Netskope Update (demisto#29463)

Author: eepstain

Diff for: Packs/Netskope/ModelingRules/NetskopeEventCollector_1_3/NetskopeEventCollector_1_3.xif

@@ -40,7 +40,8 @@ filter source_log_event = "page"
     xdm.target.location.longitude = to_float(dst_longitude),
 	xdm.target.location.region = dst_region,
 	xdm.target.location.timezone = dst_timezone,
-	xdm.target.port = dstport,
+	xdm.target.port = to_integer(dstport),
+	xdm.source.port = to_integer(srcport),	
 	xdm.target.sent_bytes = server_bytes,
 	xdm.target.url = page,
 	xdm.target.user.identifier = userkey;
@@ -109,7 +110,8 @@ filter source_log_event = "application"
     xdm.target.location.longitude = to_float(dst_longitude),
 	xdm.target.location.region = dst_region,
 	xdm.target.location.timezone = dst_timezone,
-	xdm.target.port = dstport,
+	xdm.target.port = to_integer(dstport),
+	xdm.source.port = to_integer(srcport),	
 	xdm.target.sent_bytes = server_bytes,
 	xdm.target.url = coalesce(page, web_url),
 	xdm.target.user.identifier = userkey;
@@ -178,7 +180,8 @@ filter source_log_event = "alert"
     xdm.target.location.longitude = to_float(dst_longitude),
 	xdm.target.location.region = dst_region,
 	xdm.target.location.timezone = dst_timezone,
-	xdm.target.port = dstport,
+	xdm.target.port = to_integer(dstport),
+	xdm.source.port = to_integer(srcport),	
 	xdm.target.sent_bytes = server_bytes,
 	xdm.target.url = coalesce(page, web_url),
 	xdm.target.user.identifier = userkey;
@@ -219,7 +222,8 @@ filter source_log_event = "network"
 	xdm.target.domain = type_web,
 	xdm.target.host.hostname = dsthost,
 	xdm.target.ipv4 = dstip,
-	xdm.target.port = dstport,
+	xdm.target.port = to_integer(dstport),
+	xdm.source.port = to_integer(srcport),	
 	xdm.target.sent_bytes = server_bytes,
 	xdm.target.user.identifier = userkey,
 	xdm.network.http.referrer = referer,

Diff for: Packs/Netskope/ModelingRules/NetskopeEventCollector_1_3/NetskopeEventCollector_1_3_schema.json

@@ -17,7 +17,7 @@
       "is_array": false
     },
     "dstport": {
-      "type": "string",
+      "type": "int",
       "is_array": false
     },
     "hostname": {
@@ -49,7 +49,7 @@
       "is_array": false
     },
     "srcport": {
-      "type": "string",
+      "type": "int",
       "is_array": false
     },
     "timestamp": {

Diff for: Packs/Netskope/ReleaseNotes/3_2_3.md

@@ -0,0 +1,6 @@
+
+#### Modeling Rules
+
+##### Netskope Modeling Rule
+
+Updated the Modeling Rule mapping, adding the srcport field to the XDM xdm.source.port field.  

Diff for: Packs/Netskope/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Netskope",
     "description": "Cloud access security broker that enables to find, understand, and secure cloud apps.",
     "support": "xsoar",
-    "currentVersion": "3.2.2",
+    "currentVersion": "3.2.3",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",