Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New features for emails #29400

Merged
Prev Previous commit
Next Next commit
add a "." for validation to pass
RosenbergYehuda committed Sep 5, 2023
commit d3e407b0bd461aff192121ad7e8991b2277fcb04
86 changes: 43 additions & 43 deletions Packs/CheckPointHEC/Integrations/CheckPointHEC/CheckPointHEC.yml
Original file line number Diff line number Diff line change
@@ -69,9 +69,9 @@ script:
- name: checkpointhec-get-entity
arguments:
- name: entity
description: Entity id to retrieve
description: Entity id to retrieve.
required: true
description: Retrieve specific entity
description: Retrieve specific entity.
outputs:
- contextPath: CheckPointHEC.Entity.internetMessageId
description: Email message id in internet.
@@ -171,9 +171,9 @@ script:
- name: checkpointhec-get-email-info
arguments:
- name: entity
description: Email entity id
description: Email entity id.
required: true
description: Retrieve specific email entity
description: Retrieve specific email entity.
outputs:
- contextPath: CheckPointHEC.Email.fromEmail
description: Email sender.
@@ -214,126 +214,126 @@ script:
description: Email message id in internet.
type: String
- contextPath: CheckPointHEC.Email.isUserExposed
description: Email reached user inbox
description: Email reached user inbox.
type: Boolean
- name: checkpointhec-get-scan-info
arguments:
- name: entity
description: Scanned entity id
required: true
description: Retrieve specific email scan with positive threats
description: Retrieve specific email scan with positive threats.
outputs:
- contextPath: CheckPointHEC.ScanResult.ap
description: Anti-phishing scan results
description: Anti-phishing scan results.
- contextPath: CheckPointHEC.ScanResult.dlp
description: Data Loss Prevention scan results
description: Data Loss Prevention scan results.
- contextPath: CheckPointHEC.ScanResult.clicktimeProtection
description: Click Time Protection scan results
description: Click Time Protection scan results.
- contextPath: CheckPointHEC.ScanResult.shadowIt
description: Shadow IT scan results
description: Shadow IT scan results.
- contextPath: CheckPointHEC.ScanResult.av
description: Antivirus scan results
description: Antivirus scan results.
- name: checkpointhec-search-emails
description: Get email ids with same sender and/or subject
description: Get email ids with same sender and/or subject.
arguments:
- name: date_range
description: Range to search for emails (1 day, 2 weeks, etc.)
description: Range to search for emails (1 day, 2 weeks, etc.).
required: true
- name: sender
description: Search emails with this sender
description: Search emails with this sender.
- name: subject
description: Search emails with this subject
description: Search emails with this subject.
outputs:
- contextPath: CheckPointHEC.SearchResult.ids
description: List of email ids returned by the search
description: List of email ids returned by the search.
- name: checkpointhec-send-action
arguments:
- name: farm
description: Customer farm
description: Customer farm.
required: true
- name: customer
description: Customer portal name
description: Customer portal name.
required: true
- name: entity
description: One or multiple Email ids to apply action over
description: One or multiple Email ids to apply action over.
isArray: true
required: true
- name: action
description: Action to perform (quarantine or restore)
description: Action to perform (quarantine or restore).
required: true
auto: PREDEFINED
predefined:
- quarantine
- restore
description: Quarantine or restore an email
description: Quarantine or restore an email.
outputs:
- contextPath: CheckPointHEC.Task.task
description: Task id of the sent action
description: Task id of the sent action.
type: String
- name: checkpointhec-get-action-result
arguments:
- name: farm
description: Customer farm
description: Customer farm.
required: true
- name: customer
description: Customer portal name
description: Customer portal name.
required: true
- name: task
description: Task id to retrieve
description: Task id to retrieve.
required: true
description: Get task info related to a sent action
description: Get task info related to a sent action.
outputs:
- contextPath: CheckPointHEC.ActionResult.actions
description: Action information for each sent entity
description: Action information for each sent entity.
- contextPath: CheckPointHEC.ActionResult.created
description: Date when action was created in iso 8601 format
description: Date when action was created in iso 8601 format.
type: String
- contextPath: CheckPointHEC.ActionResult.customer
description: Customer portal name
description: Customer portal name.
type: String
- contextPath: CheckPointHEC.ActionResult.failed
description: Number of failed actions
description: Number of failed actions.
type: Number
- contextPath: CheckPointHEC.ActionResult.id
description: Action task id
description: Action task id.
type: Number
- contextPath: CheckPointHEC.ActionResult.name
description: Action name
description: Action name.
type: String
- contextPath: CheckPointHEC.ActionResult.owner
description: Action owner
description: Action owner.
type: String
- contextPath: CheckPointHEC.ActionResult.progress
description: Number of actions in progress
description: Number of actions in progress.
type: Number
- contextPath: CheckPointHEC.ActionResult.sequential
description: Actions are in sequence
description: Actions are in sequence.
type: Boolean
- contextPath: CheckPointHEC.ActionResult.status
description: Action status
description: Action status.
type: String
- contextPath: CheckPointHEC.ActionResult.succeed
description: Number of succeed actions
description: Number of succeed actions.
type: Number
- contextPath: CheckPointHEC.ActionResult.total
description: Total of actions
description: Total of actions.
type: Number
- contextPath: CheckPointHEC.ActionResult.type
description: Action internal name
description: Action internal name.
type: String
- contextPath: CheckPointHEC.ActionResult.updated
description: Date when action last updated in iso 8601 format
description: Date when action last updated in iso 8601 format.
type: String
- name: checkpointhec-send-notification
arguments:
- name: entity
description: Email entity id
description: Email entity id.
required: true
- name: emails
description: List of emails to send notification
description: List of emails to send notification.
isArray: true
required: true
description: Send notification about user exposition for the specific entity to the list of emails
description: Send notification about user exposition for the specific entity to the list of emails.
outputs:
- contextPath: CheckPointHEC.Notification.ok
description: Result of the operation.
Original file line number Diff line number Diff line change
@@ -5,27 +5,27 @@ name: RunCPPhishingCampaign
script: ""
type: python
tags: []
comment: Search other emails by sender and/or subject and quarantine
comment: Search other emails by sender and/or subject and quarantine.
enabled: true
args:
- name: date_range
required: true
type: String
description: Range to cover from the past
description: Range to cover from the past.
- name: by_sender
required: true
auto: PREDEFINED
predefined:
- "false"
- "true"
description: Get emails from the same sender
description: Get emails from the same sender.
- name: by_subject
required: true
auto: PREDEFINED
predefined:
- "false"
- "true"
description: Get emails with the same subject
description: Get emails with the same subject.
scripttarget: 0
subtype: python3
runonce: false
10 changes: 5 additions & 5 deletions Packs/CheckPointHEC/Scripts/SendCPAction/SendCPAction.yml
Original file line number Diff line number Diff line change
@@ -5,28 +5,28 @@ name: SendCPAction
script: ""
type: python
tags: []
comment: Send quarantine or restore action and update action task id
comment: Send quarantine or restore action and update action task id.
enabled: true
args:
- name: farm
required: true
type: String
description: Customer farm
description: Customer farm.
- name: customer
required: true
type: String
description: Customer portal name
description: Customer portal name.
- name: entity
required: true
type: String
description: Email entity id
description: Email entity id.
- name: action
required: true
auto: PREDEFINED
predefined:
- quarantine
- restore
description: Action name
description: Action name.
scripttarget: 0
subtype: python3
dependson:
Original file line number Diff line number Diff line change
@@ -5,7 +5,7 @@ name: ShowCPEmailInfo
script: '-'
type: python
tags: []
comment: Get email info from Check Point Smart API
comment: Get email info from Check Point Smart API.
enabled: true
scripttarget: 0
subtype: python3
Original file line number Diff line number Diff line change
@@ -5,7 +5,7 @@ name: ShowCPScanInfo
script: '-'
type: python
tags: []
comment: Get scan info from Check Point Smart API
comment: Get scan info from Check Point Smart API.
enabled: true
scripttarget: 0
subtype: python3