diff --git a/Packs/Zscaler/Integrations/Zscaler/README.md b/Packs/Zscaler/Integrations/Zscaler/README.md index b1f736fe6ccd..577555068980 100644 --- a/Packs/Zscaler/Integrations/Zscaler/README.md +++ b/Packs/Zscaler/Integrations/Zscaler/README.md @@ -614,13 +614,14 @@ Retrieves a list of all categories. #### Context Output -| **Path** | **Type** | **Description** | -| --- | --- | --- | -| Zscaler.Category.ID | string | The ID of the category. | -| Zscaler.Category.CustomCategory | boolean | True, if the category is a custom category. Otherwise, false. | -| Zscaler.Category.URL | string | The URL of the category. | -| Zscaler.Category.Description | string | The description of the category. | -| Zscaler.Category.Name | string | The name of the category. | +| **Path** | **Type** | **Description** | +|---------------------------------------------|----------|---------------------------------------------------------------| +| Zscaler.Category.ID | string | The ID of the category. | +| Zscaler.Category.CustomCategory | boolean | True, if the category is a custom category. Otherwise, false. | +| Zscaler.Category.URL | string | The URL of the category. | +| Zscaler.Category.RetainingParentCategoryURL | string | The URLs of the retaining parent category. | +| Zscaler.Category.Description | string | The description of the category. | +| Zscaler.Category.Name | string | The name of the category. | #### Command Example @@ -646,6 +647,10 @@ Retrieves a list of all categories. "demisto.com", "apple.com" ], + "RetainingParentCategoryURL":[ + "pandora.com", + "spotify.com" + ], "CustomCategory":"true" } } @@ -653,10 +658,10 @@ Retrieves a list of all categories. #### Human Readable Output -|CustomCategory|Description|ID|Name|URL| -|--- |--- |--- |--- |--- | -|false|INTERNET_SERVICES_DESC|INTERNET_SERVICES||google.com,facebook.com| -|true||CUSTOM_01|CustomCategory|demisto.com,apple.com| +| CustomCategory | Description | ID | Name | URL | RetainingParentCategoryURL | +|----------------|------------------------|-------------------|----------------|-------------------------|----------------------------| +| false | INTERNET_SERVICES_DESC | INTERNET_SERVICES | | google.com,facebook.com | | +| true | | CUSTOM_01 | CustomCategory | demisto.com,apple.com | pandora.com","spotify.com | ### zscaler-get-blacklist diff --git a/Packs/Zscaler/Integrations/Zscaler/Zscaler.py b/Packs/Zscaler/Integrations/Zscaler/Zscaler.py index 5a877004936a..b962e7453ca5 100644 --- a/Packs/Zscaler/Integrations/Zscaler/Zscaler.py +++ b/Packs/Zscaler/Integrations/Zscaler/Zscaler.py @@ -613,12 +613,11 @@ def category_add(category_id, data, retaining_parent_category_data, data_type): if category_data.get("description"): # Custom might not have description context["Description"] = category_data["description"] ec = {"Zscaler.Category(val.ID && val.ID === obj.ID)": context} - added_data = "" - for item in data_list: - added_data += f"- {item}\n" - - hr = f"Added the following {data_type.upper()} addresses to category {category_id}:\n{added_data}" + added_data = "\n".join(f"- {item}" for item in data_list) + \ + "\n".join(f"- {item}" for item in retaining_parent_category_data_list) + hr = (f"Added the following {data_type.upper()}, retaining-parent-category-{data_type} " + f"addresses to category {category_id}:\n{added_data}\n") entry = { "Type": entryTypes["note"], "Contents": category_data, @@ -756,6 +755,8 @@ def get_categories_command(args): } if raw_category.get("urls"): category["URL"] = raw_category["urls"] + if raw_category.get("dbCategorizedUrls"): + category["RetainingParentCategoryURL"] = raw_category["dbCategorizedUrls"] if "description" in raw_category: category["Description"] = raw_category["description"] if "configuredName" in raw_category: @@ -763,7 +764,7 @@ def get_categories_command(args): categories.append(category) ec = {"Zscaler.Category(val.ID && val.ID === obj.ID)": categories} if display_urls and not ids_and_names_only: - headers = ["ID", "Description", "URL", "CustomCategory", "Name"] + headers = ["ID", "Description", "URL", "RetainingParentCategoryURL", "CustomCategory", "Name"] else: headers = ["ID", "Description", "CustomCategory", "Name"] title = "Zscaler Categories" diff --git a/Packs/Zscaler/Integrations/Zscaler/Zscaler.yml b/Packs/Zscaler/Integrations/Zscaler/Zscaler.yml index 93b56d31d407..8417e9ab59dc 100644 --- a/Packs/Zscaler/Integrations/Zscaler/Zscaler.yml +++ b/Packs/Zscaler/Integrations/Zscaler/Zscaler.yml @@ -379,6 +379,9 @@ script: - contextPath: Zscaler.Category.URL description: The URL of the category. type: string + - contextPath: Zscaler.Category.RetainingParentCategoryURL + description: The URLs of the retaining parent category. + type: string - contextPath: Zscaler.Category.Description description: The description of the category. type: string @@ -1935,7 +1938,7 @@ script: description: Deletes the IP destination groups for the specified group ID. script: '' subtype: python3 - dockerimage: demisto/python3:3.11.9.105369 + dockerimage: demisto/python3:3.11.9.107902 type: python fromversion: 5.0.0 tests: diff --git a/Packs/Zscaler/Integrations/Zscaler/Zscaler_test.py b/Packs/Zscaler/Integrations/Zscaler/Zscaler_test.py index b7365077224b..8d33127db33f 100644 --- a/Packs/Zscaler/Integrations/Zscaler/Zscaler_test.py +++ b/Packs/Zscaler/Integrations/Zscaler/Zscaler_test.py @@ -718,7 +718,7 @@ def test_category_add_url(mocker): result = category_add('1', 'test1.com', 'test2.com', "url") - assert result['HumanReadable'].startswith('Added the following URL addresses to category 1') + assert result['HumanReadable'].startswith('Added the following URL, retaining-parent-category-url addresses to category 1') def test_category_add_ip(mocker): @@ -734,7 +734,7 @@ def test_category_add_ip(mocker): mocker.patch('Zscaler.get_categories', return_value=[{'id': 1, 'urls': [], 'customCategory': 'true'}]) mocker.patch('Zscaler.add_or_remove_urls_from_category', return_value={}) result = category_add(1, '1.1.1.1', '1.1.1.1', "ip") - assert result['HumanReadable'].startswith('Added the following IP addresses to category 1') + assert result['HumanReadable'].startswith('Added the following IP, retaining-parent-category-ip addresses to category 1') def test_return_error_is_called_on_error(mocker, requests_mock): diff --git a/Packs/Zscaler/Integrations/Zscaler/test_data/results/get_categories.json b/Packs/Zscaler/Integrations/Zscaler/test_data/results/get_categories.json index 25c0863f44df..fde6eddfedd7 100644 --- a/Packs/Zscaler/Integrations/Zscaler/test_data/results/get_categories.json +++ b/Packs/Zscaler/Integrations/Zscaler/test_data/results/get_categories.json @@ -20,7 +20,7 @@ ], "ContentsFormat": "json", "ReadableContentsFormat": "markdown", - "HumanReadable": "### Zscaler Categories\n|ID|Description|URL|CustomCategory|Name|\n|---|---|---|---|---|\n| CUSTOM_1 | | 1.2.3.4,
8.8.8.8,
https://admin.zscalertwo.net,
1.22.33.4 | true | Phishing-Suspected |\n", + "HumanReadable": "### Zscaler Categories\n|ID|Description|URL|RetainingParentCategoryURL|CustomCategory|Name|\n|---|---|---|---|---|---|\n| CUSTOM_1 | | 1.2.3.4,
8.8.8.8,
https://admin.zscalertwo.net,
1.22.33.4 | | true | Phishing-Suspected |\n", "EntryContext": { "Zscaler.Category(val.ID && val.ID === obj.ID)": [ { diff --git a/Packs/Zscaler/ReleaseNotes/1_3_24.md b/Packs/Zscaler/ReleaseNotes/1_3_24.md new file mode 100644 index 000000000000..4cc831843b6b --- /dev/null +++ b/Packs/Zscaler/ReleaseNotes/1_3_24.md @@ -0,0 +1,8 @@ + +#### Integrations + +##### Zscaler Internet Access + +- Added support to the ***zscaler-category-add-url*** and ***zscaler-category-add-ip*** commands to display retaining-parent-category addresses in the readable output. +- Added support for the *RetainingParentCategoryURL* key in the readable and context outputs of the ***zscaler-get-categories*** command. +- Updated the Docker image to: *demisto/python3:3.11.9.107902*. \ No newline at end of file diff --git a/Packs/Zscaler/pack_metadata.json b/Packs/Zscaler/pack_metadata.json index 69b6a68c42b1..ec08507d6fbf 100644 --- a/Packs/Zscaler/pack_metadata.json +++ b/Packs/Zscaler/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Zscaler Internet Access", "description": "Zscaler is a cloud security solution built for performance and flexible scalability.", "support": "xsoar", - "currentVersion": "1.3.23", + "currentVersion": "1.3.24", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "",