Skip to content

Commit

Permalink
PAPP-34786 rename app to ciscotalosintelligence
Browse files Browse the repository at this point in the history
  • Loading branch information
@sodle-splunk
sodle-splunk committed Oct 8, 2024
1 parent 221bf7e commit 23684c0
Show file tree
Hide file tree
Showing 5 changed files with 1,251 additions and 0 deletions.
338 changes: 338 additions & 0 deletions ciscotalosintelligence.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,338 @@
{
"appid": "7c653487-22c8-4ec1-bca0-16a8b1513c86",
"name": "Cisco Talos Intelligence",
"description": "This app provides investigative actions for Cisco Talos Intelligence",
"type": "information",
"product_vendor": "Cisco",
"logo": "ciscotalosintelligence.svg",
"logo_dark": "ciscotalosintelligence_dark.svg",
"product_name": "Talos Cloud Intelligence",
"python_version": "3",
"product_version_regex": ".*",
"publisher": "Splunk Community",
"license": "Copyright (c) Splunk Community, 2024",
"app_version": "1.0.1",
"utctime_updated": "2024-06-21T18:40:03.685771Z",
"package_name": "phantom_ciscotalosintelligence",
"main_module": "ciscotalosintelligence_connector.py",
"min_phantom_version": "6.2.1.305",
"app_wizard_version": "1.0.0",
"configuration": {
"base_url": {
"data_type": "string",
"order": 0,
"description": "Base URL provided by Talos",
"default": "consumerdev-api.talos.cisco.com",
"required": true,
"name": "base_url",
"id": 0
},
"certificate": {
"data_type": "password",
"order": 1,
"description": "Certificate contents to authenticate with Talos",
"name": "certificate",
"id": 1
},
"key": {
"data_type": "password",
"order": 2,
"description": "Private key to authenticate with Talos",
"name": "key",
"id": 2
}
},
"actions": [
{
"action": "test connectivity",
"identifier": "test_connectivity",
"description": "Validate the asset configuration for connectivity using supplied configuration",
"verbose": "",
"type": "test",
"read_only": true,
"parameters": {},
"output": [],
"versions": "EQ(*)"
},
{
"action": "ip reputation",
"identifier": "ip_reputation",
"description": "Queries IP info",
"verbose": "",
"type": "investigate",
"read_only": true,
"parameters": {
"ip": {
"description": "IP to query",
"data_type": "string",
"required": true,
"primary": true,
"contains": [
"ip"
],
"value_list": [],
"default": "",
"order": 0,
"name": "ip"
}
},
"output": [
{
"data_path": "action_result.parameter.ip",
"data_type": "string",
"contains": [
"ip"
],
"column_name": "ip",
"column_order": 0
},
{
"data_path": "action_result.status",
"data_type": "string",
"column_name": "status",
"column_order": 1
},
{
"data_path": "action_result.message",
"data_type": "string"
},
{
"data_path": "summary.total_objects",
"data_type": "numeric"
},
{
"data_path": "summary.total_objects_successful",
"data_type": "numeric"
},
{
"data_path": "action_result.data.0.Threat Level",
"data_type": "string",
"column_name": "threat level",
"column_order": 2
},
{
"data_path": "action_result.data.1.Threat Categories",
"data_type": "string",
"column_name": "threat categories",
"column_order": 3
},
{
"data_path": "action_result.data.2.Acceptable Use Policy Categories",
"data_type": "string",
"column_name": "Acceptable Use Policy Categories",
"column_order": 4
}
],
"render": {
"type": "table"
},
"versions": "EQ(*)"
},
{
"action": "domain reputation",
"identifier": "domain_reputation",
"description": "Queries domain info",
"verbose": "",
"type": "investigate",
"read_only": true,
"parameters": {
"domain": {
"description": "Domain to query",
"data_type": "string",
"required": true,
"primary": true,
"contains": [
"domain",
"url"
],
"value_list": [],
"default": "",
"order": 0,
"name": "domain"
}
},
"output": [
{
"data_path": "action_result.parameter.domain",
"data_type": "string",
"contains": [
"domain",
"url"
],
"column_name": "domain",
"column_order": 0
},
{
"data_path": "action_result.status",
"data_type": "string",
"column_name": "status",
"column_order": 1
},
{
"data_path": "action_result.message",
"data_type": "string"
},
{
"data_path": "summary.total_objects",
"data_type": "numeric"
},
{
"data_path": "summary.total_objects_successful",
"data_type": "numeric"
},
{
"data_path": "action_result.data.0.Threat Level",
"data_type": "string",
"column_name": "threat level",
"column_order": 2
},
{
"data_path": "action_result.data.1.Threat Categories",
"data_type": "string",
"column_name": "threat categories",
"column_order": 3
},
{
"data_path": "action_result.data.2.Acceptable Use Policy Categories",
"data_type": "string",
"column_name": "Acceptable Use Policy Categories",
"column_order": 4
}
],
"render": {
"type": "table"
},
"versions": "EQ(*)"
},
{
"action": "url reputation",
"identifier": "url_reputation",
"description": "Queries URL info",
"verbose": "",
"type": "investigate",
"read_only": true,
"parameters": {
"url": {
"description": "URL to query",
"data_type": "string",
"required": true,
"primary": true,
"contains": [
"url"
],
"value_list": [],
"default": "",
"order": 0,
"name": "url"
}
},
"output": [
{
"data_path": "action_result.parameter.url",
"data_type": "string",
"contains": [
"url"
],
"column_name": "url",
"column_order": 0
},
{
"data_path": "action_result.status",
"data_type": "string",
"column_name": "status",
"column_order": 1
},
{
"data_path": "action_result.message",
"data_type": "string"
},
{
"data_path": "summary.total_objects",
"data_type": "numeric"
},
{
"data_path": "summary.total_objects_successful",
"data_type": "numeric"
},
{
"data_path": "action_result.data.0.Threat Level",
"data_type": "string",
"column_name": "threat level",
"column_order": 2
},
{
"data_path": "action_result.data.1.Threat Categories",
"data_type": "string",
"column_name": "threat categories",
"column_order": 3
},
{
"data_path": "action_result.data.2.Acceptable Use Policy Categories",
"data_type": "string",
"column_name": "Acceptable Use Policy Categories",
"column_order": 4
}
],
"render": {
"type": "table"
},
"versions": "EQ(*)"
}
],
"copied_from_id": 190,
"copied_from_version": "1.0.0",
"directory": "ciscotalosintelligence_7c653487-22c8-4ec1-bca0-16a8b1513c86",
"version": 1,
"appname": "-",
"executable": "spawn3",
"disabled": false,
"custom_made": true,
"pip39_dependencies": {
"wheel": [
{
"module": "anyio",
"input_file": "wheels/py3/anyio-4.4.0-py3-none-any.whl"
},
{
"module": "exceptiongroup",
"input_file": "wheels/py3/exceptiongroup-1.2.2-py3-none-any.whl"
},
{
"module": "h11",
"input_file": "wheels/py3/h11-0.14.0-py3-none-any.whl"
},
{
"module": "h2",
"input_file": "wheels/py3/h2-4.1.0-py3-none-any.whl"
},
{
"module": "hpack",
"input_file": "wheels/py3/hpack-4.0.0-py3-none-any.whl"
},
{
"module": "httpcore",
"input_file": "wheels/py3/httpcore-1.0.5-py3-none-any.whl"
},
{
"module": "httpx",
"input_file": "wheels/py3/httpx-0.27.2-py3-none-any.whl"
},
{
"module": "hyperframe",
"input_file": "wheels/py3/hyperframe-6.0.1-py3-none-any.whl"
},
{
"module": "pydantic",
"input_file": "wheels/py39/pydantic-1.10.13-cp39-cp39-manylinux2014_x86_64.manylinux_2_17_x86_64.whl"
},
{
"module": "sniffio",
"input_file": "wheels/py3/sniffio-1.3.1-py3-none-any.whl"
},
{
"module": "typing_extensions",
"input_file": "wheels/py3/typing_extensions-4.12.2-py3-none-any.whl"
}
]
}
}
Loading

0 comments on commit 23684c0

Please sign in to comment.