Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Zscaler] Add URLs to Retaining Parent Category #35844

Merged
merged 12 commits into from
Aug 28, 2024
19 changes: 12 additions & 7 deletions Packs/Zscaler/Integrations/Zscaler/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -614,13 +614,14 @@ Retrieves a list of all categories.

#### Context Output

| **Path** | **Type** | **Description** |
| --- | --- | --- |
| Zscaler.Category.ID | string | The ID of the category. |
| Zscaler.Category.CustomCategory | boolean | True, if the category is a custom category. Otherwise, false. |
| Zscaler.Category.URL | string | The URL of the category. |
| Zscaler.Category.Description | string | The description of the category. |
| Zscaler.Category.Name | string | The name of the category. |
| **Path** | **Type** | **Description** |
|----------------------------------------------|----------|---------------------------------------------------------------|
| Zscaler.Category.ID | string | The ID of the category. |
| Zscaler.Category.CustomCategory | boolean | True, if the category is a custom category. Otherwise, false. |
| Zscaler.Category.URL | List | The URL of the category. |
| Zscaler.Category.URLsRetainingParentCategory | List | The URL of the retaining parent category. |
| Zscaler.Category.Description | string | The description of the category. |
| Zscaler.Category.Name | string | The name of the category. |

#### Command Example

Expand All @@ -646,6 +647,10 @@ Retrieves a list of all categories.
"demisto.com",
"apple.com"
],
"URLsRetainingParentCategory":[
"pandora.com",
"spotify.com"
],
"CustomCategory":"true"
}
}
Expand Down
13 changes: 8 additions & 5 deletions Packs/Zscaler/Integrations/Zscaler/Zscaler.py
Original file line number Diff line number Diff line change
Expand Up @@ -613,11 +613,12 @@ def category_add(category_id, data, retaining_parent_category_data, data_type):
if category_data.get("description"): # Custom might not have description
context["Description"] = category_data["description"]
ec = {"Zscaler.Category(val.ID && val.ID === obj.ID)": context}
added_data = ""
for item in data_list:
added_data += f"- {item}\n"

hr = f"Added the following {data_type.upper()} addresses to category {category_id}:\n{added_data}"
added_data = "\n".join(f"- {item}" for item in data_list)
hr = f"Added the following {data_type.upper()} addresses to category {category_id}:\n{added_data}\n"

retaining_data = "\n".join(f"- {item}" for item in retaining_parent_category_data_list)
hr += f"Added the following retaining-parent-category-{data_type} addresses to category {category_id}:\n{retaining_data}"

entry = {
"Type": entryTypes["note"],
Expand Down Expand Up @@ -756,14 +757,16 @@ def get_categories_command(args):
}
if raw_category.get("urls"):
category["URL"] = raw_category["urls"]
if raw_category.get("dbCategorizedUrls"):
category["URLsRetainingParentCategory"] = raw_category["dbCategorizedUrls"]
if "description" in raw_category:
category["Description"] = raw_category["description"]
if "configuredName" in raw_category:
category["Name"] = raw_category["configuredName"]
categories.append(category)
ec = {"Zscaler.Category(val.ID && val.ID === obj.ID)": categories}
if display_urls and not ids_and_names_only:
headers = ["ID", "Description", "URL", "CustomCategory", "Name"]
headers = ["ID", "Description", "URL", "URLsRetainingParentCategory", "CustomCategory", "Name"]
else:
headers = ["ID", "Description", "CustomCategory", "Name"]
title = "Zscaler Categories"
Expand Down
5 changes: 4 additions & 1 deletion Packs/Zscaler/Integrations/Zscaler/Zscaler.yml
Original file line number Diff line number Diff line change
Expand Up @@ -378,7 +378,10 @@ script:
type: boolean
- contextPath: Zscaler.Category.URL
description: The URL of the category.
type: string
type: List
- contextPath: Zscaler.Category.URLsRetainingParentCategory
description: The URL of the retaining parent category.
type: List
- contextPath: Zscaler.Category.Description
description: The description of the category.
type: string
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
],
"ContentsFormat": "json",
"ReadableContentsFormat": "markdown",
"HumanReadable": "### Zscaler Categories\n|ID|Description|URL|CustomCategory|Name|\n|---|---|---|---|---|\n| CUSTOM_1 | | 1.2.3.4,<br>8.8.8.8,<br>https://admin.zscalertwo.net,<br>1.22.33.4 | true | Phishing-Suspected |\n",
"HumanReadable": "### Zscaler Categories\n|ID|Description|URL|URLsRetainingParentCategory|CustomCategory|Name|\n|---|---|---|---|---|---|\n| CUSTOM_1 | | 1.2.3.4,<br>8.8.8.8,<br>https://admin.zscalertwo.net,<br>1.22.33.4 | | true | Phishing-Suspected |\n",
"EntryContext": {
"Zscaler.Category(val.ID && val.ID === obj.ID)": [
{
Expand Down
7 changes: 7 additions & 0 deletions Packs/Zscaler/ReleaseNotes/1_3_24.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@

#### Integrations

##### Zscaler Internet Access

- Added support to the ***zscaler-category-add-url*** command to display retaining-parent-category addresses in the readable output.
- Added support for the *URLsRetainingParentCategory* key in the readable and context outputs of the ***zscaler-get-categories*** command.
2 changes: 1 addition & 1 deletion Packs/Zscaler/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Zscaler Internet Access",
"description": "Zscaler is a cloud security solution built for performance and flexible scalability.",
"support": "xsoar",
"currentVersion": "1.3.23",
"currentVersion": "1.3.24",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
Loading