Merge branch 'contrib/munna-metron_SentinelOne-V2-3.2.37' into SentinelOne-V2-3.2.37

Author: munna-metron

.github/github_workflow_scripts/parse_junit_per_pack.py

@@ -24,7 +24,7 @@ def parse_pack_name(class_name: str):
     return parsed_pack_name
 
 
-def parse_xml(path: Path = Path(".report_pytest.xml")) -> dict[str, float]:
+def parse_xml(path: Path = Path("report_pytest.xml")) -> dict[str, float]:
     pack_times: defaultdict[str, float] = defaultdict(int)
 
     for suite in ET.parse(path).getroot().findall("testsuite"):

.github/workflows/pre-commit-reuse.yml

@@ -76,7 +76,7 @@ jobs:
       id: check-pytest-junit-exists
       uses: andstor/file-existence-action@v2
       with:
-        files: ".report_pytest.xml"
+        files: "report_pytest.xml"
 
     - name: Create pack-wise pytest report
       run: poetry run python .github/github_workflow_scripts/parse_junit_per_pack.py
@@ -86,7 +86,7 @@ jobs:
         github.event.pull_request.head.repo.fork == false
 
     - name: Upload junit & pack-wise pytest report
-      uses: actions/upload-artifact@v4
+      uses: PaloAltoNetworks/upload-secure-artifact@v1.0.5
       if: |
         always() && 
         steps.check-pytest-junit-exists.outputs.files_exists == 'true' && 
@@ -95,7 +95,7 @@ jobs:
         name: pytest
         path: |
           packwise_pytest_time.csv
-          .report_pytest.xml
+          report_pytest.xml
         if-no-files-found: error
 
     - name: Pytest coverage comment
@@ -108,7 +108,7 @@ jobs:
       continue-on-error: true  # may fail on output > 65k chars
       with:
         pytest-xml-coverage-path: coverage_report/coverage.xml
-        junitxml-path: .report_pytest.xml
+        junitxml-path: report_pytest.xml
 
     - uses: actions/cache/save@v3
       if: always()

.gitignore

@@ -84,6 +84,7 @@ Packs/Whois/Integrations/Whois/test_data/microsocks
 .pre-commit-config-content.yaml
 .report.json
 .report_pytest.xml
+report_pytest.xml
 .report_mypy.xml
 coverage.xml
 Packs/**/Integrations/**/.pytest.ini

.pre-commit-config_template.yaml

@@ -154,7 +154,7 @@ repos:
     - -v
     - --override-ini='asyncio_mode=auto'
     - --rootdir=/src
-    - --junitxml=/src/.pre-commit/pytest-junit/.report_pytest.xml
+    - --junitxml=/src/.pre-commit/pytest-junit/report_pytest.xml
     - --color=yes
     - --files
     args:docker_autoupdate:
@@ -163,7 +163,7 @@ repos:
     - -v
     - --override-ini='asyncio_mode=auto'
     - --rootdir=/src
-    - --junitxml=/src/.pre-commit/pytest-junit/.report_pytest.xml
+    - --junitxml=/src/.pre-commit/pytest-junit/report_pytest.xml
     - --color=yes
     - --files
     copy_files:
@@ -193,7 +193,7 @@ repos:
     - -v
     - --override-ini='asyncio_mode=auto'
     - --rootdir=/src
-    - --junitxml=/src/.pre-commit/pytest-junit/.report_pytest.xml
+    - --junitxml=/src/.pre-commit/pytest-junit/report_pytest.xml
     - --color=yes
     copy_files:
     - Tests/scripts/dev_envs/pytest/conftest.py

Documentation/common_server_docs.py

@@ -31,7 +31,8 @@
                     "BaseHTTPClient", "DemistoHandler", "DebugLogger", "FeedIndicatorType", "Indicator",
                     "IndicatorType", "EntryType", "EntryFormat", "abstractmethod",
                     "HTTPAdapter", "Retry", "Common", "randint", "GetDemistoVersion", "get_demisto_version",
-                    "BaseWidget", "UTC", "WarningsHandler", "__line__", "_find_relevant_module"]
+                    "BaseWidget", "UTC", "WarningsHandler", "__line__", "_find_relevant_module", "register_module_line",
+                    "fix_traceback_line_numbers"]
 
 PY_IRREGULAR_FUNCS = {"LOG": {"argList": ["message"]}}
 

Packs/Akamai_SIEM/Integrations/Akamai_SIEM/Akamai_SIEM.py

@@ -550,6 +550,7 @@ def fetch_events_command(
                     "please run 'akamai-siem-reset-offset' on the specific instance.\n" \
                     'For more information, please refer to the Troubleshooting section in the integration documentation.\n' \
                     f'original error: [{e}]'
+                reset_offset_command(client)
                 raise DemistoException(err_msg)
             else:
                 raise DemistoException(e)

Packs/Akamai_SIEM/ReleaseNotes/1_2_3.md

@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### Akamai WAF SIEM
+
+- Fixed an issue where auto offset reset didn't work for **fetch-events**.

Packs/Akamai_SIEM/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Akamai WAF SIEM",
     "description": "Use the Akamai WAF SIEM integration to retrieve security events from Akamai Web Application Firewall (WAF) service.",
     "support": "xsoar",
-    "currentVersion": "1.2.2",
+    "currentVersion": "1.2.3",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

Packs/ApiModules/Scripts/CoreIRApiModule/CoreIRApiModule.py

@@ -2459,7 +2459,7 @@ def form_powershell_command(unescaped_string: str) -> str:
         else:
             escaped_string += char
 
-    return f"powershell -Command '{escaped_string}'"
+    return f"powershell -Command \"{escaped_string}\""
 
 
 def run_script_execute_commands_command(client: CoreClient, args: Dict) -> CommandResults:

Packs/ApiModules/Scripts/CoreIRApiModule/CoreIRApiModule_test.py

@@ -24,17 +24,17 @@
 POWERSHELL_COMMAND_CASES = [
     pytest.param(
         "Write-Output 'Hello, world, it`s me!'",
-        "powershell -Command 'Write-Output ''Hello, world, it`s me!'''",
+        "powershell -Command \"Write-Output ''Hello, world, it`s me!''\"",
         id='Hello World message',
     ),
     pytest.param(
         r"New-Item -Path 'C:\Users\User\example.txt' -ItemType 'File'",
-        "powershell -Command 'New-Item -Path ''C:\\Users\\User\\example.txt'' -ItemType ''File'''",
+        "powershell -Command \"New-Item -Path ''C:\\Users\\User\\example.txt'' -ItemType ''File''\"",
         id='New file in path with backslashes',
     ),
     pytest.param(
         "$message = 'This is a test with special chars: `&^%$#@!'; Write-Output $message",
-        "powershell -Command '$message = ''This is a test with special chars: `&^%$#@!''; Write-Output $message'",
+        "powershell -Command \"$message = ''This is a test with special chars: `&^%$#@!''; Write-Output $message\"",
         id='Special characters message',
     ),
     pytest.param(
@@ -46,11 +46,11 @@
             "$sessionId = $sessionInfo[2]; if ($users -contains $username) { logoff $sessionId } } }"
         ),
         (
-            "powershell -Command '$users = @(JohnDoe) -split '';''; query user | Select-Object -Skip 1 | "
+            "powershell -Command \"$users = @(JohnDoe) -split '';''; query user | Select-Object -Skip 1 | "
             "ForEach-Object { $sessionInfo = $_ -split ''\\s+'' | "
             "Where-Object { $_ -ne '''' -and $_ -notlike ''Disc'' }; "
             "if ($sessionInfo.Length -ge 6) { $username = $sessionInfo[0].TrimStart(''>''); "
-            "$sessionId = $sessionInfo[2]; if ($users -contains $username) { logoff $sessionId } } }'"
+            "$sessionId = $sessionInfo[2]; if ($users -contains $username) { logoff $sessionId } } }\""
         ),
         id='End RDP session for users',
     ),