From 8f01557d8eee484429d1f318a668788287040690 Mon Sep 17 00:00:00 2001 From: rmurray-r7 Date: Wed, 20 Nov 2024 16:13:21 +0000 Subject: [PATCH] [SOAR-18247] Rapid7 InsightIDR - Snyk Vulnerability and SDK Bump (#2969) * sdk and snyk 10.3.3 * Fixing CHECKSUM --- plugins/rapid7_insightidr/.CHECKSUM | 12 ++-- plugins/rapid7_insightidr/Dockerfile | 2 +- .../bin/komand_rapid7_insightidr | 2 +- plugins/rapid7_insightidr/help.md | 1 + plugins/rapid7_insightidr/plugin.spec.yaml | 59 ++++++++++--------- plugins/rapid7_insightidr/requirements.txt | 2 +- plugins/rapid7_insightidr/setup.py | 2 +- 7 files changed, 41 insertions(+), 39 deletions(-) diff --git a/plugins/rapid7_insightidr/.CHECKSUM b/plugins/rapid7_insightidr/.CHECKSUM index 51a578b67f..8bfed556a4 100644 --- a/plugins/rapid7_insightidr/.CHECKSUM +++ b/plugins/rapid7_insightidr/.CHECKSUM @@ -1,7 +1,7 @@ { - "spec": "62f7ee4a097b1847a25b677a371f5447", - "manifest": "1b33c231531d7eda8bf205f9ac6f647b", - "setup": "7f99a05d2f0d9a4f68092bf0d8121759", + "spec": "9078712b26639af9a1088755d4d0314b", + "manifest": "0c4bdaf85d40ddac33afeffcecdd8fda", + "setup": "fe63b2dcde42de314858ed48326a19f5", "schemas": [ { "identifier": "add_indicators_to_a_threat/schema.py", @@ -9,11 +9,11 @@ }, { "identifier": "advanced_query_on_log/schema.py", - "hash": "47461eb19fd3c3e3cb284b9c7b6eae89" + "hash": "c25673288c3406030e64dc6f3451821d" }, { "identifier": "advanced_query_on_log_set/schema.py", - "hash": "b5b2c8b6a3b884b33241f87004815459" + "hash": "ff689fccb0ed297d1c5f7f45877fd138" }, { "identifier": "assign_user_to_investigation/schema.py", @@ -113,7 +113,7 @@ }, { "identifier": "query/schema.py", - "hash": "440b96851f6c0090adde3f3709aa6259" + "hash": "ec57e897be9e044c6607e33ab15020b0" }, { "identifier": "replace_indicators/schema.py", diff --git a/plugins/rapid7_insightidr/Dockerfile b/plugins/rapid7_insightidr/Dockerfile index deae719a7a..029a0720ec 100755 --- a/plugins/rapid7_insightidr/Dockerfile +++ b/plugins/rapid7_insightidr/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=linux/amd64 rapid7/insightconnect-python-3-plugin:6.1.0 +FROM --platform=linux/amd64 rapid7/insightconnect-python-3-plugin:6.2.0 LABEL organization=rapid7 LABEL sdk=python diff --git a/plugins/rapid7_insightidr/bin/komand_rapid7_insightidr b/plugins/rapid7_insightidr/bin/komand_rapid7_insightidr index 730d688d77..2e2678493d 100755 --- a/plugins/rapid7_insightidr/bin/komand_rapid7_insightidr +++ b/plugins/rapid7_insightidr/bin/komand_rapid7_insightidr @@ -6,7 +6,7 @@ from sys import argv Name = "Rapid7 InsightIDR" Vendor = "rapid7" -Version = "10.3.2" +Version = "10.3.3" Description = "This plugin allows you to add indicators to a threat and see the status of investigations" diff --git a/plugins/rapid7_insightidr/help.md b/plugins/rapid7_insightidr/help.md index af0920c55f..ed1ea775b9 100644 --- a/plugins/rapid7_insightidr/help.md +++ b/plugins/rapid7_insightidr/help.md @@ -3392,6 +3392,7 @@ Example output: # Version History +* 10.3.3 - Bumping requirements.txt | SDK bump to 6.2.0 * 10.3.2 - Initial updates for fedramp compliance | Updated SDK to the latest version * 10.3.1 - `Advanced Query On Log / Log Set` - Fixed issue where results >500 returned none | Update SDK * 10.3.0 - New Action Added: Update Alert diff --git a/plugins/rapid7_insightidr/plugin.spec.yaml b/plugins/rapid7_insightidr/plugin.spec.yaml index 4bcb64762d..ec47b14d5c 100644 --- a/plugins/rapid7_insightidr/plugin.spec.yaml +++ b/plugins/rapid7_insightidr/plugin.spec.yaml @@ -4,7 +4,7 @@ products: [insightconnect] name: rapid7_insightidr title: "Rapid7 InsightIDR" description: "This plugin allows you to add indicators to a threat and see the status of investigations" -version: 10.3.2 +version: 10.3.3 connection_version: 5 supported_versions: ["Latest release successfully tested on 2024-09-10."] vendor: rapid7 @@ -24,9 +24,10 @@ hub_tags: features: [] sdk: type: full - version: 6.1.0 + version: 6.2.0 user: nobody version_history: + - "10.3.3 - Bumping requirements.txt | SDK bump to 6.2.0" - "10.3.2 - Initial updates for fedramp compliance | Updated SDK to the latest version" - "10.3.1 - `Advanced Query On Log / Log Set` - Fixed issue where results >500 returned none | Update SDK" - "10.3.0 - New Action Added: Update Alert" @@ -36,46 +37,46 @@ version_history: - "10.0.0 - Actions: `List Investigations` Sort options updated | `Get Investigation`, `List Investigations`, `Create Investigation`, `Update Investigation` `Set Priority of Investigation`, `Set Disposition of Investigation`, `Set Status of Investigation Action`, `Assign User to Investigation`, `Seach Investigations`, `Get a Log`, `Get All Logs`, `Search Alerts` output now includes additional fields" - "9.0.0 - Actions: `Advanced Query On Log` - Now allows for either log id or log name to be used" - "8.2.0 - Actions: `Advanced Query On Log Set` and `Advanced Query On Log` - optimized data fetching mechanisms" - - 8.1.1 - Extended error logging for all the actions + - "8.1.1 - Extended error logging for all the actions" - "8.1.0 - New actions added: `Search Accounts` and `Get Account Information`" - - 8.0.0 - Update schema for `Investigation` and `Statistics` | Update dependency for aiohttp | New actions added `Get Alert Information`, `Search Alerts`, `Retrieve Evidence for a Single Alert` and `Retrieve Actors for a Single Alert` | Fixed issue where index was not getting correctly passed through to `List Investigations` action from the user + - "8.0.0 - Update schema for `Investigation` and `Statistics` | Update dependency for aiohttp | New actions added `Get Alert Information`, `Search Alerts`, `Retrieve Evidence for a Single Alert` and `Retrieve Actors for a Single Alert` | Fixed issue where index was not getting correctly passed through to `List Investigations` action from the user" - "7.0.0 - Action: `Advanced Query On Log Set` - Fixed error where statistical queries would always return 0.0 | Action: `Advanced Query On Log Set` - Increase the maximum results returned from 50 to 500 | Action: `Advanced Query On Log` - Add new output type for statistical queries | Updated schemas to ensure all are correct and added new schema validation to unit tests" - "6.0.1 - Action: `Advanced Query On Log` - Increase the maximum results returned from 50 to 500" - "6.0.0 - Action: `Advanced Query On Log Set` - Add new output type for statistical queries." - "5.1.2 - Action: `Advanced Query on Log Set` - Fix JSONDecoderError | Action: `Query` - Update spec and help.md to show it queries log IDs, not query IDs" - "5.1.1 - Action: `List Investigations` - Now receiving size input | Actions: `Advanced Query On Log` & `Advanced Query On Log Set` - Acronym LQL has been updated to LEQL" - "5.1.0 - New actions added: `get_user_information` and `get_asset_information`" - - 5.0.1 - Update the endpoint `get_a_saved_query` reaches out to - - 5.0.0 - Update `List Investigations` inputs + - "5.0.1 - Update the endpoint `get_a_saved_query` reaches out to" + - "5.0.0 - Update `List Investigations` inputs" - "4.4.1 - `List Alerts for Investigation`: fix issue with retrieving `detection_rule_rrn`" - "4.4.0 - `List Alerts for Investigation`: changed schema output for `detection_rule_rrn`" - "4.3.0 - `Query`: Add new parameter `most_recent_first`" - "4.2.1 - `Create Investigation`, `Update Investigation`: Fix issue where action fails when email address field is not empty" - "4.2.0 - New action added: Replace Indicators" - "4.1.1 - Advanced Query on Log Set Action: Updated EndPoint Agent enum to Endpoint Agent in log_set" - - 4.1.0 - Add new actions `List Comments`, `Create Comment`, `Delete Comment`, `List Attachments`, `Upload Attachment`, `Download Attachment`, `Delete Attachment`, `Get Attachment Information` - - 4.0.1 - Fix issue with `Get Query Results` and `Get All Saved Queries` actions - - 4.0.0 - Add new actions Create Investigation, Search Investigations, Update Investigation, Set Investigation Priority, Set Investigation Disposition, and List Alerts for Investigation | Update actions List Investigations, Set Status of Investigation, Assign User to Investigation | Enabled cloud - - 3.2.0 - Add new actions Get A Saved Query and Get All Saved Queries - - 3.1.5 - Patch issue parsing labels in Advanced Query on Log and Advanced Query on Log Set actions - - 3.1.4 - Add `docs_url` to plugin spec with a link to [InsightIDR plugin setup guide](https://docs.rapid7.com/insightconnect/rapid7-insightidr) - - 3.1.3 - Fix issue where Get a Log and Get All Logs would either fail in workflow or in connection test - - 3.1.2 - Send plugin name and version in the User-Agent string to vendor - - 3.1.1 - Convert given date from timezone to UTC in List Investigations action - - 3.1.0 - Add new action Create Threat - - 3.0.0 - Added Relative Time options to Advanced Query actions | Fix issue where a query with no results would crash the plugin - - 2.1.0 - New action Close Investigations in Bulk - - 2.0.1 - Fix issue where long-running queries could crash the plugin - - 2.0.0 - Refactor and split Advanced Query into two new actions Advanced Query on Log and Advanced Query on Log Set - - 1.5.0 - New actions Get a Log and Get All Logs - - 1.4.0 - New action Advanced Query - - 1.3.1 - Fix ID input description in Get Query Results action - - 1.3.0 - New action Get Query Results - - 1.2.1 - Change default value in the `size` input parameter to 1000 in List Investigations action - - 1.2.0 - New Action Assign User to Investigation - - 1.1.1 - New spec and help.md format for the Extension Library - - 1.1.0 - New Action Add Indicators to a Threat - - 1.0.0 - Initial plugin + - "4.1.0 - Add new actions `List Comments`, `Create Comment`, `Delete Comment`, `List Attachments`, `Upload Attachment`, `Download Attachment`, `Delete Attachment`, `Get Attachment Information`" + - "4.0.1 - Fix issue with `Get Query Results` and `Get All Saved Queries` actions" + - "4.0.0 - Add new actions Create Investigation, Search Investigations, Update Investigation, Set Investigation Priority, Set Investigation Disposition, and List Alerts for Investigation | Update actions List Investigations, Set Status of Investigation, Assign User to Investigation | Enabled cloud" + - "3.2.0 - Add new actions Get A Saved Query and Get All Saved Queries" + - "3.1.5 - Patch issue parsing labels in Advanced Query on Log and Advanced Query on Log Set actions" + - "3.1.4 - Add `docs_url` to plugin spec with a link to [InsightIDR plugin setup guide](https://docs.rapid7.com/insightconnect/rapid7-insightidr)" + - "3.1.3 - Fix issue where Get a Log and Get All Logs would either fail in workflow or in connection test" + - "3.1.2 - Send plugin name and version in the User-Agent string to vendor" + - "3.1.1 - Convert given date from timezone to UTC in List Investigations action" + - "3.1.0 - Add new action Create Threat" + - "3.0.0 - Added Relative Time options to Advanced Query actions | Fix issue where a query with no results would crash the plugin" + - "2.1.0 - New action Close Investigations in Bulk" + - "2.0.1 - Fix issue where long-running queries could crash the plugin" + - "2.0.0 - Refactor and split Advanced Query into two new actions Advanced Query on Log and Advanced Query on Log Set" + - "1.5.0 - New actions Get a Log and Get All Logs" + - "1.4.0 - New action Advanced Query" + - "1.3.1 - Fix ID input description in Get Query Results action" + - "1.3.0 - New action Get Query Results" + - "1.2.1 - Change default value in the `size` input parameter to 1000 in List Investigations action" + - "1.2.0 - New Action Assign User to Investigation" + - "1.1.1 - New spec and help.md format for the Extension Library" + - "1.1.0 - New Action Add Indicators to a Threat" + - "1.0.0 - Initial plugin" links: - "[Rapid7 InsightIDR](https://www.rapid7.com/products/insightidr/)" references: diff --git a/plugins/rapid7_insightidr/requirements.txt b/plugins/rapid7_insightidr/requirements.txt index 7c8bf0b064..df70baf475 100644 --- a/plugins/rapid7_insightidr/requirements.txt +++ b/plugins/rapid7_insightidr/requirements.txt @@ -3,5 +3,5 @@ # See: https://pip.pypa.io/en/stable/user_guide/#requirements-files python-dateutil==2.9.0 validators==0.34.0 -aiohttp==3.10.5 +aiohttp==3.11.6 parameterized==0.8.1 diff --git a/plugins/rapid7_insightidr/setup.py b/plugins/rapid7_insightidr/setup.py index 9b80b7206a..c009d03064 100755 --- a/plugins/rapid7_insightidr/setup.py +++ b/plugins/rapid7_insightidr/setup.py @@ -3,7 +3,7 @@ setup(name="rapid7_insightidr-rapid7-plugin", - version="10.3.2", + version="10.3.3", description="This plugin allows you to add indicators to a threat and see the status of investigations", author="rapid7", author_email="",