Deploy Resilient/resilient-community-apps to github.ibm.com/Resilient…

…/resilient-community-apps.git:gh-pages
ibmresilient · Apr 15, 2024 · 118b8a2 · 118b8a2
1 parent 96d96fb
commit 118b8a2
Show file tree

Hide file tree

Showing 14 changed files with 37 additions and 27 deletions.
diff --git a/.doctrees/environment.pickle b/.doctrees/environment.pickle
diff --git a/.doctrees/fn_rsa_netwitness/README.doctree b/.doctrees/fn_rsa_netwitness/README.doctree
diff --git a/.doctrees/fn_vmray_analyzer/README.doctree b/.doctrees/fn_vmray_analyzer/README.doctree
diff --git a/.doctrees/sc_email_parser/README.doctree b/.doctrees/sc_email_parser/README.doctree
diff --git a/_images/rule_artifact.jpeg → _images/rule_artifact.jpg b/_images/rule_artifact.jpeg → _images/rule_artifact.jpg
diff --git a/_images/rule_attachment.jpeg → _images/rule_attachment.jpg b/_images/rule_attachment.jpeg → _images/rule_attachment.jpg
diff --git a/_images/workflow_attachment.jpeg → _images/workflow_attachment.jpg b/_images/workflow_attachment.jpeg → _images/workflow_attachment.jpg
diff --git a/_sources/fn_rsa_netwitness/README.md.txt b/_sources/fn_rsa_netwitness/README.md.txt
@@ -14,6 +14,7 @@ The RSA NetWitness functions query for metadata and return pcap and log files fo
 
 | Version | Date    | Notes                                                                                                                                              |
 |---------|---------|----------------------------------------------------------------------------------------------------------------------------------------------------|
+| 1.1.3   | 04/2024 | Converted a post process script to Python3 
 | 1.1.2   | 11/2023 | Convert workflows to Python3                                                                                                                       |
 | 1.1.1   | 6/2021  | Bug fix for json logs output, updated execute_call to execute_call_v2, fix for convert_to_nw_time, removed create_tmp_file, fixed workflow scripts |
 | 1.1.0   | 3/2020  | Initial commit                                                                                                                                     |

diff --git a/_sources/fn_vmray_analyzer/README.md.txt b/_sources/fn_vmray_analyzer/README.md.txt
@@ -27,7 +27,7 @@
 **This package contains a function that executes a VMRay Malware Sandbox Analysis using VMRay Cloud API. Also included are two example workflows and two example rules that demonstrate how to use this function.**
 
 
- ![screenshot](./screenshots/workflow_attachment.jpeg)
+ ![screenshot](./screenshots/workflow_attachment.jpg)
 
 * The attachment or artifact to be analyzed must be a file.
 * The report only supports JSON format. HTML and PDF are not supported.
@@ -267,13 +267,13 @@ incident.addNote(helper.createRichText(noteText))
 | --------- | :---------: | ------------------ |
 | Example: VMRay Sandbox Analysis [Artifact]| `Artifact` | `Example: VMRay Sandbox Analyzer [Artifact]` |
 
-![screenshot](./screenshots/rule_artifact.jpeg)
+![screenshot](./screenshots/rule_artifact.jpg)
 
 ---
 | Rule Name | Object Type | Workflow Triggered |
 | --------- | :---------: | ------------------ |
 | Example: VMRay Sandbox Analyzer [Attachment]| `Attachment` | `Example: VMRay Sandbox Analyzer [Attachment]` |
 
 
-![screenshot](./screenshots/rule_attachment.jpeg)
+![screenshot](./screenshots/rule_attachment.jpg)
 
diff --git a/_sources/sc_email_parser/README.md.txt b/_sources/sc_email_parser/README.md.txt
@@ -4,6 +4,7 @@ This package consists of the **RuleAndScript.res** and **ScriptAlone.res** IBM S
 ## History
 | Version | Date | Comments |
 | ------: | ---: | -------: |
+| 2.3.3 | 4/2023 | Fix for 31 character MD5 values |
 | 2.3.2 | 2/2023 | Fix index error |
 | 2.3.1 | 10/2022 | Fix for defanging logic |
 | 2.3.0 | 9/2022 | Support for Outbound Email 2.0 conversations |
@@ -47,7 +48,7 @@ Be aware that any url, mailto email address, url etc. is modified so that it is
 ## Installation instructions
 
 Before installing, verify that your environment meets the following prerequisites:
-* IBM SOAR platform is version 39 or later.
+* IBM SOAR platform is version 50 or later.
 * You have a IBM SOAR account to use for the installation. This can be any account that has the permission to view and modify administrator and customization settings, and read and update incidents. You need to know the account username and password.
 
 ### Procedure
@@ -64,14 +65,14 @@ Before installing, verify that your environment meets the following prerequisite
 8. Select **Proceed**.
 
 ### Result
-After installing from **RuleAndScript.res**, the IBM SOAR platform will have a new Python script called "Generic email script v2.3.0" and a new rule called "Process email message v2.3.0". The rule runs the script when it is triggered by a new email message being received by the IBM SOAR platform. If instead you imported **ScriptAlone.res** then you will only have the new script and not the rule.
+After installing from **RuleAndScript.res**, the IBM SOAR platform will have a new Python script called "Generic email script v2.3.3" and a new rule called "Process email message v2.3.3". The rule runs the script when it is triggered by a new email message being received by the IBM SOAR platform. If instead you imported **ScriptAlone.res** then you will only have the new script and not the rule.
 
 **Note**: This new rule is disabled by default. To enable:
 
 1. Navigate to **Customization Settings**.
 2. Select the "Rules" tab.
-3. Modify the "Generic email script v2.3.0" with any custom Allowlist IP address changes
-4. Enable the rule "Process email message v2.3.0".
+3. Modify the "Generic email script v2.3.3" with any custom Allowlist IP address changes
+4. Enable the rule "Process email message v2.3.3".
 If you are using an older email script:
 5. Disable any previous email rule this new script is replacing.
 

diff --git a/fn_rsa_netwitness/README.html b/fn_rsa_netwitness/README.html
@@ -370,15 +370,19 @@ <h3>Release History<a class="headerlink" href="#release-history" title="Link to
 </tr>
 </thead>
 <tbody>
-<tr class="row-even"><td><p>1.1.2</p></td>
+<tr class="row-even"><td><p>1.1.3</p></td>
+<td><p>04/2024</p></td>
+<td><p>Converted a post process script to Python3</p></td>
+</tr>
+<tr class="row-odd"><td><p>1.1.2</p></td>
 <td><p>11/2023</p></td>
 <td><p>Convert workflows to Python3</p></td>
 </tr>
-<tr class="row-odd"><td><p>1.1.1</p></td>
+<tr class="row-even"><td><p>1.1.1</p></td>
 <td><p>6/2021</p></td>
 <td><p>Bug fix for json logs output, updated execute_call to execute_call_v2, fix for convert_to_nw_time, removed create_tmp_file, fixed workflow scripts</p></td>
 </tr>
-<tr class="row-even"><td><p>1.1.0</p></td>
+<tr class="row-odd"><td><p>1.1.0</p></td>
 <td><p>3/2020</p></td>
 <td><p>Initial commit</p></td>
 </tr>

diff --git a/fn_vmray_analyzer/README.html b/fn_vmray_analyzer/README.html
@@ -387,7 +387,7 @@ <h3>v1.0.0<a class="headerlink" href="#v1-0-0" title="Link to this heading">#</a
 <section id="overview">
 <h2>Overview<a class="headerlink" href="#overview" title="Link to this heading">#</a></h2>
 <p><strong>This package contains a function that executes a VMRay Malware Sandbox Analysis using VMRay Cloud API. Also included are two example workflows and two example rules that demonstrate how to use this function.</strong></p>
-<p><img alt="screenshot" src="../_images/workflow_attachment.jpeg" /></p>
+<p><img alt="screenshot" src="../_images/workflow_attachment.jpg" /></p>
 <ul class="simple">
 <li><p>The attachment or artifact to be analyzed must be a file.</p></li>
 <li><p>The report only supports JSON format. HTML and PDF are not supported.</p></li>
@@ -736,7 +736,7 @@ <h2>Rules<a class="headerlink" href="#rules" title="Link to this heading">#</a><
 </tbody>
 </table>
 </div>
-<p><img alt="screenshot" src="../_images/rule_artifact.jpeg" /></p>
+<p><img alt="screenshot" src="../_images/rule_artifact.jpg" /></p>
 <hr class="docutils" />
 <div class="table-wrapper colwidths-auto docutils container">
 <table class="docutils align-default">
@@ -754,7 +754,7 @@ <h2>Rules<a class="headerlink" href="#rules" title="Link to this heading">#</a><
 </tbody>
 </table>
 </div>
-<p><img alt="screenshot" src="../_images/rule_attachment.jpeg" /></p>
+<p><img alt="screenshot" src="../_images/rule_attachment.jpg" /></p>
 </section>
 </section>
 

diff --git a/sc_email_parser/README.html b/sc_email_parser/README.html
@@ -363,39 +363,43 @@ <h2>History<a class="headerlink" href="#history" title="Link to this heading">#<
 </tr>
 </thead>
 <tbody>
-<tr class="row-even"><td class="text-right"><p>2.3.2</p></td>
+<tr class="row-even"><td class="text-right"><p>2.3.3</p></td>
+<td class="text-right"><p>4/2023</p></td>
+<td class="text-right"><p>Fix for 31 character MD5 values</p></td>
+</tr>
+<tr class="row-odd"><td class="text-right"><p>2.3.2</p></td>
 <td class="text-right"><p>2/2023</p></td>
 <td class="text-right"><p>Fix index error</p></td>
 </tr>
-<tr class="row-odd"><td class="text-right"><p>2.3.1</p></td>
+<tr class="row-even"><td class="text-right"><p>2.3.1</p></td>
 <td class="text-right"><p>10/2022</p></td>
 <td class="text-right"><p>Fix for defanging logic</p></td>
 </tr>
-<tr class="row-even"><td class="text-right"><p>2.3.0</p></td>
+<tr class="row-odd"><td class="text-right"><p>2.3.0</p></td>
 <td class="text-right"><p>9/2022</p></td>
 <td class="text-right"><p>Support for Outbound Email 2.0 conversations</p></td>
 </tr>
-<tr class="row-odd"><td class="text-right"><p>2.2.0</p></td>
+<tr class="row-even"><td class="text-right"><p>2.2.0</p></td>
 <td class="text-right"><p>7/2021</p></td>
 <td class="text-right"><p>Support for Python 3</p></td>
 </tr>
-<tr class="row-even"><td class="text-right"><p>2.0.2</p></td>
+<tr class="row-odd"><td class="text-right"><p>2.0.2</p></td>
 <td class="text-right"><p>4/2020</p></td>
 <td class="text-right"><p>Bug fixes for phishing incident type</p></td>
 </tr>
-<tr class="row-odd"><td class="text-right"><p>2.0.1</p></td>
+<tr class="row-even"><td class="text-right"><p>2.0.1</p></td>
 <td class="text-right"><p>10/2019</p></td>
 <td class="text-right"><p>Fix when email address contains unicode characters</p></td>
 </tr>
-<tr class="row-even"><td class="text-right"><p>2.0.0</p></td>
+<tr class="row-odd"><td class="text-right"><p>2.0.0</p></td>
 <td class="text-right"><p>7/2019</p></td>
 <td class="text-right"><p>Unicode bug fixes</p></td>
 </tr>
-<tr class="row-odd"><td class="text-right"><p>1.0.1</p></td>
+<tr class="row-even"><td class="text-right"><p>1.0.1</p></td>
 <td class="text-right"><p>2/2019</p></td>
 <td class="text-right"><p>Added automatic rule for script execution</p></td>
 </tr>
-<tr class="row-even"><td class="text-right"><p>1.0.0</p></td>
+<tr class="row-odd"><td class="text-right"><p>1.0.0</p></td>
 <td class="text-right"><p>1/2019</p></td>
 <td class="text-right"><p>Initial release</p></td>
 </tr>
@@ -439,7 +443,7 @@ <h3>Changes for v2.3.0<a class="headerlink" href="#changes-for-v2-3-0" title="Li
 <h2>Installation instructions<a class="headerlink" href="#installation-instructions" title="Link to this heading">#</a></h2>
 <p>Before installing, verify that your environment meets the following prerequisites:</p>
 <ul class="simple">
-<li><p>IBM SOAR platform is version 39 or later.</p></li>
+<li><p>IBM SOAR platform is version 50 or later.</p></li>
 <li><p>You have a IBM SOAR account to use for the installation. This can be any account that has the permission to view and modify administrator and customization settings, and read and update incidents. You need to know the account username and password.</p></li>
 </ul>
 <section id="procedure">
@@ -458,13 +462,13 @@ <h3>Procedure<a class="headerlink" href="#procedure" title="Link to this heading
 </section>
 <section id="result">
 <h3>Result<a class="headerlink" href="#result" title="Link to this heading">#</a></h3>
-<p>After installing from <strong>RuleAndScript.res</strong>, the IBM SOAR platform will have a new Python script called “Generic email script v2.3.0” and a new rule called “Process email message v2.3.0”. The rule runs the script when it is triggered by a new email message being received by the IBM SOAR platform. If instead you imported <strong>ScriptAlone.res</strong> then you will only have the new script and not the rule.</p>
+<p>After installing from <strong>RuleAndScript.res</strong>, the IBM SOAR platform will have a new Python script called “Generic email script v2.3.3” and a new rule called “Process email message v2.3.3”. The rule runs the script when it is triggered by a new email message being received by the IBM SOAR platform. If instead you imported <strong>ScriptAlone.res</strong> then you will only have the new script and not the rule.</p>
 <p><strong>Note</strong>: This new rule is disabled by default. To enable:</p>
 <ol class="arabic simple">
 <li><p>Navigate to <strong>Customization Settings</strong>.</p></li>
 <li><p>Select the “Rules” tab.</p></li>
-<li><p>Modify the “Generic email script v2.3.0” with any custom Allowlist IP address changes</p></li>
-<li><p>Enable the rule “Process email message v2.3.0”.
+<li><p>Modify the “Generic email script v2.3.3” with any custom Allowlist IP address changes</p></li>
+<li><p>Enable the rule “Process email message v2.3.3”.
 If you are using an older email script:</p></li>
 <li><p>Disable any previous email rule this new script is replacing.</p></li>
 </ol>

diff --git a/searchindex.js b/searchindex.js