Merge branch 'master' into add_silents

demisto · Mar 3, 2025 · f2cb876 · f2cb876
2 parents 2be3cb6 + 06b5eda
commit f2cb876
Show file tree

Hide file tree

Showing 15 changed files with 1,749 additions and 6 deletions.
diff --git a/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.py b/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.py
@@ -70,13 +70,26 @@ def fetch_stix_objects_from_api(self, test: bool = False, limit: int = -1, **kwa
         data: list = []
         for api_root in self.server.api_roots:
             for collection in api_root.collections:
-                for bundle in as_pages(collection.get_objects, per_request=100, **kwargs):
-                    data.extend(bundle.get('objects') or [])
-                    if test and limit < len(data):
-                        return data
+                for _ in range(2):
+                    try:
+                        objects: list = []
+                        for bundle in as_pages(collection.get_objects, per_request=100, **kwargs):
+                            objects.extend(bundle.get('objects') or [])
+                            if test and limit < len(objects):
+                                return objects
+
+                        data.extend(objects)
+                        break
+                    except requests.exceptions.HTTPError as e:
+                        if e.response.status_code == 502:
+                            demisto.debug("Received 502 error, retrying...")
+                            time.sleep(25)
+                        else:
+                            raise
 
         if test:
             return data
+
         self.objects_data[kwargs.get('type')] = data
         return None
 

diff --git a/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml b/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml
@@ -1,4 +1,7 @@
 category: Data Enrichment & Threat Intelligence
+sectionOrder:
+- Connect
+- Collect
 commonfields:
   id: Unit42v2 Feed
   version: -1
@@ -8,16 +11,19 @@ configuration:
   displaypassword: API Key
   hiddenusername: true
   required: false
+  section: Connect
 - display: API Key
   name: api_key
   type: 4
   hidden: true
   required: false
+  section: Connect
 - display: Fetch indicators
   name: feed
   type: 8
   defaultvalue: 'true'
   required: false
+  section: Collect
 - additionalinfo: Indicators from this integration instance will be marked with this reputation
   display: Indicator Reputation
   name: feedReputation
@@ -28,6 +34,7 @@ configuration:
   - Bad
   type: 18
   required: false
+  section: Collect
 - additionalinfo: Reliability of the source providing the intelligence data
   display: Source Reliability
   name: feedReliability
@@ -41,6 +48,7 @@ configuration:
   required: true
   type: 15
   defaultvalue: A - Completely reliable
+  section: Collect
 - display: 'Traffic Light Protocol Color'
   name: tlp_color
   options:
@@ -51,6 +59,7 @@ configuration:
   type: 15
   additionalinfo: The Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feed
   required: false
+  section: Collect
 - display: ''
   name: feedExpirationPolicy
   type: 17
@@ -60,39 +69,47 @@ configuration:
   - indicatorType
   - suddenDeath
   required: false
+  section: Collect
 - display: ''
   name: feedExpirationInterval
   type: 1
   required: false
+  section: Collect
 - display: Feed Fetch Interval
   name: feedFetchInterval
   type: 19
   defaultvalue: '240'
   required: false
+  section: Collect
 - additionalinfo: When selected, the exclusion list is ignored for indicators from this feed. This means that if an indicator from this feed is on the exclusion list, the indicator might still be added to the system.
   display: Bypass exclusion list
   name: feedBypassExclusionList
   type: 8
   required: false
+  section: Collect
 - display: Tags
   name: feedTags
   type: 0
   additionalinfo: Supports CSV values.
   required: false
+  section: Collect
 - display: Use system proxy settings
   name: proxy
   type: 8
   required: false
+  section: Connect
 - defaultvalue: 'false'
   display: Trust any certificate (not secure)
   name: insecure
   type: 8
   required: false
+  section: Connect
 - defaultvalue: 'true'
   display: Create relationships
   name: create_relationships
   type: 8
   required: false
+  section: Collect
 description: Unit 42 feed of published IOCs, which contains known malicious indicators.
 display: Unit 42 ATOMs Feed
 name: Unit42v2 Feed
@@ -111,7 +128,7 @@ script:
       - attack-pattern
     description: Retrieves a limited number of the indicators.
     name: unit42-get-indicators
-  dockerimage: demisto/taxii2:1.0.0.117320
+  dockerimage: demisto/taxii2:1.0.0.2477082
   feed: true
   runonce: false
   script: '-'

diff --git a/Packs/FeedUnit42v2/ReleaseNotes/1_0_63.md b/Packs/FeedUnit42v2/ReleaseNotes/1_0_63.md
@@ -0,0 +1,7 @@
+
+#### Integrations
+
+##### Unit 42 ATOMs Feed
+- Updated the Docker image to: *demisto/taxii2:1.0.0.2477082*.
+
+- Fixed an issue with 502 server errors by implementing a retry mechanism.
diff --git a/Packs/FeedUnit42v2/pack_metadata.json b/Packs/FeedUnit42v2/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Unit 42 ATOMs Feed",
     "description": "Unit 42 feed of published IOCs which contains malicious indicators.",
     "support": "xsoar",
-    "currentVersion": "1.0.62",
+    "currentVersion": "1.0.63",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

diff --git a/Packs/GenericAPIEventCollector/.pack-ignore b/Packs/GenericAPIEventCollector/.pack-ignore
diff --git a/Packs/GenericAPIEventCollector/.secrets-ignore b/Packs/GenericAPIEventCollector/.secrets-ignore