diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml
index 6f15b22..131c639 100644
--- a/.github/workflows/linting.yml
+++ b/.github/workflows/linting.yml
@@ -1,7 +1,7 @@
name: Linting
on: [push, pull_request]
jobs:
- lint:
+ lint:
# Run per push for internal contributers. This isn't possible for forked pull requests,
# so we'll need to run on PR events for external contributers.
# String comparison below is case insensitive.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index b1170e4..33c86c5 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,11 +1,11 @@
repos:
- repo: https://github.com/phantomcyber/dev-cicd-tools
- rev: v1.16
+ rev: v1.18
hooks:
- id: org-hook
- id: package-app-dependencies
- repo: https://github.com/Yelp/detect-secrets
- rev: v1.4.0
+ rev: v1.5.0
hooks:
- id: detect-secrets
args: ['--no-verify', '--exclude-files', '^dns.json$']
diff --git a/LICENSE b/LICENSE
index ef54a0e..4b0cd55 100644
--- a/LICENSE
+++ b/LICENSE
@@ -186,7 +186,7 @@
same "printed page" as the copyright notice for easier
identification within third-party archives.
- Copyright 2016-2022 Splunk Inc.
+ Copyright 2016-2024 Splunk Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
diff --git a/NOTICE b/NOTICE
index c36d53e..3c8be6e 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,22 +1,10 @@
Splunk SOAR DNS
-Copyright (c) 2016-2022 Splunk Inc.
+Copyright (c) 2016-2024 Splunk Inc.
Third-party Software Attributions:
-Library: beautifulsoup4
-Version: 4.9.1
-License: MIT
-Copyright 2004-2017 Leonard Richardson
-Copyright 2004-2019 Leonard Richardson
-Copyright 2018 Isaac Muse
-
Library: dnspython
Version: 1.16.0
License: ISC
Copyright 2001-2017 Nominum, Inc
Copyright Dnspython Contributors
-
-Library: requests
-Version: 2.25.0
-License: Apache 2.0
-Kenneth Reitz
diff --git a/README.md b/README.md
index 6cc990d..a58d68f 100644
--- a/README.md
+++ b/README.md
@@ -2,16 +2,16 @@
# DNS
Publisher: Splunk
-Connector Version: 2\.0\.23
+Connector Version: 2.0.25
Product Vendor: Generic
Product Name: DNS
-Product Version Supported (regex): "\.\*"
-Minimum Product Version: 5\.0\.0
+Product Version Supported (regex): ".\*"
+Minimum Product Version: 5.1.0
This app implements investigative actions that return DNS Records for the object queried
-[comment]: # " File: readme.md"
-[comment]: # " Copyright (c) 2016-2022 Splunk Inc."
+[comment]: # " File: README.md"
+[comment]: # " Copyright (c) 2016-2024 Splunk Inc."
[comment]: # ""
[comment]: # "Licensed under the Apache License, Version 2.0 (the 'License');"
[comment]: # "you may not use this file except in compliance with the License."
@@ -34,8 +34,8 @@ The below configuration variables are required for this Connector to operate. T
VARIABLE | REQUIRED | TYPE | DESCRIPTION
-------- | -------- | ---- | -----------
-**dns\_server** | optional | string | IP of the DNS server for lookups
-**host\_name** | optional | string | Hostname to be used in test connectivity
+**dns_server** | optional | string | IP of the DNS server for lookups
+**host_name** | optional | string | Hostname to be used in test connectivity
### Supported Actions
[test connectivity](#action-test-connectivity) - Validate the asset configuration for connectivity
@@ -60,7 +60,7 @@ Query DNS records for a Domain or Host Name
Type: **investigate**
Read only: **True**
-A list of record types to be resolved is supplied, one of which the user may choose as the value for the type parameter, these are\:
A
AAAA
CNAME
HINFO
ISDN
MX
NS
SOA
TXT
When taking a lookup domain action from a Playbook, the author can look up arbitrary DNS record types by supplying the desired record type as a string for the type parameter\.
+A list of record types to be resolved is supplied, one of which the user may choose as the value for the type parameter, these are:
A
AAAA
CNAME
HINFO
ISDN
MX
NS
SOA
TXT
When taking a lookup domain action from a Playbook, the author can look up arbitrary DNS record types by supplying the desired record type as a string for the type parameter.
#### Action Parameters
PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS
@@ -69,21 +69,21 @@ PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS
**type** | optional | DNS Record Type | string |
#### Action Output
-DATA PATH | TYPE | CONTAINS
---------- | ---- | --------
-action\_result\.status | string |
-action\_result\.parameter\.domain | string | `host name` `domain`
-action\_result\.parameter\.type | string |
-action\_result\.data\.\*\.record\_info\_objects\.\*\.record\_info | string | `ip`
-action\_result\.data\.\*\.record\_infos | string | `ip`
-action\_result\.summary\.cannonical\_name | string |
-action\_result\.summary\.canonical\_name | string |
-action\_result\.summary\.hostname | string | `host name` `domain`
-action\_result\.summary\.record\_info | string | `ip`
-action\_result\.summary\.total\_record\_infos | numeric |
-action\_result\.message | string |
-summary\.total\_objects | numeric |
-summary\.total\_objects\_successful | numeric |
+DATA PATH | TYPE | CONTAINS | EXAMPLE VALUES
+--------- | ---- | -------- | --------------
+action_result.status | string | | success failed
+action_result.parameter.domain | string | `host name` `domain` | test.com
+action_result.parameter.type | string | |
+action_result.data.\*.record_info_objects.\*.record_info | string | `ip` | 122.122.122.122
+action_result.data.\*.record_infos | string | `ip` | 122.122.122.122
+action_result.summary.cannonical_name | string | | phantomtest.com. test.com.
+action_result.summary.canonical_name | string | |
+action_result.summary.hostname | string | `host name` `domain` | ffobaaar.com
+action_result.summary.record_info | string | `ip` | 122.122.122.122
+action_result.summary.total_record_infos | numeric | | 1 6
+action_result.message | string | | None of DNS query names exist: ['ffobaaar.com.', 'ffobaaar.com.localdomain.'] Record info: 54.239.25.192, Total record infos: 6, Cannonical name: amazon.com.
+summary.total_objects | numeric | | 1
+summary.total_objects_successful | numeric | | 1
## action: 'lookup ip'
Query Reverse DNS records for an IP
@@ -91,7 +91,7 @@ Query Reverse DNS records for an IP
Type: **investigate**
Read only: **True**
-The lookup ip action takes an IP address parameter\. The IP address \(IPv4 or IPv6\) will be looked up against the appropriate reverse lookup DNS records, and any associate hostname\(s\) will be returned\. Only PTR type lookups are returned\.
+The lookup ip action takes an IP address parameter. The IP address (IPv4 or IPv6) will be looked up against the appropriate reverse lookup DNS records, and any associate hostname(s) will be returned. Only PTR type lookups are returned.
#### Action Parameters
PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS
@@ -99,15 +99,17 @@ PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS
**ip** | required | IP to resolve | string | `ip`
#### Action Output
-DATA PATH | TYPE | CONTAINS
---------- | ---- | --------
-action\_result\.status | string |
-action\_result\.parameter\.ip | string | `ip`
-action\_result\.data | string |
-action\_result\.summary\.cannonical\_name | string |
-action\_result\.summary\.canonical\_name | string |
-action\_result\.summary\.hostname | string | `host name` `domain`
-action\_result\.summary\.ip | string | `ip`
-action\_result\.message | string |
-summary\.total\_objects | numeric |
-summary\.total\_objects\_successful | numeric |
\ No newline at end of file
+DATA PATH | TYPE | CONTAINS | EXAMPLE VALUES
+--------- | ---- | -------- | --------------
+action_result.status | string | | success failed
+action_result.parameter.ip | string | `ip` | 122.122.122.122 123.123.123.123
+action_result.data | string | |
+action_result.summary.cannonical_name | string | | 122.122.122.122.in-addr.arpa.
+action_result.summary.canonical_name | string | |
+action_result.summary.hostname | string | `host name` `domain` | ec2-52-91-186-198.compute-1.test.com.
+action_result.summary.ip | string | `ip` | 122.122.122.122
+action_result.message | string | | Ip: 122.122.122.122
+Hostname: ec2-52-91-186-198.compute-1.test.com.
+Cannonical name: 122.122.122.122.in-addr.arpa. The DNS query name does not exist: 123.123.123.123.in-addr.arpa.
+summary.total_objects | numeric | | 1
+summary.total_objects_successful | numeric | | 1
\ No newline at end of file
diff --git a/__init__.py b/__init__.py
index 156a533..d7d82bb 100644
--- a/__init__.py
+++ b/__init__.py
@@ -1,6 +1,6 @@
# File: __init__.py
#
-# Copyright (c) 2016-2022 Splunk Inc.
+# Copyright (c) 2016-2024 Splunk Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
diff --git a/display_ip.html b/display_ip.html
index 9b42d12..7b2ca82 100644
--- a/display_ip.html
+++ b/display_ip.html
@@ -10,7 +10,7 @@
{% block widget_content %}
{% endblock %}
-
diff --git a/dns.json b/dns.json
index d126e2d..90d6d87 100644
--- a/dns.json
+++ b/dns.json
@@ -5,9 +5,9 @@
"publisher": "Splunk",
"package_name": "phantom_dns",
"type": "information",
- "license": "Copyright (c) 2016-2022 Splunk Inc.",
+ "license": "Copyright (c) 2016-2024 Splunk Inc.",
"main_module": "dns_connector.py",
- "app_version": "2.0.24",
+ "app_version": "2.0.25",
"utctime_updated": "2022-01-31T19:38:57.000000Z",
"product_vendor": "Generic",
"product_name": "DNS",
@@ -28,8 +28,8 @@
"pip_dependencies": {
"wheel": [
{
- "module": "dns",
- "input_file": "dnspython/dnspython-1.16.0-py2.py3-none-any.whl"
+ "module": "dnspython",
+ "input_file": "wheels/shared/dnspython-1.16.0-py2.py3-none-any.whl"
}
]
},
@@ -328,4 +328,4 @@
"versions": "EQ(*)"
}
]
-}
\ No newline at end of file
+}
diff --git a/dns_connector.py b/dns_connector.py
index 92a798b..bb7b0b8 100644
--- a/dns_connector.py
+++ b/dns_connector.py
@@ -1,6 +1,6 @@
# File: dns_connector.py
#
-# Copyright (c) 2016-2022 Splunk Inc.
+# Copyright (c) 2016-2024 Splunk Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -156,6 +156,8 @@ def _handle_forward_lookup(self, param):
action_result = ActionResult(dict(param))
self.add_action_result(action_result)
+ self.save_progress(EXECUTION_START_MESSAGE.format(self.ACTION_ID_FORWARD_LOOKUP))
+
# get the server
server = self._server
host = param.get('domain')
@@ -205,6 +207,8 @@ def _handle_reverse_lookup(self, param):
action_result = ActionResult(dict(param))
self.add_action_result(action_result)
+ self.save_progress(EXECUTION_START_MESSAGE.format(self.ACTION_ID_REVERSE_LOOKUP))
+
# get the server
server = self._server
host = param.get('ip')
diff --git a/dns_consts.py b/dns_consts.py
index 3fd2b93..bb9b547 100644
--- a/dns_consts.py
+++ b/dns_consts.py
@@ -1,6 +1,6 @@
# File: dns_consts.py
#
-# Copyright (c) 2016-2022 Splunk Inc.
+# Copyright (c) 2016-2024 Splunk Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -16,4 +16,6 @@
SAMPLEDNS_SUCC_QUERY = "Host lookup successful"
SAMPLEDNS_ERR_QUERY_RETURNED_NO_DATA = "Lookup did not return any information"
+EXECUTION_START_MESSAGE = "Executing {0} action"
+
SAMPLEDNS_DEFAULT_REQUEST_TIMEOUT = 30 # in seconds
diff --git a/dns_view.py b/dns_view.py
index b7e7b08..ab538cb 100644
--- a/dns_view.py
+++ b/dns_view.py
@@ -1,6 +1,6 @@
# File: dns_view.py
#
-# Copyright (c) 2016-2022 Splunk Inc.
+# Copyright (c) 2016-2024 Splunk Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
diff --git a/exclude_files.txt b/exclude_files.txt
deleted file mode 100644
index 2bfc80b..0000000
--- a/exclude_files.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-docker-compose.yml
-.gitlab-ci.yml
-Makefile
-.git*
-whitesource-results
\ No newline at end of file
diff --git a/logo_splunk.svg b/logo_splunk.svg
index 225e1cd..c67198d 100644
--- a/logo_splunk.svg
+++ b/logo_splunk.svg
@@ -1 +1 @@
-
\ No newline at end of file
+
diff --git a/logo_splunk_dark.svg b/logo_splunk_dark.svg
index 053089f..9051579 100644
--- a/logo_splunk_dark.svg
+++ b/logo_splunk_dark.svg
@@ -1 +1 @@
-
\ No newline at end of file
+
diff --git a/manual_readme_content.md b/manual_readme_content.md
index e90a994..32df151 100644
--- a/manual_readme_content.md
+++ b/manual_readme_content.md
@@ -1,5 +1,5 @@
[comment]: # " File: README.md"
-[comment]: # " Copyright (c) 2016-2022 Splunk Inc."
+[comment]: # " Copyright (c) 2016-2024 Splunk Inc."
[comment]: # ""
[comment]: # "Licensed under the Apache License, Version 2.0 (the 'License');"
[comment]: # "you may not use this file except in compliance with the License."
diff --git a/release_notes/unreleased.md b/release_notes/unreleased.md
index fbcb2fd..7f5e8f4 100644
--- a/release_notes/unreleased.md
+++ b/release_notes/unreleased.md
@@ -1 +1,2 @@
**Unreleased**
+* Removed certifi, requests and urllib dependencies in order to use platform packages [PAPP-31096, PAPP-30822, PAPP-33451]
diff --git a/requirements.txt b/requirements.txt
index 92637bc..2214373 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,3 +1 @@
-beautifulsoup4==4.9.1
dnspython==1.16.0
-requests==2.25.0
diff --git a/tox.ini b/tox.ini
new file mode 100644
index 0000000..c4644ad
--- /dev/null
+++ b/tox.ini
@@ -0,0 +1,7 @@
+[flake8]
+max-line-length = 145
+max-complexity = 28
+extend-ignore = F403,E128,E126,E111,E121,E127,E731,E201,E202,F405,E722,D,W292
+
+[isort]
+line_length = 145
diff --git a/dnspython/dnspython-1.16.0-py2.py3-none-any.whl b/wheels/shared/dnspython-1.16.0-py2.py3-none-any.whl
similarity index 100%
rename from dnspython/dnspython-1.16.0-py2.py3-none-any.whl
rename to wheels/shared/dnspython-1.16.0-py2.py3-none-any.whl