqJw9UC1UVYbqr5fg6KwUBwYqLSMvBDbiPFJEo4Ijxal/HKqZAVLHGBCFxP2EqM3vqLm20UvGXjXVXISPp+3YuM6togAfttV6tlq8u8A3OkqWbnu5i3xChGeJ9C+CNEmTyl9jMRAOmbL5Dr7fYAecZVcMcNDecsOichg02jxPO+8nrw2l1teNjP6M0f/Joij7UXf/yh++xhU/48/leIxxxbDDH6BDeNbI2JJ2Uyz/jyqKjQNZIn3QHjIVdKeVignNrKJgxV5wfuKSj2WkNRcZdurIxibAN4NwhuulDsdW+jy6ets5fDsaOu4y8jw8SqQvraEAJd0wQBYBHqmqPrfqVGy8lgYFEql0m8VoPjeXK3jfscWZQY/4Sn1cV6IlwygO2LeaxAFzPicGW95vtzh2MIFqIkMPBlF0Q1EtAeMw66Smx1bnABwHoRXKy/GvBag3Ro2qZDT3t4Fw/zZDIPcrzFQQYhDDBx3pXxOry1Y1haQ8VpAWN8UBDeHZuZDAGuq5v3BVXJrrJ5jiU9B2AhwSEyfFX25Q4tcsMUx4mjrad/39Fy9OcZHRn/kjLkFQdAFGC+7qv++SuktsQvEG1yl7l90feg/+koOQ1C7m7MAAAAASUVORK5CYII=", "label": "Create XSOAR Incident", "short_name": "create_xsoar_incident", "parameters": [{"format_type": "text", "required": false, "name": "incident_name", "label": "Name", "default_value": "Event from Splunk for host $result.host$", "help_string": "", "type": "", "value": "Event from Splunk for host $result.host$"}, {"format_type": "text", "required": false, "name": "occurred", "label": "Time Occurred (epoch)", "default_value": "", "help_string": "", "type": "", "value": ""}, {"format_type": "dropdownlist", "required": false, "name": "send_all_servers", "label": "Send Alert to all the Servers", "default_value": "no", "help_string": "", "possible_values": {"Yes": "yes", "No": "no"}, "type": "", "value": "no"}, {"format_type": "dropdownlist", "required": false, "name": "server_url", "label": "XSOAR Server", "default_value": "", "help_string": "Send incidents to the specified server.", "possible_values": {"Option1": "option1"}, "type": ""}, {"format_type": "text", "required": false, "name": "type", "label": "Type", "default_value": "", "help_string": "", "type": "", "value": ""}, {"format_type": "text", "required": false, "name": "custom_fields", "label": "Custom Fields", "default_value": "", "help_string": "A comma separated 'key:value' custom fields pairs, e.g. killchain:1.1.1.1,User:john,key:\"value,with,commas\"", "type": "", "value": ""}, {"format_type": "text", "required": false, "name": "labels", "label": "Labels", "default_value": "", "help_string": "If Labels field is empty, all fields from Splunk will be passed into XSOAR incident labels unless specified in Ignore labels section.", "type": "", "value": ""}, {"format_type": "text", "required": false, "name": "ignore_labels", "label": "Ignore Labels", "default_value": "", "help_string": "e.g. dest,User", "type": "", "value": ""}, {"format_type": "dropdownlist", "required": false, "name": "severity", "label": "Severity", "default_value": "0", "help_string": "", "possible_values": {"Unknown": "0", "Informational": "0_5", "Low": "1", "Medium": "2", "High": "3", "Critical": "4"}, "type": "", "value": "0"}, {"format_type": "text", "required": false, "name": "details", "label": "Details", "default_value": "Incident created from data available in Splunk", "help_string": "Include tokens to insert text based on search results.", "type": "", "value": "Incident created from data available in Splunk"}], "code": "\n# encoding = utf-8\n\ndef process_event(helper, *args, **kwargs):\n \"\"\"\n # IMPORTANT\n # Do not remove the anchor macro:start and macro:end lines.\n # These lines are used to generate sample code. If they are\n # removed, the sample code will not be updated when configurations\n # are updated.\n\n [sample_code_macro:start]\n\n # The following example sends rest requests to some endpoint\n # response is a response object in python requests library\n response = helper.send_http_request(\"http://www.splunk.com\", \"GET\", parameters=None,\n payload=None, headers=None, cookies=None, verify=True, cert=None, timeout=None, use_proxy=True)\n # get the response headers\n r_headers = response.headers\n # get the response body as text\n r_text = response.text\n # get response body as json. If the body text is not a json string, raise a ValueError\n r_json = response.json()\n # get response cookies\n r_cookies = response.cookies\n # get redirect history\n historical_responses = response.history\n # get response status code\n r_status = response.status_code\n # check the response status, if the status is not sucessful, raise requests.HTTPError\n response.raise_for_status()\n\n\n # The following example gets and sets the log level\n helper.set_log_level(helper.log_level)\n\n # The following example gets account information\n user_account = helper.get_user_credential(\"\")\n\n # The following example gets the setup parameters and prints them to the log\n ssl_cert_loc = helper.get_global_setting(\"ssl_cert_loc\")\n helper.log_info(\"ssl_cert_loc={}\".format(ssl_cert_loc))\n validate_ssl = helper.get_global_setting(\"validate_ssl\")\n helper.log_info(\"validate_ssl={}\".format(validate_ssl))\n\n # The following example gets the alert action parameters and prints them to the log\n incident_name = helper.get_param(\"incident_name\")\n helper.log_info(\"incident_name={}\".format(incident_name))\n\n occurred = helper.get_param(\"occurred\")\n helper.log_info(\"occurred={}\".format(occurred))\n\n send_all_servers = helper.get_param(\"send_all_servers\")\n helper.log_info(\"send_all_servers={}\".format(send_all_servers))\n\n server_url = helper.get_param(\"server_url\")\n helper.log_info(\"server_url={}\".format(server_url))\n\n type = helper.get_param(\"type\")\n helper.log_info(\"type={}\".format(type))\n\n custom_fields = helper.get_param(\"custom_fields\")\n helper.log_info(\"custom_fields={}\".format(custom_fields))\n\n labels = helper.get_param(\"labels\")\n helper.log_info(\"labels={}\".format(labels))\n\n ignore_labels = helper.get_param(\"ignore_labels\")\n helper.log_info(\"ignore_labels={}\".format(ignore_labels))\n\n severity = helper.get_param(\"severity\")\n helper.log_info(\"severity={}\".format(severity))\n\n details = helper.get_param(\"details\")\n helper.log_info(\"details={}\".format(details))\n\n\n # The following example adds two sample events (\"hello\", \"world\")\n # and writes them to Splunk\n # NOTE: Call helper.writeevents() only once after all events\n # have been added\n helper.addevent(\"hello\", sourcetype=\"sample_sourcetype\")\n helper.addevent(\"world\", sourcetype=\"sample_sourcetype\")\n helper.writeevents(index=\"summary\", host=\"localhost\", source=\"localhost\")\n\n # The following example gets the events that trigger the alert\n events = helper.get_events()\n for event in events:\n helper.log_info(\"event={}\".format(event))\n\n # helper.settings is a dict that includes environment configuration\n # Example usage: helper.settings[\"server_uri\"]\n helper.log_info(\"server_uri={}\".format(helper.settings[\"server_uri\"]))\n [sample_code_macro:end]\n \"\"\"\n\n helper.log_info(\"Alert action create_xsoar_incident started.\")\n\n # Implement your alert action logic here\n return 0\n", "uuid": "0e801d2582d341078cba61c1395d90f2"}]}, "basic_builder": {"appname": "TA-Demisto", "friendly_name": "Demisto Add-on for Splunk", "version": "4.1.3", "author": "Palo Alto Networks", "description": "This application provides an alert action to create an incident in Cortex XSOAR.", "theme": "#3c6188", "large_icon": "iVBORw0KGgoAAAANSUhEUgAAAEgAAABICAYAAABV7bNHAAAAAXNSR0IArs4c6QAADd1JREFUeF7tnAmQXEUZx/9fz8zu5lBBCBuT3Xlv5s1yhEPKFFchJEgoCIIQEeQSikslYKBE8QJBheARbgGrUKFADhFMVG6VoxJQAkIi7uJu5s17PXuYkGwCGpLZnff6s3qOzWR3Z+ZNMuvBblelNvve191f/97XX19fL2EiVSRAE3wqE5gAVMVCJgBNANo5JzJhQRMWNGFBO0fg/8GC4vH4hwA0k+/vTkQfUMxT4ftdqZ6eN8e09QEK/6/6oHg0+nFQaAGBZwOYDqbdQPwBAA0AX21LeX2ANoypyH8cUHNz85QpTU1zBOh6Bg4s3zq+alwBMk2zKQQcB4UvgjAXQGPlTz++AIUs07wDjDMB6C4UII0PQJSIRmcxibsBHBaASonIOABkmuaBIcbPkfc1Nfq79zkgc7ppigZ+nYh2rc1yitLvY0CGYcTCoAdq71Y5OP8E8A5Ad3OW7osMRjZ1buj8145B3vlcNZp9sArjhnknAZ8HEAqWAwMgPEzAUiiVZKUGQKFzIHAGIDIgXkOKlnqCf+W6biZgmXURqzugtmj0BB+0jIiCwOkD6CGf+DrXdd8pbZFlxK4D+FvDWtlPhOuzzA9LKf9RFwL/yaWGZVmt8PwVAKJV6lVMeEIw39Ai5asvAN5wecuIfQ/gq0aUw+yBaCVDLE7J1JMAeCxB1dWC4tHot4nEtVVGLAbj/sapky/p6OjYXK5xZSyoVHwLmC620879YwmpboBM05weYiwFcGjlL0pPICzOt2377UpyAQDp7GsZfGFKyifGyorqBigejc4jEo9XWUK8gXDouGpwdGPLdrGRJP5BHD4mmU62jwWk+gEyjJ8S6IJySjLze4rVWW5392+CNKQGQGDG7zLe4Ol9fX1bgpRdi0xdAM3G7Mg7Rn8vgGkVKn8+42VP7e3t7Q+iYMAuViyqn1mdnkqn/xCk7Fpk6gLIikZng8RrlSpmxuWptHtrUOVqsSBdJoFuSkrniqDlB5WrC6CEYSxk0B0VKlWCVduadDoVVLFaAQF4y5burKDlB5WrDyDTvFlbSPlK2bal3BOACqpY7YDYU0K0OI6zLmgdQeTqAihuxB4l8CllHTTo0ZR0Tg2iUFGmRh+Uz0aYb7vu07XUU022LoAsI/Y4wJ+sAOjOlHQuqaZM6fvaLSgH6Dzbde+tpZ5qsnUCZD4FvZ1aJjFwV0q6C6sps9OAmM610859tdRTTbZegB4E9Mq7bFpmS3dBNWV2FhCzmJdKp/5YSz3VZOsEKLYE4ApDLPfYUuoFbOCF5Q50sWyWVXM6nd5UrdG1vK8LoDbTPE/lt1bLJvbEXqneVFdQ5WoFxMDqlHQrHCMFrXl7uboAslqt/SD8iqegxPhGMu3+IKgV1TiKMUA32NIZvn+0Y1RKctUFEICwZZhJAEZ5jeglJXBK0HlKjRa0Tgk61XGc5TtNZFgB9QIEyzBuA+hLFRTcyuCLUlLqveqqqRYLIuBBRMLnJ5PJgaoF1yhQN0Cx1tgRQuBJgKdW0KHLAx8npXSq6RnUghjoDLE6vpZlTLW6S9/XDVAikZjGnvcYGEdUVIC5vUlNPbK9p31jJbmAgN5Wgo5xHOevtTS6Ftm6AdLz2LhpLiLGTQBEBSX0emxZGPyVzgqWVK2LEeAw+ApbSr2/FHiNVwscLVtPQNh75szdvHBkJQPxKor4DLQLhSuT3e7vR2tgBQvSMJ6B8q+0u7s7xhJO3QHpAhNm4lBmT89mJwf4WlsJdI9H/KPGxsb+zs5OvYmfm0wOA6SfbQZ4PRMtGfS8e3t6erYGKH+nRepqQUVt4lFzMRH0zLohiIYM3khMK0jgDShKQvB6Zj4cTAeD+G1mSgqmVRnOrujp6anou4LUV4vMmADac8aM3f2Ghl9XddgjNdXdJwvAB2jx1uzAzbvssovX0dGhnwVeptQCoJrsmADSlZqmaYaYfoV8eN0O1PM+Dl4Y6mrxeBv5/p0AHV07pHEAqGBJ00MKjwB8GIjC1Ux62/txAkg3uKWlZVJTOHw5My8EqCUYpHEESAOZO3duuM91E77C90E4scpkUvvk8RXlWmI1Ih6NfkIIsYgZ+wOYCSAy0qrGL6Aci9mzZ0c2bty4T8j3D1AUOkyAZzOwNwAddT+uLaiiC9KLXvK8mR7RJsdxZDB/NXZSOzA/GTtl/hdLngBU5atMAJoAtHMdd8KCglpQIhrdl4lyQ6xPlHJdd+2wvKLNMPZSwK5KCI+Zu4aF7grTNKMRRW0M7MqCBSu1WRD1/iuT6Vq3bt17o+mSSCQaVUbtiZDfqi/TkSJfwd+kdZBSulVW8SJhGB8F0DRUdiSSTCaT60erKxaLfTSk1Ih9KiJSyg+9xxHuTqVS75bmHbIgKxo9HCT0iUMjM15FWHyuVLjNMPZRoEcBfJjAryES0acIQ4rETfNyYlyYm/jpG4NExECGgH6A06TE95LdzrOllcfj8Sh8/3oCfRzg3QGaVNgh1Btna4nxSGhS442dnaNH2lstLQmEwo8B2KNQro6gvcVOuz8aDaxlmHojb0QMEQFKAQMESMW02Ek7epczl7brYomoeQ0TCodv/B1byu9rg7Isaw9kvZdAlNCbW4roaNd1VxXLiEfNRUS4paDUuwRs0Sd5DDQSoE859A3CG20pv1Ks2DCMj4RBzwPYS+cjYBMDWymfT1+Z0v+YgXtEJLxwtCOdhBG7kME/LszE/cLP5yJe9rS/jxLqZxnmagAHIB9rXRqCrIPep+SXP9zvAfsXA9W3A5QD4fk/AaADDdYDfO6A77/SGAprJXRwwnoiXJR03aFAzEKe5wDsS8AqKPoa4NmKWUA0NIP8A4jpWBD9rXjyOWvatKkDk6c8AmA+8l/uTl/RUoqQDHle2AdmEQkdDaLfswJ91ZHOjaXWV7igdx8YOu6oA4TlYHwBwLvCx7FretxXhnezbYDwJofFl4fee14TEc0BSO+CEgi32a572QgL0g9yu4GRyCv6kEJXxqAHCHxRge61tpQ35Hf88ikWi+0lFOugJRPA07Z09UK0NHKeWlpamjKZTHjDhg25SymWYRwFkO4auxJwV4t0Fw2Ptp8xY8bkyZGGlxnQPiYVyg4e0tXXt6FYbyEu++96acKE7wx63t2NoXA6pyfjVjvtjoh4GwJEtNx2nSNLAc4Fwt2GqcuzwHjVTrsHjwpIP2wzzQNVPihcN1onZubHmrZuOa9j/frtouMTicQHOestA3BUQdZl0AoCVgOqXQnRW3DoQ5dQ4oaxkBi3gpBh4PRygeCWYVwN0HcB9BP4xKSUfyo2KhE1v63BANgqWO2nDw7jRux+Ap+t5bOs2oZHelQCpLdkGkNhDSgKxjN22s3FO406zOuRhQe9W0A5k9UyWQIfkpTyjeFmq3/Pj4BiCZjnDdsUGwTQB2CVAH9zjZRvafm4aX6dGIsBrAP4FFvKl0cr1zLNc8HQEWP/BOGzxfC6wkfRsQA67PghW7r6qicMw9gnDNK+sQGMy+y0e1tpuUOAgHYQhvyhUmoqgU4iIl2OIPCFSSl/VhZQvLX1IBLiKYB2K2yiRxj4q8dqboX4GxFvbf0YCbGAiI5mJovBkwjQI5NgxvIGP7tAO8/CiLckfy+MT7Wl1M56RLKM2KUA3w5gExE+nXTdF3JddBs4/evDULwml1kI7WT1SNoM4C+bM1vnlE4vSgCNVp22BQ9QL9pSHlMcBUdYUCwWO0D46rH8iIXVgrCMGdqhTQb4rgHfv7L0TEpbWyaTEcPOqWjmzJkfbgyFDgTR1wk0Tw/bStBJjuOstEzzZDDdD/AkJlyVcl09Wg5PwjKM3wF0PIBeD3yEPtPX18qnNk56EIRPlWll8bGeXmwHvwSQ7u468F0nPYLpqBRi8ONZpb7Q3d2trT6XtgOUH3r1/rGel6DXzw7OGwTSkxoa7gLjHAAZVliY6nbvKRZgmubeIebbweK3oabIQ11dXUOOVO/5vLuh/1YGLgbwNhFOSrrunxPTE9O40dP+xMrNkxTOSna7zxTLTACNyjRvIMaluaGbcJ/tuufpOVLhHqweRVuZ8CYBdiko1sM143DKfVC6zpbONdsOI/PDPDFWhtjPhQT6wCQW4t5Cm98iVp9JptP6xHYEoIgVNZeAcKmejwC8KCWl7v9K79GorPcs5S/nZpjFCal0SncLZbW27gcKPQlCKwB9V2I1CGuYKQviPYlzt38iAL8UVuq0zsLXsQxjgb52CUB3YybGchZ6moAmJsyhwvwIzO2+oGOKM/uEEbuEwbeznmspmu90bx8TlPOfWU8HlR6VGygi4UOKc6htFkQrbOkMBVlYhjGfQb+g/CT4AUQiFxTzFC2ILCP2rcINvyYG3ZTJDlxdejkkEU3sy8JbCkYbgHb2xRmpntSbsVisWTD/AIzTkPc3o6W3iLAw6bovls5wdVdjxjUF8MPz6YPCZcqna52ebdEblmmuBOMgPRT7AkeOdkUzEY2dzcT6HpmvBM13nPzMuBygvKVv/CqD9Z/CyAL0Q1s6VxcmsIDVbO2BJu80QSR85s0pKUeNN8w5bwofKgSTr9TrqXRa3y7MJdM0dwkBJ0NhDohbAAoxqJfZ/62RTi8d7VahzjcXc8M9rfJ4FnojnxNgDDCwihU9WApGy86aNmtqdsqW8/X/mXlFUsrXy3yQsBWLXSyYSTGvsaXUFoW4YZwZItqdFfUl045eNm2XrGj0XCHEhxSzooGBXybXrl0/sZovQ3g0H1RFdHy+/jdBLyijwQEVSgAAAABJRU5ErkJggg==", "small_icon": "iVBORw0KGgoAAAANSUhEUgAAACQAAAAkCAYAAADhAJiYAAAAAXNSR0IArs4c6QAABIdJREFUWEftl19oHFUUxr8zsxvSFjHWP63JZuZmZ1tsGtSQgrUo9UWQ1qIUfCiCD/UliihVoYggiPhQKYKgGH2piIrFgvpgweKfloK0PtiC0Fq7M7l3ssaqbWKrSTfJzBy5m51kkm66s21M89B92zv3nvOb73z33DuERfajRcaD60D1KnLVCgkhWjKMNxnYFhK6pZS/1Et6uedXDORY4gOAHgdxJk4QEtYsONAqy8pHZBSBS/234EBCiHtMxpG5JF9QoNbW1qVLsk0jc8CcA3CYQN9EIR0wmg2/WCyOXYmXUnvIscUggNuTSQg4OToxvm5wcHBUjxdscZKBOwAwgCOukhsahUoFVLDtbgb9NCM4o8/15VPJsQTQ5DDzWddXt1UBU7GlAnJs+y+AbklELLtKLpmd4RKgSecfKir5QCqaWjulxkLTsUWQHB8Lg6WlUuliGiA9Z4Kj5b7vD6eBqquQZVk3ZckYSgSLXCXNWsFrKVSpHHiPp9T2eQESQqw0Gb8ngp1xlZxh7vjZ3EA46im5/v8C+sNVcmUjClV33L3zBdRiMpL1b7xkHPV5vj9jR84FV9dDAIyqqafmDv9z4cahoaELaU19cWJ8Wdyr6qmUBgiOLf4EcOt0MA5cpbLpgHi/q9TmeiDx83RAuVwBZuZ0MiiDvvJU/8OXbYyA9lsrgGhegXQwxxb6hHdmBT6RicIHTw0M6GMleXSAGX3erE6eBiqVQjpQT09P9u+z58raUzUCawW+AOh7Dulrr+TNUDMNSEMliydblpXPkuHOlWBBrx8xREdHxwoj4jO1oK4JUAzi2PaLAO1KlvCaAk0dF21tucjMPk2Eu9k0ej3P8xvxzOy5qU19NUkaWXsdqJ5aFYXyltgJwuuWks0HgcCxxSmA/3WV6uns7Gwqj4wMEWhZNRi7SlZ6Ub49v46M6GhsbAZGJqJw9UC1UVYbqr5fg6KwUBwYqLSMvBDbiPFJEo4Ijxal/HKqZAVLHGBCFxP2EqM3vqLm20UvGXjXVXISPp+3YuM6togAfttV6tlq8u8A3OkqWbnu5i3xChGeJ9C+CNEmTyl9jMRAOmbL5Dr7fYAecZVcMcNDecsOichg02jxPO+8nrw2l1teNjP6M0f/Joij7UXf/yh++xhU/48/leIxxxbDDH6BDeNbI2JJ2Uyz/jyqKjQNZIn3QHjIVdKeVignNrKJgxV5wfuKSj2WkNRcZdurIxibAN4NwhuulDsdW+jy6ets5fDsaOu4y8jw8SqQvraEAJd0wQBYBHqmqPrfqVGy8lgYFEql0m8VoPjeXK3jfscWZQY/4Sn1cV6IlwygO2LeaxAFzPicGW95vtzh2MIFqIkMPBlF0Q1EtAeMw66Smx1bnABwHoRXKy/GvBag3Ro2qZDT3t4Fw/zZDIPcrzFQQYhDDBx3pXxOry1Y1haQ8VpAWN8UBDeHZuZDAGuq5v3BVXJrrJ5jiU9B2AhwSEyfFX25Q4tcsMUx4mjrad/39Fy9OcZHRn/kjLkFQdAFGC+7qv++SuktsQvEG1yl7l90feg/+koOQ1C7m7MAAAAASUVORK5CYII=", "visible": false, "tab_version": "4.1.0", "tab_build_no": "0", "build_no": 1}, "global_settings_builder": {"global_settings": {"proxy_settings": {"proxy_type": "http"}, "log_settings": {}, "credential_settings": [], "customized_settings": [{"format_type": "text", "required": false, "name": "ssl_cert_loc", "label": "SSL Certificate Location", "default_value": "", "help_string": "", "internal_name": "", "type": "text", "value": ""}, {"format_type": "checkbox", "required": false, "name": "validate_ssl", "label": "Validate SSL", "default_value": 0, "help_string": "", "internal_name": "", "type": "checkbox", "value": 0}]}}} \ No newline at end of file diff --git a/add-on/TA-Demisto/bin/ta_demisto/alert_actions_base.py b/add-on/TA-Demisto/bin/ta_demisto/alert_actions_base.py index fea9ff1c..2f1c4497 100755 --- a/add-on/TA-Demisto/bin/ta_demisto/alert_actions_base.py +++ b/add-on/TA-Demisto/bin/ta_demisto/alert_actions_base.py @@ -190,16 +190,20 @@ def get_events(self): sys.exit(2) def prepare_meta_for_cam(self): + rf = None try: try: rf = gzip.open(self.results_file, 'rt') - except ValueError: # Workaround for Python 2.7 on Windows + except ValueError: # Workaround for Python 2.7 on Windows rf = gzip.open(self.results_file, 'r') - for num, result in enumerate(csv.DictReader(rf)): - result.setdefault('rid', str(num)) - self.update(result) - self.invoke() - break + except FileNotFoundError: + self.log_info("No Results file found.") + if rf: + for num, result in enumerate(csv.DictReader(rf)): + result.setdefault('rid', str(num)) + self.update(result) + self.invoke() + break finally: if rf: rf.close() diff --git a/add-on/TA-Demisto/default/addon_builder.conf b/add-on/TA-Demisto/default/addon_builder.conf index fb736045..8098a6ed 100644 --- a/add-on/TA-Demisto/default/addon_builder.conf +++ b/add-on/TA-Demisto/default/addon_builder.conf @@ -1,7 +1,7 @@ # this file is generated by add-on builder automatically # please do not edit it [base] -builder_version = 4.1.3 +builder_version = 4.2.0 builder_build = 0 is_edited = 1 diff --git a/add-on/TA-Demisto/default/alert_actions.conf b/add-on/TA-Demisto/default/alert_actions.conf index 14f2a8d6..c5a8d63e 100644 --- a/add-on/TA-Demisto/default/alert_actions.conf +++ b/add-on/TA-Demisto/default/alert_actions.conf @@ -4,7 +4,6 @@ python.version = python3 description = label = Create XSOAR Incident is_custom = 1 -is_cloud = None payload_format = json icon_path = alert_create_xsoar_incident.png param.incident_name = Event from Splunk for host $result.host$ diff --git a/add-on/TA-Demisto/default/app.conf b/add-on/TA-Demisto/default/app.conf index 18848512..576b9ee5 100644 --- a/add-on/TA-Demisto/default/app.conf +++ b/add-on/TA-Demisto/default/app.conf @@ -7,7 +7,7 @@ build = 2 [launcher] author = Palo Alto Networks -version = 4.1.2 +version = 4.1.3 description = This application provides an alert action to create an incident in Cortex XSOAR. [ui] diff --git a/add-on/TA-Demisto/default/server.conf b/add-on/TA-Demisto/default/server.conf index dd868fc8..3a88ee53 100644 --- a/add-on/TA-Demisto/default/server.conf +++ b/add-on/TA-Demisto/default/server.conf @@ -1,4 +1,5 @@ [shclustering] conf_replication_include.ta_demisto_settings.conf = true conf_replication_include.ta_demisto_account.conf = true -conf_replication_include.passwords.conf = true \ No newline at end of file +conf_replication_include.passwords.conf = true +conf_replication_include.addon_builder = true \ No newline at end of file diff --git a/add-on/TA-Demisto/default/ta_demisto_settings.conf b/add-on/TA-Demisto/default/ta_demisto_settings.conf index 491028f3..f8889739 100644 --- a/add-on/TA-Demisto/default/ta_demisto_settings.conf +++ b/add-on/TA-Demisto/default/ta_demisto_settings.conf @@ -1,7 +1,16 @@ [proxy] +proxy_enabled = +proxy_type = http +proxy_url = +proxy_port = +proxy_username = proxy_password = None +proxy_rdns = [logging] +loglevel = INFO [additional_parameters] +ssl_cert_loc = +validate_ssl =