Tenable.sc Asset & Vulnerability ingest#44442
Conversation
* adding WIP code for Tenable.sc asset & vuln ingest * add time formatting and unit test failure * pre-commit hook updates * Remove Asset Modeling Rules * explicitly exclude WAS findings * fix failing test * ruff format * remove timestamp formatting
content-bot
added
Contribution
🤖 AI-Powered Code Review AvailableHi @YaelShamai, you can leverage AI-powered code review to assist with this PR! Available Commands:
|
🤖 AI-Powered Code Review AvailableYou can leverage AI-powered code review to assist with this PR! Available Commands:
|
|
|
🤖 Analysis started. Please wait for results... |
🤖 AI Review DisclaimerThis review was generated by an AI-powered tool and may contain inaccuracies. Please be advised, and we extend our sincere apologies for any inconvenience this may cause. |
marketplace-ai-reviewer
left a comment
marketplace-ai-reviewer
left a comment
There was a problem hiding this comment.
Hi there! Thanks for your contribution to the Tenable.sc integration.
I've left a few notes to help polish the code, primarily focusing on safe dictionary access, proper exception handling, and fixing the byte size calculation for JSON strings. On the testing side, please move large mock data out of the test file, utilize @freeze_time, and add coverage for the new truncation and validation logic.
Thanks again for your hard work!
Additionally, please address the following file-level notes:
Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml: The first key defined at the root level of the.ymlfile must always benameordisplay. Currently, the file starts withcategory. Please movenameordisplayto the top of the file.
@YaelShamai, @content-bot please review and approve the results generated by the AI Reviewer by responding 👍 on this comment.
There was a problem hiding this comment.
@andrew-paloalto Doc review complete. Please check the comments. Do you need to generate a README file for the integration? In the meantime, I see the label docs-approved is already applied
This comment has been minimized.
This comment has been minimized.
|
Validate summary Verdict: PR can be force merged from validate perspective? ❌ |
🔍 AI Triage Report AvailableAn automated triage report has been generated for this pipeline. Status: 📋 Triage Report
|
There was a problem hiding this comment.
@kamalq97 Doc review complete. Please check the comments. In the meantime, the label docs-approved is already added
| | Fetch incidents | | False | | ||
| | Incident type | | False | | ||
| | First fetch timestamp (<number> <time unit>, e.g., 12 hours, 7 days) | The timestamp to start the fetch from. | False | | ||
| | Assets fetch interval in minutes | The interval in minutes between asset fetches. Default is 720 minutes. Minimum is 720 minutes. | False | |
There was a problem hiding this comment.
| | Assets fetch interval in minutes | The interval in minutes between asset fetches. Default is 720 minutes. Minimum is 720 minutes. | False | | |
| | Assets fetch interval in minutes | The interval in minutes between asset fetches. Default is 720 minutes. Minimum is 60 minutes. | False | |
|
|
||
| ### Configuration | ||
|
|
||
| To configure asset and vulnerability ingestion set the **Assets fetch interval in minutes** parameter to control how often assets and vulnerabilities are fetched. The default is 720 minutes (12 hours) and the minimum allowed value is 1 hour. |
There was a problem hiding this comment.
| To configure asset and vulnerability ingestion set the **Assets fetch interval in minutes** parameter to control how often assets and vulnerabilities are fetched. The default is 720 minutes (12 hours) and the minimum allowed value is 1 hour. | |
| To configure asset and vulnerability ingestion, set the **Assets fetch interval in minutes** parameter to control how often assets and vulnerabilities are fetched. The default is 720 minutes (12 hours), and the minimum allowed value is 60 minutes. |
6 participants
Original External PR
external pull request
Contributor
@andrew-paloalto
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
This change adds Tenable.sc asset and vulnerability ingest capabilities to the existing integration by leveraging the analysis and hosts APIs in Tenable.sc.
Must have
fixes: https://jira-dc.paloaltonetworks.com/browse/CIAC-16567