Updated playbooks to account for bug in LogicApps
This commit is contained in:
9b
Родитель
d523cd6f6d
Коммит
b28b044a1d
|
|
@ -72,14 +72,36 @@
|
|||
"runAfter": {},
|
||||
"type": "ApiConnection"
|
||||
},
|
||||
"Condition_2": {
|
||||
"actions": {
|
||||
"Set_variable": {
|
||||
"inputs": {
|
||||
"name": "comment",
|
||||
"value": "@{concat(substring(body('Create_CSV_table'), 0, 750), '...')}"
|
||||
},
|
||||
"runAfter": {},
|
||||
"type": "SetVariable"
|
||||
}
|
||||
},
|
||||
"expression": {
|
||||
"and": [
|
||||
{
|
||||
"greater": [
|
||||
"@length(body('Create_CSV_table'))",
|
||||
750
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Initialize_variable_4": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "If"
|
||||
},
|
||||
"Create_CSV_table": {
|
||||
"inputs": {
|
||||
"columns": [
|
||||
{
|
||||
"header": " ",
|
||||
"value": "@item()"
|
||||
}
|
||||
],
|
||||
"format": "CSV",
|
||||
"from": "@variables('infra')"
|
||||
},
|
||||
|
|
@ -101,10 +123,24 @@
|
|||
"Append_to_array_variable": {
|
||||
"inputs": {
|
||||
"name": "infra",
|
||||
"value": "@items('For_each_3')"
|
||||
"value": {
|
||||
" ": "@items('For_each_3')"
|
||||
}
|
||||
},
|
||||
"runAfter": {},
|
||||
"type": "AppendToArrayVariable"
|
||||
},
|
||||
"Append_to_array_variable_2": {
|
||||
"inputs": {
|
||||
"name": "duplicates",
|
||||
"value": "@items('For_each_3')"
|
||||
},
|
||||
"runAfter": {
|
||||
"Append_to_array_variable": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "AppendToArrayVariable"
|
||||
}
|
||||
},
|
||||
"expression": {
|
||||
|
|
@ -112,7 +148,7 @@
|
|||
{
|
||||
"not": {
|
||||
"contains": [
|
||||
"@variables('infra')",
|
||||
"@variables('duplicates')",
|
||||
"@items('For_each_3')"
|
||||
]
|
||||
}
|
||||
|
|
@ -157,7 +193,7 @@
|
|||
},
|
||||
"foreach": "@body('Alert_-_Get_hosts')?['Hosts']",
|
||||
"runAfter": {
|
||||
"Initialize_variable": [
|
||||
"Initialize_variable_3": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
|
|
@ -168,7 +204,7 @@
|
|||
"Add_comment_to_incident_(V2)": {
|
||||
"inputs": {
|
||||
"body": {
|
||||
"Value": "Last 30-days of unique passive DNS records for @{items('For_each_2')?['DnsDomain']}\n@{body('Create_CSV_table')}\nExplore more at https://community.riskiq.com/search/@{items('For_each_2')?['DnsDomain']}"
|
||||
"Value": "Last 30-days of unique passive DNS records for @{items('For_each_2')?['DnsDomain']}\n@{variables('comment')}\nExplore more at https://community.riskiq.com/search/@{items('For_each_2')?['DnsDomain']}"
|
||||
},
|
||||
"host": {
|
||||
"connection": {
|
||||
|
|
@ -184,7 +220,7 @@
|
|||
},
|
||||
"foreach": "@body('Alert_-_Get_hosts')?['Hosts']",
|
||||
"runAfter": {
|
||||
"Create_CSV_table": [
|
||||
"Condition_2": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
|
|
@ -222,6 +258,39 @@
|
|||
]
|
||||
},
|
||||
"type": "InitializeVariable"
|
||||
},
|
||||
"Initialize_variable_3": {
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "duplicates",
|
||||
"type": "array"
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Initialize_variable": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable"
|
||||
},
|
||||
"Initialize_variable_4": {
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "comment",
|
||||
"type": "string",
|
||||
"value": "@body('Create_CSV_table')"
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Create_CSV_table": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable"
|
||||
}
|
||||
},
|
||||
"contentVersion": "1.0.0.0",
|
||||
|
|
|
|||
|
|
@ -88,14 +88,36 @@
|
|||
},
|
||||
"type": "InitializeVariable"
|
||||
},
|
||||
"Condition_2": {
|
||||
"actions": {
|
||||
"Set_variable": {
|
||||
"inputs": {
|
||||
"name": "comment",
|
||||
"value": "@{concat(substring(body('Create_CSV_table'), 0, 750), '...')}"
|
||||
},
|
||||
"runAfter": {},
|
||||
"type": "SetVariable"
|
||||
}
|
||||
},
|
||||
"expression": {
|
||||
"and": [
|
||||
{
|
||||
"greater": [
|
||||
"@length(body('Create_CSV_table'))",
|
||||
750
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Initialize_variable": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "If"
|
||||
},
|
||||
"Create_CSV_table": {
|
||||
"inputs": {
|
||||
"columns": [
|
||||
{
|
||||
"header": " ",
|
||||
"value": "@item()"
|
||||
}
|
||||
],
|
||||
"format": "CSV",
|
||||
"from": "@variables('certs')"
|
||||
},
|
||||
|
|
@ -111,7 +133,7 @@
|
|||
"Add_comment_to_incident_(V2)": {
|
||||
"inputs": {
|
||||
"body": {
|
||||
"Value": "Associated SSL certificates for @{items('For_each_2')?['DnsDomain']}\n@{body('Create_CSV_table')}\nExplore more at https://community.riskiq.com/search/@{items('For_each_2')?['DnsDomain']}"
|
||||
"Value": "Associated SSL certificates for @{items('For_each_2')?['DnsDomain']}\n@{variables('comment')}\nExplore more at https://community.riskiq.com/search/@{items('For_each_2')?['DnsDomain']}"
|
||||
},
|
||||
"host": {
|
||||
"connection": {
|
||||
|
|
@ -127,7 +149,7 @@
|
|||
},
|
||||
"foreach": "@body('Alert_-_Get_hosts')?['Hosts']",
|
||||
"runAfter": {
|
||||
"Create_CSV_table": [
|
||||
"Condition_2": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
|
|
@ -142,10 +164,24 @@
|
|||
"Append_to_array_variable": {
|
||||
"inputs": {
|
||||
"name": "certs",
|
||||
"value": "@item()['sha1']"
|
||||
"value": {
|
||||
" ": "@items('For_each')['sha1']"
|
||||
}
|
||||
},
|
||||
"runAfter": {},
|
||||
"type": "AppendToArrayVariable"
|
||||
},
|
||||
"Append_to_array_variable_2": {
|
||||
"inputs": {
|
||||
"name": "duplicates",
|
||||
"value": "@item()['sha1']"
|
||||
},
|
||||
"runAfter": {
|
||||
"Append_to_array_variable": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "AppendToArrayVariable"
|
||||
}
|
||||
},
|
||||
"expression": {
|
||||
|
|
@ -153,7 +189,7 @@
|
|||
{
|
||||
"not": {
|
||||
"contains": [
|
||||
"@variables('certs')",
|
||||
"@variables('duplicates')",
|
||||
"@item()['sha1']"
|
||||
]
|
||||
}
|
||||
|
|
@ -191,11 +227,44 @@
|
|||
},
|
||||
"foreach": "@body('Alert_-_Get_hosts')?['Hosts']",
|
||||
"runAfter": {
|
||||
"Certificate_Holder": [
|
||||
"Initialize_variable_3": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "Foreach"
|
||||
},
|
||||
"Initialize_variable": {
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "comment",
|
||||
"type": "string",
|
||||
"value": "@body('Create_CSV_table')"
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Create_CSV_table": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable"
|
||||
},
|
||||
"Initialize_variable_3": {
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "duplicates",
|
||||
"type": "array"
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Certificate_Holder": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable"
|
||||
}
|
||||
},
|
||||
"contentVersion": "1.0.0.0",
|
||||
|
|
|
|||
|
|
@ -72,14 +72,36 @@
|
|||
"runAfter": {},
|
||||
"type": "ApiConnection"
|
||||
},
|
||||
"Condition_2": {
|
||||
"actions": {
|
||||
"Set_variable": {
|
||||
"inputs": {
|
||||
"name": "comment",
|
||||
"value": "@{concat(substring(body('Create_CSV_table'), 0, 750), '...')}"
|
||||
},
|
||||
"runAfter": {},
|
||||
"type": "SetVariable"
|
||||
}
|
||||
},
|
||||
"expression": {
|
||||
"and": [
|
||||
{
|
||||
"greater": [
|
||||
"@length(body('Create_CSV_table'))",
|
||||
750
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Initialize_variable_4": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "If"
|
||||
},
|
||||
"Create_CSV_table": {
|
||||
"inputs": {
|
||||
"columns": [
|
||||
{
|
||||
"header": " ",
|
||||
"value": "@item()"
|
||||
}
|
||||
],
|
||||
"format": "CSV",
|
||||
"from": "@variables('infra')"
|
||||
},
|
||||
|
|
@ -99,10 +121,24 @@
|
|||
"Append_to_array_variable": {
|
||||
"inputs": {
|
||||
"name": "infra",
|
||||
"value": "@items('For_each_5')?['name']"
|
||||
"value": {
|
||||
" ": "@items('For_each_5')?['name']"
|
||||
}
|
||||
},
|
||||
"runAfter": {},
|
||||
"type": "AppendToArrayVariable"
|
||||
},
|
||||
"Append_to_array_variable_2": {
|
||||
"inputs": {
|
||||
"name": "duplicates",
|
||||
"value": "@items('For_each_5')?['name']"
|
||||
},
|
||||
"runAfter": {
|
||||
"Append_to_array_variable": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "AppendToArrayVariable"
|
||||
}
|
||||
},
|
||||
"expression": {
|
||||
|
|
@ -110,7 +146,7 @@
|
|||
{
|
||||
"not": {
|
||||
"contains": [
|
||||
"@variables('infra')",
|
||||
"@variables('duplicates')",
|
||||
"@items('For_each_5')?['name']"
|
||||
]
|
||||
}
|
||||
|
|
@ -149,7 +185,7 @@
|
|||
},
|
||||
"foreach": "@body('Alert_-_Get_IPs')?['IPs']",
|
||||
"runAfter": {
|
||||
"Initialize_variable": [
|
||||
"Initialize_variable_3": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
|
|
@ -160,7 +196,7 @@
|
|||
"Add_comment_to_incident_(V2)": {
|
||||
"inputs": {
|
||||
"body": {
|
||||
"Value": "Last 30-days of unique passive DNS records for @{items('For_each_2')?['Address']}\n@{body('Create_CSV_table')}\nExplore more at https://community.riskiq.com/search/@{items('For_each_2')?['Address']}"
|
||||
"Value": "Last 30-days of unique passive DNS records for @{items('For_each_2')?['Address']}\n@{variables('comment')}\nExplore more at https://community.riskiq.com/search/@{items('For_each_2')?['Address']}"
|
||||
},
|
||||
"host": {
|
||||
"connection": {
|
||||
|
|
@ -176,7 +212,7 @@
|
|||
},
|
||||
"foreach": "@body('Alert_-_Get_IPs')?['IPs']",
|
||||
"runAfter": {
|
||||
"Create_CSV_table": [
|
||||
"Condition_2": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
|
|
@ -214,6 +250,39 @@
|
|||
]
|
||||
},
|
||||
"type": "InitializeVariable"
|
||||
},
|
||||
"Initialize_variable_3": {
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "duplicates",
|
||||
"type": "array"
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Initialize_variable": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable"
|
||||
},
|
||||
"Initialize_variable_4": {
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "comment",
|
||||
"type": "string",
|
||||
"value": "@body('Create_CSV_table')"
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Create_CSV_table": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable"
|
||||
}
|
||||
},
|
||||
"contentVersion": "1.0.0.0",
|
||||
|
|
|
|||
|
|
@ -88,14 +88,36 @@
|
|||
},
|
||||
"type": "InitializeVariable"
|
||||
},
|
||||
"Condition_2": {
|
||||
"actions": {
|
||||
"Set_variable": {
|
||||
"inputs": {
|
||||
"name": "comment",
|
||||
"value": "@{concat(substring(body('Create_CSV_table'), 0, 750), '...')}"
|
||||
},
|
||||
"runAfter": {},
|
||||
"type": "SetVariable"
|
||||
}
|
||||
},
|
||||
"expression": {
|
||||
"and": [
|
||||
{
|
||||
"greater": [
|
||||
"@length(body('Create_CSV_table'))",
|
||||
750
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Initialize_variable": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "If"
|
||||
},
|
||||
"Create_CSV_table": {
|
||||
"inputs": {
|
||||
"columns": [
|
||||
{
|
||||
"header": " ",
|
||||
"value": "@item()"
|
||||
}
|
||||
],
|
||||
"format": "CSV",
|
||||
"from": "@variables('certs')"
|
||||
},
|
||||
|
|
@ -111,7 +133,7 @@
|
|||
"Add_comment_to_incident_(V2)": {
|
||||
"inputs": {
|
||||
"body": {
|
||||
"Value": "Associated SSL certificates for @{items('For_each_2')?['Address']}\n@{body('Create_CSV_table')}\nExplore more at https://community.riskiq.com/search/@{items('For_each_2')?['Address']}"
|
||||
"Value": "Associated SSL certificates for @{items('For_each_2')?['Address']}\n@{variables('comment')}\nExplore more at https://community.riskiq.com/search/@{items('For_each_2')?['Address']}"
|
||||
},
|
||||
"host": {
|
||||
"connection": {
|
||||
|
|
@ -127,7 +149,7 @@
|
|||
},
|
||||
"foreach": "@body('Alert_-_Get_IPs')?['IPs']",
|
||||
"runAfter": {
|
||||
"Create_CSV_table": [
|
||||
"Condition_2": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
|
|
@ -142,10 +164,24 @@
|
|||
"Append_to_array_variable": {
|
||||
"inputs": {
|
||||
"name": "certs",
|
||||
"value": "@item()['sha1']"
|
||||
"value": {
|
||||
" ": "@items('For_each')['sha1']"
|
||||
}
|
||||
},
|
||||
"runAfter": {},
|
||||
"type": "AppendToArrayVariable"
|
||||
},
|
||||
"Append_to_array_variable_2": {
|
||||
"inputs": {
|
||||
"name": "duplicates",
|
||||
"value": "@item()['sha1']"
|
||||
},
|
||||
"runAfter": {
|
||||
"Append_to_array_variable": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "AppendToArrayVariable"
|
||||
}
|
||||
},
|
||||
"expression": {
|
||||
|
|
@ -153,7 +189,7 @@
|
|||
{
|
||||
"not": {
|
||||
"contains": [
|
||||
"@variables('certs')",
|
||||
"@variables('duplicates')",
|
||||
"@item()['sha1']"
|
||||
]
|
||||
}
|
||||
|
|
@ -191,11 +227,44 @@
|
|||
},
|
||||
"foreach": "@body('Alert_-_Get_IPs')?['IPs']",
|
||||
"runAfter": {
|
||||
"Certificate_Holder": [
|
||||
"Initialize_variable_3": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "Foreach"
|
||||
},
|
||||
"Initialize_variable": {
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "comment",
|
||||
"type": "string",
|
||||
"value": "@body('Create_CSV_table')"
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Create_CSV_table": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable"
|
||||
},
|
||||
"Initialize_variable_3": {
|
||||
"inputs": {
|
||||
"variables": [
|
||||
{
|
||||
"name": "duplicates",
|
||||
"type": "array"
|
||||
}
|
||||
]
|
||||
},
|
||||
"runAfter": {
|
||||
"Certificate_Holder": [
|
||||
"Succeeded"
|
||||
]
|
||||
},
|
||||
"type": "InitializeVariable"
|
||||
}
|
||||
},
|
||||
"contentVersion": "1.0.0.0",
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче