Commvault Cloud: Bugfix : Commvault Cloud for Splunk SOAR (#3)

* Squashing commits

Squashing commits

* Update README.md

* Update unreleased.md

* dev check changes

* add verify argument

---------

Co-authored-by: stutib-crest <[email protected]>

.gitignore

@@ -1,2 +1,3 @@
 
 .idea/misc.xml
+.idea/workspace.xml

LICENSE

@@ -198,4 +198,4 @@
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License.

README.md

@@ -6,7 +6,7 @@ Connector Version: 1.2.0
 Product Vendor: Commvault Systems  
 Product Name: Commvault Cloud  
 Product Version Supported (regex): ".\*"  
-Minimum Product Version: 6.2.0.355  
+Minimum Product Version: 6.2.1  
 
 This app integrates with Commvault API to fetch threat indicators and respond
 
@@ -17,6 +17,7 @@ VARIABLE | REQUIRED | TYPE | DESCRIPTION
 -------- | -------- | ---- | -----------
 **CommvaultEndpoint** |  required  | string | Commvault End Point
 **CommvaultAccessToken** |  required  | string | Commvault Access Token
+**PhantomAPIToken** |  required  | password | Phantom API token (For creating new events)
 
 ### Supported Actions  
 [test connectivity](#action-test-connectivity) - Validate the asset configuration for connectivity using supplied configuration  
@@ -120,4 +121,4 @@ PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS
 **artifact_count** |  optional  | Parameter ignored in this app | numeric | 
 
 #### Action Output
-No Output
+No Output

commvaultcloud.json

@@ -17,28 +17,30 @@
     }
   ],
   "license": "Copyright (c) Commvault Systems, 2024",
-  "app_version": "1.2.0",
+  "app_version": "1.3.0",
   "utctime_updated": "2024-04-24T07:42:46.413306Z",
   "package_name": "phantom_commvaultcloud",
   "main_module": "commvaultcloud_connector.py",
-  "min_phantom_version": "6.2.0.355",
+  "min_phantom_version": "6.2.1",
   "app_wizard_version": "1.0.0",
   "configuration": {
     "CommvaultEndpoint": {
       "description": "Commvault End Point",
       "data_type": "string",
       "required": true,
-      "order": 0,
-      "name": "CommvaultEndpoint",
-      "id": 0
+      "order": 0
     },
     "CommvaultAccessToken": {
       "description": "Commvault Access Token",
       "data_type": "string",
       "required": true,
-      "order": 1,
-      "name": "CommvaultAccessToken",
-      "id": 1
+      "order": 1
+    },
+    "PhantomAPIToken": {
+      "description": "Phantom API token (For creating new events)",
+      "data_type": "password",
+      "required": true,
+      "order": 2
     }
   },
   "actions": [
@@ -65,28 +67,25 @@
           "description": "Email Address of User",
           "data_type": "string",
           "required": true,
-          "order": 0,
-          "name": "user_email",
-          "id": 1,
-          "param_name": "user_email"
+          "order": 0
         }
       },
       "output": [
         {
           "data_path": "action_result.parameter.user_email",
           "data_type": "string",
-                  "column_name": "User Email",
+          "column_name": "User Email",
           "column_order": 0
         },
         {
           "data_path": "action_result.status",
           "data_type": "string",
-                  "column_name": "Status",
-                  "column_order": 1,
-                  "example_values": [
-                      "success",
-                      "failed"
-                  ]
+          "column_name": "Status",
+          "column_order": 1,
+          "example_values": [
+              "success",
+              "failed"
+          ]
         },
         {
           "data_path": "action_result.message",
@@ -118,28 +117,25 @@
           "description": "Client Name to disable data aging",
           "data_type": "string",
           "required": true,
-          "order": 0,
-          "name": "client_name",
-          "id": 1,
-          "param_name": "client_name"
+          "order": 0
         }
       },
       "output": [
         {
           "data_path": "action_result.parameter.client_name",
           "data_type": "string",
-                  "column_name": "Client Name",
+          "column_name": "Client Name",
           "column_order": 0
         },
         {
           "data_path": "action_result.status",
           "data_type": "string",
-                  "column_name": "Status",
-                  "column_order": 1,
-                  "example_values": [
-                      "success",
-                      "failed"
-                  ]
+          "column_name": "Status",
+          "column_order": 1,
+          "example_values": [
+              "success",
+              "failed"
+          ]
         },
         {
           "data_path": "action_result.message",
@@ -207,43 +203,28 @@
         "start_time": {
           "description": "Parameter ignored in this app",
           "data_type": "numeric",
-          "order": 0,
-          "name": "start_time",
-          "id": 1,
-          "param_name": "start_time"
+          "order": 0
         },
         "end_time": {
           "description": "Parameter ignored in this app",
           "data_type": "numeric",
-          "order": 1,
-          "name": "end_time",
-          "id": 2,
-          "param_name": "end_time"
+          "order": 1
         },
         "container_id": {
           "description": "Parameter ignored in this app",
           "data_type": "string",
-          "order": 2,
-          "name": "container_id",
-          "id": 3,
-          "param_name": "container_id"
+          "order": 2
         },
         "container_count": {
           "description": "Maximum number of tickets to be ingested during poll now",
           "data_type": "numeric",
           "default": "1",
-          "order": 3,
-          "name": "container_count",
-          "id": 4,
-          "param_name": "container_count"
+          "order": 3
         },
         "artifact_count": {
           "description": "Parameter ignored in this app",
           "data_type": "numeric",
-          "order": 4,
-          "name": "artifact_count",
-          "id": 5,
-          "param_name": "artifact_count"
+          "order": 4
         }
       },
       "output": [],

commvaultcloud_connector.py

@@ -1083,12 +1083,21 @@ def main():
     argparser.add_argument('input_test_json', help='Input Test JSON file')
     argparser.add_argument('-u', '--username', help='username', required=False)
     argparser.add_argument('-p', '--password', help='password', required=False)
+    argparser.add_argument(
+        "-v",
+        "--verify",
+        action="store_true",
+        help="verify",
+        required=False,
+        default=False,
+    )
 
     args = argparser.parse_args()
     session_id = None
 
     username = args.username
     password = args.password
+    verify = args.verify
 
     if username is not None and password is None:
         # User specified a username but not a password, so ask
@@ -1100,7 +1109,7 @@ def main():
             login_url = CommvaultCloudConnector._get_phantom_base_url() + '/login'
 
             print("Accessing the Login page")
-            r = requests.get(login_url, verify=False)
+            r = requests.get(login_url, verify=verify)
             csrftoken = r.cookies['csrftoken']
 
             data = dict()
@@ -1113,7 +1122,7 @@ def main():
             headers['Referer'] = login_url
 
             print("Logging into Platform to get the session id")
-            r2 = requests.post(login_url, verify=False, data=data, headers=headers)
+            r2 = requests.post(login_url, verify=verify, data=data, headers=headers)
             session_id = r2.cookies['sessionid']
         except Exception as e:
             print("Unable to get session id from the platform. Error: " + str(e))

release_notes/unreleased.md

@@ -1 +1,2 @@
 **Unreleased**
+* Accept Phantom API token as a configuration parameter