Skip to content

Commit

Permalink
Merge branch 'tapishj/PAPP-35152' of github.com:splunk-soar-connector…
Browse files Browse the repository at this point in the history
…s/ciscotalosintelligence into tapishj/PAPP-35152
  • Loading branch information
tapishj-splunk committed Dec 18, 2024
2 parents 563d90f + 6db81c0 commit 811e34c
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 12 deletions.
16 changes: 8 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -43,13 +43,13 @@ VARIABLE | REQUIRED | TYPE | DESCRIPTION
-------- | -------- | ---- | -----------

### Supported Actions
[test connectivity](#action-test-connectivity) - Validate the asset configuration for connectivity using supplied configuration.
[ip reputation](#action-ip-reputation) - Look up Cisco Talos threat intelligence for a given IP address.
[domain reputation](#action-domain-reputation) - Look up Cisco Talos threat intelligence for a given domain.
[url reputation](#action-url-reputation) - Look up Cisco Talos threat intelligence for a given URL.
[test connectivity](#action-test-connectivity) - Validate the asset configuration for connectivity using supplied configuration
[ip reputation](#action-ip-reputation) - Look up Cisco Talos threat intelligence for a given IP address
[domain reputation](#action-domain-reputation) - Look up Cisco Talos threat intelligence for a given domain
[url reputation](#action-url-reputation) - Look up Cisco Talos threat intelligence for a given URL

## action: 'test connectivity'
Validate the asset configuration for connectivity using supplied configuration.
Validate the asset configuration for connectivity using supplied configuration

Type: **test**
Read only: **True**
Expand All @@ -63,7 +63,7 @@ No parameters are required for this action
No Output

## action: 'ip reputation'
Look up Cisco Talos threat intelligence for a given IP address.
Look up Cisco Talos threat intelligence for a given IP address

Type: **investigate**
Read only: **True**
Expand All @@ -90,7 +90,7 @@ action_result.data.\*.AUP | string | |
action_result.summary.message | string | | 72.163.4.185 has a Favorable threat level

## action: 'domain reputation'
Look up Cisco Talos threat intelligence for a given domain.
Look up Cisco Talos threat intelligence for a given domain

Type: **investigate**
Read only: **True**
Expand All @@ -117,7 +117,7 @@ action_result.data.\*.AUP | string | |
action_result.summary.message | string | | splunk.com has a Favorable threat level

## action: 'url reputation'
Look up Cisco Talos threat intelligence for a given URL.
Look up Cisco Talos threat intelligence for a given URL

Type: **investigate**
Read only: **True**
Expand Down
3 changes: 1 addition & 2 deletions ciscotalosintelligence.json
Original file line number Diff line number Diff line change
Expand Up @@ -236,8 +236,7 @@
"required": true,
"primary": true,
"contains": [
"domain",
"url"
"domain"
],
"value_list": [],
"default": "",
Expand Down
1 change: 0 additions & 1 deletion ciscotalosintelligence_connector.py
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,6 @@ def _make_rest_call(self, retry, endpoint, action_result, method="get", **kwargs
break
except Exception as e:
self.debug_print(f"Retrying to establish connection to the server for the {i + 1} time")
self.debug_print(e)
jittered_delay = random.uniform(delay * 0.9, delay * 1.1)
time.sleep(jittered_delay)
delay = min(delay * 2, 256)
Expand Down
2 changes: 1 addition & 1 deletion manual_readme_content.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,6 @@ The Cisco Talos Intelligence license is included with your Splunk SOAR (Cloud) l

This app uses the Cisco Talos API that specializes in identifying, analyzing, and mitigating cybersecurity threats.

For additional details, see the [Cisco Talos Intelligence article](https://docs.splunk.com/Documentation/SOAR/drafts/Playbook/Talos) in the Splunk SOAR documentation.
For additional details, see the [Cisco Talos Intelligence article](https://docs.splunk.com/Documentation/SOAR/current/Playbook/Talos) in the Splunk SOAR documentation.

**Note:** The Cisco Talos Intelligence asset is already configured in your Splunk SOAR (Cloud) deployment.

0 comments on commit 811e34c

Please sign in to comment.