Apply format to all the folder

SEKOIA-IO · Nov 5, 2024 · 3ccdfb2 · 3ccdfb2
1 parent c1775db
commit 3ccdfb2
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 27 deletions.
diff --git a/Packs/SekoiaXDR/IncidentFields/incident_sekoia_xdr_mirrorout_field.json b/Packs/SekoiaXDR/IncidentFields/incident_sekoia_xdr_mirrorout_field.json
@@ -1,11 +1,10 @@
 {
     "id": "incident_sekoiaxdrmirrorout",
-    "version": 1,
+    "version": -1,
     "modified": "2024-11-04T11:12:46.451426844Z",
     "name": "SekoiaXDR mirrorOut",
     "cliName": "sekoiaxdrmirrorout",
     "type": "boolean",
-    "orgType": "boolean",
     "closeForm": false,
     "editForm": true,
     "required": false,
@@ -14,7 +13,7 @@
     "useAsKpi": false,
     "locked": false,
     "system": false,
-    "content": false,
+    "content": true,
     "group": 0,
     "hidden": false,
     "openEnded": false,
@@ -28,4 +27,4 @@
     "sla": 0,
     "threshold": 72,
     "fromVersion": "6.10.0"
-}
+}
diff --git a/Packs/SekoiaXDR/Integrations/SekoiaXDR/README.md b/Packs/SekoiaXDR/Integrations/SekoiaXDR/README.md
@@ -12,7 +12,7 @@ This integration was integrated and tested with version 1.0 of Sekoia XDR.
     | --- | --- | --- |
     | API key |  | True |
     | API Key |  | True |
-    | Server URL (i.e. https://api.sekoia.io) |  | True |
+    | Server URL (i.e. <https://api.sekoia.io>) |  | True |
     | Trust any certificate (not secure) |  | False |
     | Use system proxy settings |  | False |
     | Fetch incidents |  | False |
@@ -549,6 +549,7 @@ This command gets new information about the incidents in the remote system and u
 #### Context Output
 
 There is no context output for this command.
+
 ### get-modified-remote-data
 
 ***
@@ -796,7 +797,7 @@ Command that performs a HTTP request to Sekoia using the integration authenticat
 | **Argument Name** | **Description** | **Required** |
 | --- | --- | --- |
 | method | Method to use with the http request (GET,POST,etc). Default is GET. | Required | 
-| url_sufix | The URL suffix after https://api.sekoia.io, i.e. /v1/sic/alerts/ or /v1/asset-management/assets/. | Required | 
+| url_sufix | The URL suffix after <https://api.sekoia.io>, i.e. /v1/sic/alerts/ or /v1/asset-management/assets/. | Required | 
 | parameters | Query parameters, i.e. limit -&gt; 10 , match['status_name'] -&gt; Ongoing. | Optional | 
 
 #### Context Output
@@ -807,6 +808,7 @@ There is no context output for this command.
 
 You can enable incident mirroring between Cortex XSOAR incidents and Sekoia XDR corresponding events (available from Cortex XSOAR version 6.0.0).
 To set up the mirroring:
+
 1. Enable *Fetching incidents* in your instance configuration.
 2. In the *Mirroring Direction* integration parameter, select in which direction the incidents should be mirrored:
 
@@ -827,19 +829,19 @@ Newly fetched incidents will be mirrored in the chosen direction. However, this
 To troubleshoot possible issues with the SEKOIA XDR integration, consider the following steps:
 
 - **Debug Mode**: 
-    - In your integration instance, enable the Debug option.
-    - Navigate to `Settings > About > Troubleshooting > Download logs` to download the logs. Analyzing these logs can provide valuable insights into any issues.
+  - In your integration instance, enable the Debug option.
+  - Navigate to `Settings > About > Troubleshooting > Download logs` to download the logs. Analyzing these logs can provide valuable insights into any issues.
 
 - **Mirror Values**: 
-    - To diagnose mirroring issues beyond what debug mode offers, you can inspect specific fields in the context data. Check if the following dbot fields are set:
-        - **dbotMirrorInstance**: Indicates the instance managing the mirroring.
-        - **dbotMirrorDirection**: Shows the direction of mirroring.
-        - **dbotMirrorId**: The unique identifier for the mirroring process.
-    - If these fields are not set, review the mappers to ensure that they are configured correctly.
+  - To diagnose mirroring issues beyond what debug mode offers, you can inspect specific fields in the context data. Check if the following dbot fields are set:
+    - **dbotMirrorInstance**: Indicates the instance managing the mirroring.
+    - **dbotMirrorDirection**: Shows the direction of mirroring.
+    - **dbotMirrorId**: The unique identifier for the mirroring process.
+  - If these fields are not set, review the mappers to ensure that they are configured correctly.
 
 - **dbotMirrorLastSync Field**:
-    - The `dbotMirrorLastSync` field in the context data will update when the mirroring process updates an incident. 
-    - You can observe these updates in the **War Room** as well, which will provide a log of the mirroring activity.
+  - The `dbotMirrorLastSync` field in the context data will update when the mirroring process updates an incident. 
+  - You can observe these updates in the **War Room** as well, which will provide a log of the mirroring activity.
 
 By following these troubleshooting steps, you can effectively diagnose and resolve issues within the SEKOIA XDR integration.
 
@@ -850,8 +852,8 @@ To make the most out of your SEKOIA XDR integration, consider the following best
 - **Mirroring Changes**: When mirroring is enabled, please allow at least 1 minute for changes to be reflected. The mirroring process runs every 1 minute, ensuring that data between SEKOIA and Cortex is kept in sync.
 
 - **Handling Reopened Incidents**: If you have enabled the reopening option, the Cortex incident will be reopened under two specific conditions:
-    - **Reopened Alert in SEKOIA**: If an alert is reopened in SEKOIA, the corresponding incident in Cortex will also be reopened. This ensures that the incident tracking is consistent across both platforms.
-    - **Reopened Incident in Cortex**: If you reopen an incident directly in Cortex, you need to be cautious. After reopening the incident in Cortex, you should promptly change the status of the SEKOIA alert. Failing to do so might lead to the incident being automatically closed by the mirroring process.
+  - **Reopened Alert in SEKOIA**: If an alert is reopened in SEKOIA, the corresponding incident in Cortex will also be reopened. This ensures that the incident tracking is consistent across both platforms.
+  - **Reopened Incident in Cortex**: If you reopen an incident directly in Cortex, you need to be cautious. After reopening the incident in Cortex, you should promptly change the status of the SEKOIA alert. Failing to do so might lead to the incident being automatically closed by the mirroring process.
 
 By adhering to these best practices, you can ensure a smoother and more effective synchronization between SEKOIA and your incident management platform.
 

diff --git a/Packs/SekoiaXDR/Integrations/SekoiaXDR/SekoiaXDR.yml b/Packs/SekoiaXDR/Integrations/SekoiaXDR/SekoiaXDR.yml
@@ -204,12 +204,12 @@ configuration:
   defaultvalue: None
   type: 15
   required: true
+  additionalinfo: 'Choose the direction to mirror the incident: None(Disable mirroring), Incoming (from Sekoia XDR  to Cortex XSOAR) , Outgoing (from Cortex XSOAR to Sekoia XDR), or Incoming and Outgoing (from/to Cortex XSOAR and Sekoia XDR).'
   options:
   - None
   - Incoming
   - Outgoing
   - Incoming and Outgoing
-  additionalinfo: 'Choose the direction to mirror the incident: None(Disable mirroring), Incoming (from Sekoia XDR  to Cortex XSOAR) , Outgoing (from Cortex XSOAR to Sekoia XDR), or Incoming and Outgoing (from/to Cortex XSOAR and Sekoia XDR).'
 - section: Collect
   advanced: true
   display: Include events in the mirroring of the alerts.
@@ -961,10 +961,11 @@ script:
   - name: sekoia-xdr-list-assets
     arguments:
     - name: limit
-      description: Limit a number of items.
+      description: 'Limit a number of items.'
       defaultValue: "10"
     - name: assets_type
       description: Type of assets to list (computer, network, etc).
+    description: Command to retrieve a list of Assets from Sekoia XDR.
     outputs:
     - contextPath: SekoiaXDR.Assets.total
       description: The total number of items in the response.
@@ -1016,7 +1017,6 @@ script:
       description: The name of the asset.
     - contextPath: SekoiaXDR.Assets.items.0.uuid
       description: The UUID of the asset.
-    description: Command to retrieve a list of Assets from Sekoia XDR.
   - name: sekoia-xdr-get-user
     arguments:
     - name: user_uuid
@@ -1111,28 +1111,29 @@ script:
       description: 'UUID of the asset to get, the UUID should appear with "sekoia-xdr-list-assets" if that alert have assets related, example: "d4cc3b05-a78d-4f29-b27c-c637d86fa03a".'
     - name: name
       required: true
-      description: The name of attributes.
+      description: "The name of attributes."
     - name: value
       required: true
       description: The value of attributes.
-    description: Command to add attributes to an asset in Sekoia XDR.
+    description: "Command to add attributes to an asset in Sekoia XDR."
   - name: sekoia-xdr-add-keys-asset
     arguments:
     - name: asset_uuid
       required: true
       description: 'UUID of the asset to get, the UUID should appear with "sekoia-xdr-list-assets" if that alert have assets related, example: "d4cc3b05-a78d-4f29-b27c-c637d86fa03a".'
     - name: name
       required: true
-      description: The name of the key to be added.
+      description: "The name of the key to be added."
     - name: value
       required: true
       description: The value of the key to be added.
-    description: Command to add keys to an asset in Sekoia XDR.
+    description: "Command to add keys to an asset in Sekoia XDR."
   - name: sekoia-xdr-get-kill-chain
     arguments:
     - name: kill_chain_uuid
       required: true
       description: UUID or short_id of the kill chain the UUID should appear with "sekoia-xdr-list-alerts".
+    description: Command to retrieve the definition of a Cyber Kill Chain Step.
     outputs:
     - contextPath: SekoiaXDR.KillChain.stix_name
       description: The name of the STIX object.
@@ -1146,7 +1147,6 @@ script:
       description: The short identifier of the STIX object.
     - contextPath: SekoiaXDR.KillChain.order_id
       description: The order identifier of the STIX object.
-    description: Command to retrieve the definition of a Cyber Kill Chain Step.
   - name: sekoia-xdr-remove-attribute-asset
     arguments:
     - name: asset_uuid
@@ -1182,11 +1182,11 @@ script:
   isfetch: true
   runonce: false
   subtype: python3
+  isFetchSamples: true
   ismappable: true
   isremotesyncin: true
   defaultmapperin: Sekoia XDR - Incoming Mapper
   defaultclassifier: Sekoia XDR - Classifier
-  isFetchSamples: true
 fromversion: 6.10.0
 tests:
 - No tests (auto formatted)
diff --git a/Packs/SekoiaXDR/Integrations/SekoiaXDR/SekoiaXDR_description.md b/Packs/SekoiaXDR/Integrations/SekoiaXDR/SekoiaXDR_description.md
@@ -31,4 +31,4 @@ Similar to other APIs, **Sekoia's API** employs an authentication mechanism that
 
 6. **Save Your Key**: After filling out the necessary details and assigning roles, click on the **Save** button to generate your API key. Your new key is now ready for use in authenticating API requests.
 
-By following these steps, you can effortlessly create an API key that provides secure and role-based access to **Sekoia’s** API, enabling seamless interaction with its suite of services.
+By following these steps, you can effortlessly create an API key that provides secure and role-based access to **Sekoia’s** API, enabling seamless interaction with its suite of services.
Original file line number	Diff line number	Diff line change
Expand Up		@@ -31,4 +31,4 @@ Similar to other APIs, Sekoia's API employs an authentication mechanism that

		6. Save Your Key: After filling out the necessary details and assigning roles, click on the Save button to generate your API key. Your new key is now ready for use in authenticating API requests.

		By following these steps, you can effortlessly create an API key that provides secure and role-based access to Sekoia’s API, enabling seamless interaction with its suite of services.
		By following these steps, you can effortlessly create an API key that provides secure and role-based access to Sekoia’s API, enabling seamless interaction with its suite of services.