@@ -325,7 +325,7 @@
{
"meta":{
"limit":1000,
"next":null,
"offset":0,
"previous":null,
"took":4,
"total_count":1
},
"objects":[
{
"asn":"12400",
"confidence":69,
"country":"IL",
"created_ts":"2018-03-13T10:45:16.182Z",
"description":null,
"expiration_ts":"2018-03-20T10:45:16.178Z",
"feed_id":112,
"id":50591222843,
"import_session_id":null,
"ip":"176.228.66.70",
"is_public":false,
"itype":"scan_ip",
"latitude":"31.964200",
"longitude":"34.804400",
"meta":{
"detail2":"bifocals_deactivated_on_2018-03-20_13:56:34.918843",
"severity":"medium"
},
"modified_ts":"2018-03-20T13:56:34.461Z",
"org":"Orange Israel",
"owner_organization_id":2,
"rdns":null,
"resource_uri":"/api/v2/intelligence/50591222843/",
"retina_confidence":69,
"source":"Anomali Labs MHN",
"source_reported_confidence":70,
"status":"inactive",
"tags":null,
"threat_type":"scan",
"threatscore":25,
"trusted_circle_ids":[
145
],
"type":"ip",
"update_id":1695845308,
"uuid":"09688972-7581-4fb9-8e50-7c99a02cd442",
"value":"176.228.66.70",
"workgroups":[
]
}
]
}
War Room Output
Command: !ip ip="176.228.66.70" threshold="3"
-
+
Troubleshooting
The integration was tested with the v2
API on version 2.5.4.
diff --git a/Packs/ArcSightLogger/Integrations/ArcSightLogger/README.md b/Packs/ArcSightLogger/Integrations/ArcSightLogger/README.md
index a1b4efc7de5b..706f8cf27646 100644
--- a/Packs/ArcSightLogger/Integrations/ArcSightLogger/README.md
+++ b/Packs/ArcSightLogger/Integrations/ArcSightLogger/README.md
@@ -494,7 +494,7 @@
Reoccurring ‘timeout’ error when using commands ‘as-search-events’ or ‘as-events’:
-This may indicate that a large amount of data returned from Arcsight Logger. To resolve this error, try to limit the search time range or the events list length. See additional ways to set the search time range in ‘Additional info’ above.
DBot error snap-shot
+This may indicate that a large amount of data returned from Arcsight Logger. To resolve this error, try to limit the search time range or the events list length. See additional ways to set the search time range in ‘Additional info’ above.
DBot error snap-shot
- Reoccurring ‘Login failed’ error when using ‘as-search’ or ‘as-search-events’:
@@ -503,7 +503,7 @@
If this error still araises, it may indicate that Arcsight Logger is failing to generate a new search session. New sessions cannot be generated by Arcsight Logger when the maximum allowed number of simultaneous sessions was reached.
To resolve this problem, use administrator credentials to login to Archsight Logger UI and set a new limitation for maximum simultaneous sessions.
See ’Known Limitations’ above for more information.
If administrator credentials are not available for you, use ‘as-close’ to close the running sessions.
- DBot error snap-shot
+ DBot error snap-shot
- Reoccurring ‘User session id is not valid’ error:
@@ -512,4 +512,4 @@
Search session timeout can be caused by the followings:
- Low ‘timeout’ passed to ‘as-search’. This can be resolved by passing a higher ‘timeout’ value to ‘as-search’.
- Arcsight Logger limitation on inactive sessions - Inactive sessions are automatically terminated after a defined period of time determined by Arcsight Logger, even if the ‘timeout’ argument is changed to ‘as-search’.
To resolve this problem, use administrator credentials to login to Archsight Logger UI and set a new limitation for inactive sessions. See ’Known Limitations’ above for more information.
DBot error snap-shot
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/Packs/BigFix/Integrations/BigFix/README.md b/Packs/BigFix/Integrations/BigFix/README.md
index 39dd18399cca..85930dd4b4f4 100644
--- a/Packs/BigFix/Integrations/BigFix/README.md
+++ b/Packs/BigFix/Integrations/BigFix/README.md
@@ -155,7 +155,7 @@
}
Human Readable Output
-
+
2. Get a single site
Retrieves a single site by name and type.
@@ -258,7 +258,7 @@
}
Human Readable Output
-
+
3. Get all patches for a site
Retrieves all the patches (fixlets) of site.
@@ -419,7 +419,7 @@
}
Human Readable Output
-
+
4. Get all endpoints
Retrieves all endpoints (computers).
@@ -746,7 +746,7 @@
}
Human Readable Output
-
+
5. Get the details of an endpoint
Retrieves the details of an endpoint (computer).
@@ -1005,7 +1005,7 @@
}
Human Readable Output
-
+
6. Create an action to run on target computers
Create an action on BigFix that will run the given action from the given fixlet on target computers. The computerID parameter takes a comma-separated list of BigFix computer IDs. If no computers are specified, the action will be run on the default computers configured on BigFix. If the action should run on all computers set the computerID parameter to all.
@@ -1091,7 +1091,7 @@
!bigfix-deploy-patch site_name="BES Support" computer_ids="3385267" fixlet_id="1759" action_id="Action2"
Context Example
Human Readable Output
-
+
7. Get a patch by fixlet ID
Retrieves a patch (fixlet) by ID.
@@ -1230,7 +1230,7 @@
}
Human Readable Output
-
+
8. Delete an action
Stops and deletes the specified action. Note: You cannot delete actions that are members of a Multiple Action Group. This note applies to HCL BigFix V9.2 and later.
@@ -1259,7 +1259,7 @@
Command Example
!bigfix-action-delete action_id
Human Readable Output
-
+
9. Get the status of an action
Gets the status of an action against its targets.
@@ -1319,7 +1319,7 @@
}
Human Readable Output
-
+
10. Stop an action
Stops the specified action.
@@ -1348,7 +1348,7 @@
Command Example
!bigfix-action-stop action_id
Human Readable Output
-
+
11. Evaluate an expression and get the result
Evaluates an expression and gets the result. The request is processed through the server to WebReports.
@@ -1404,4 +1404,4 @@
}
Human Readable Output
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/Packs/BitDam/Integrations/BitDam/README.md b/Packs/BitDam/Integrations/BitDam/README.md
index 456039d5b0a1..b1fcd027f058 100644
--- a/Packs/BitDam/Integrations/BitDam/README.md
+++ b/Packs/BitDam/Integrations/BitDam/README.md
@@ -85,7 +85,7 @@
Context Example
root:{} 3 items
BitDam:{} 1 item
FileScan:{} 1 item
SHA1:68f009dc92a405d1015026e8e30e6d1598047124
Human Readable Output
-
+
2. Get the verdict of a file
Returns the verdict of a scanned file.
@@ -182,4 +182,4 @@
Context Example
root:{} 4 items
BitDam:{} 2 items
Analysis:{} 3 items
ID:68f009dc92a405d1015026e8e30e6d1598047124
Status:DONE
Verdict:CLEAN
FileScan:{} 1 item
SHA1:68f009dc92a405d1015026e8e30e6d1598047124
DBotScore:{} 4 items
Indicator:68f009dc92a405d1015026e8e30e6d1598047124
Score:1
Type:File
Vendor:BitDam
Human Readable Output
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/Packs/Carbon_Black_Enterprise_Live_Response/Integrations/Carbonblackliveresponse/README.md b/Packs/Carbon_Black_Enterprise_Live_Response/Integrations/Carbonblackliveresponse/README.md
index 57411241885f..d60963da69ec 100644
--- a/Packs/Carbon_Black_Enterprise_Live_Response/Integrations/Carbonblackliveresponse/README.md
+++ b/Packs/Carbon_Black_Enterprise_Live_Response/Integrations/Carbonblackliveresponse/README.md
@@ -188,7 +188,7 @@
}
Human Readable Output
-
+
2. Cancel a pending command
Cancels the specified command. Only pending commands can be canceled.
Base Command
@@ -785,7 +785,7 @@
}
Human Readable Output
-
+
10. List files
Lists files in the given session
@@ -954,7 +954,7 @@
}
Human Readable Output
-
+
12. Close a session
Closes the specified session.
@@ -1044,7 +1044,7 @@
}
Human Readable Output
-
+
13. Create a new session
Creates a new Carbon Black session for the specified sensor.
@@ -1130,7 +1130,7 @@
}
Human Readable Output
-
+
14. Create a new session and wait
Creates a new Carbon Black session for the specified sensor and waits for it to be active.
@@ -1356,7 +1356,7 @@
}
Human Readable Output
-
+
16. Terminate a process
Terminates the specified process on the sensor or endpoint.
@@ -3322,7 +3322,7 @@
}
Human Readable Output
-
+
32. Save a file to an endpoint
Saves a file to a specific path on an endpoint.
diff --git a/Packs/CheckpointFirewall/Integrations/CheckPoint/README.md b/Packs/CheckpointFirewall/Integrations/CheckPoint/README.md
index fbca8726fba5..a47ecfa13692 100644
--- a/Packs/CheckpointFirewall/Integrations/CheckPoint/README.md
+++ b/Packs/CheckpointFirewall/Integrations/CheckPoint/README.md
@@ -241,7 +241,7 @@
Human Readable Output
-
+
2. Set attributes of an access rule object
@@ -459,7 +459,7 @@
Human Readable Output
-
+
3. Get the status of a Check Point task
@@ -743,7 +743,7 @@
Human Readable Output
-
+