diff --git a/README.md b/README.md index 76198e3..c8e0017 100644 --- a/README.md +++ b/README.md @@ -43,13 +43,13 @@ VARIABLE | REQUIRED | TYPE | DESCRIPTION -------- | -------- | ---- | ----------- ### Supported Actions -[test connectivity](#action-test-connectivity) - Validate the asset configuration for connectivity using supplied configuration. -[ip reputation](#action-ip-reputation) - Look up Cisco Talos threat intelligence for a given IP address. -[domain reputation](#action-domain-reputation) - Look up Cisco Talos threat intelligence for a given domain. -[url reputation](#action-url-reputation) - Look up Cisco Talos threat intelligence for a given URL. +[test connectivity](#action-test-connectivity) - Validate the asset configuration for connectivity using supplied configuration +[ip reputation](#action-ip-reputation) - Look up Cisco Talos threat intelligence for a given IP address +[domain reputation](#action-domain-reputation) - Look up Cisco Talos threat intelligence for a given domain +[url reputation](#action-url-reputation) - Look up Cisco Talos threat intelligence for a given URL ## action: 'test connectivity' -Validate the asset configuration for connectivity using supplied configuration. +Validate the asset configuration for connectivity using supplied configuration Type: **test** Read only: **True** @@ -63,7 +63,7 @@ No parameters are required for this action No Output ## action: 'ip reputation' -Look up Cisco Talos threat intelligence for a given IP address. +Look up Cisco Talos threat intelligence for a given IP address Type: **investigate** Read only: **True** @@ -90,7 +90,7 @@ action_result.data.\*.AUP | string | | action_result.summary.message | string | | 72.163.4.185 has a Favorable threat level ## action: 'domain reputation' -Look up Cisco Talos threat intelligence for a given domain. +Look up Cisco Talos threat intelligence for a given domain Type: **investigate** Read only: **True** @@ -117,7 +117,7 @@ action_result.data.\*.AUP | string | | action_result.summary.message | string | | splunk.com has a Favorable threat level ## action: 'url reputation' -Look up Cisco Talos threat intelligence for a given URL. +Look up Cisco Talos threat intelligence for a given URL Type: **investigate** Read only: **True** diff --git a/ciscotalosintelligence.json b/ciscotalosintelligence.json index d4fda6a..4a6d9fe 100644 --- a/ciscotalosintelligence.json +++ b/ciscotalosintelligence.json @@ -236,8 +236,7 @@ "required": true, "primary": true, "contains": [ - "domain", - "url" + "domain" ], "value_list": [], "default": "", diff --git a/ciscotalosintelligence_connector.py b/ciscotalosintelligence_connector.py index bae1980..669b4c1 100644 --- a/ciscotalosintelligence_connector.py +++ b/ciscotalosintelligence_connector.py @@ -165,7 +165,6 @@ def _make_rest_call(self, retry, endpoint, action_result, method="get", **kwargs break except Exception as e: self.debug_print(f"Retrying to establish connection to the server for the {i + 1} time") - self.debug_print(e) jittered_delay = random.uniform(delay * 0.9, delay * 1.1) time.sleep(jittered_delay) delay = min(delay * 2, 256) diff --git a/manual_readme_content.md b/manual_readme_content.md index 5635da6..da744f0 100644 --- a/manual_readme_content.md +++ b/manual_readme_content.md @@ -20,6 +20,6 @@ The Cisco Talos Intelligence license is included with your Splunk SOAR (Cloud) l This app uses the Cisco Talos API that specializes in identifying, analyzing, and mitigating cybersecurity threats. -For additional details, see the [Cisco Talos Intelligence article](https://docs.splunk.com/Documentation/SOAR/drafts/Playbook/Talos) in the Splunk SOAR documentation. +For additional details, see the [Cisco Talos Intelligence article](https://docs.splunk.com/Documentation/SOAR/current/Playbook/Talos) in the Splunk SOAR documentation. **Note:** The Cisco Talos Intelligence asset is already configured in your Splunk SOAR (Cloud) deployment. \ No newline at end of file