From f63920eb8b48cb0802603ab8c82bfd2d66a345b4 Mon Sep 17 00:00:00 2001 From: yizhar Date: Mon, 18 Oct 2021 10:18:37 +0300 Subject: [PATCH] add is_acknowledged, acknowledged_by, acknowledged_reason, acknowledged_date to action item's fields --- .../CustomTables/CyberpionActionItems_CL.json | 16 ++++++++++++ .../Custom/CyberpionActionItems_CL.json | 25 +++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/.script/tests/KqlvalidationsTests/CustomTables/CyberpionActionItems_CL.json b/.script/tests/KqlvalidationsTests/CustomTables/CyberpionActionItems_CL.json index 01adda0105..b8c2f7bbc6 100644 --- a/.script/tests/KqlvalidationsTests/CustomTables/CyberpionActionItems_CL.json +++ b/.script/tests/KqlvalidationsTests/CustomTables/CyberpionActionItems_CL.json @@ -52,6 +52,22 @@ { "Name": "opening_datetime_t", "Type": "DateTime" + }, + { + "Name": "is_acknowledged_b", + "Type": "Boolean" + }, + { + "Name": "acknowledged_by_s", + "Type": "String" + }, + { + "Name": "acknowledged_reason_s", + "Type": "String" + }, + { + "Name": "acknowledged_date_t", + "Type": "DateTime" } ] } \ No newline at end of file diff --git a/Sample Data/Custom/CyberpionActionItems_CL.json b/Sample Data/Custom/CyberpionActionItems_CL.json index 4336829f58..d6e830f9d5 100644 --- a/Sample Data/Custom/CyberpionActionItems_CL.json +++ b/Sample Data/Custom/CyberpionActionItems_CL.json @@ -20,6 +20,10 @@ "technical_details_s": "{}", "opening_datetime_t": "2020-12-10T15:26:45.49Z", "Type": "CyberpionActionItems_CL", + "is_acknowledged": true, + "acknowledged_by": "test_user", + "acknowledged_reason": "test_reason", + "acknowledged_date": "2021-09-10T00:00:00", "_ResourceId": "" }, { @@ -43,6 +47,7 @@ "technical_details_s": "{}", "opening_datetime_t": "2020-12-10T15:26:45.302Z", "Type": "CyberpionActionItems_CL", + "is_acknowledged": false, "_ResourceId": "" }, { @@ -66,6 +71,10 @@ "technical_details_s": "[\"Loading page url: https://sd2.domain-589.com/agegate?destination=/&token=0.050275731580862404\", \"Resource url: https://sd1.ext-domain-1451.com/onetrust/webcore-ot-sdk.min.js\", \"Request redirection chain: -\"]", "opening_datetime_t": "2020-12-10T15:26:45.265Z", "Type": "CyberpionActionItems_CL", + "is_acknowledged": true, + "acknowledged_by": "moses", + "acknowledged_reason": "Moved to another URL", + "acknowledged_date": "2020-09-10T00:00:00", "_ResourceId": "" }, { @@ -89,6 +98,7 @@ "technical_details_s": "[\"A records: xx.xx.xx.xx, yy.yy.yy.yy, zz.zz.zz.zz\", \"CNAME chain (if any): sd3.domain-159.com->sd1.ext-domain-964.com->sd2.ext-domain-964.com\"]", "opening_datetime_t": "2020-12-10T15:26:44.782Z", "Type": "CyberpionActionItems_CL", + "is_acknowledged": false, "_ResourceId": "" }, { @@ -112,6 +122,10 @@ "technical_details_s": "[\"Vulnerable url: http://sd619.domain-2.com/#/login\"]", "opening_datetime_t": "2020-12-10T15:26:44.777Z", "Type": "CyberpionActionItems_CL", + "is_acknowledged": true, + "acknowledged_by": "jenny", + "acknowledged_reason": "Not interesting", + "acknowledged_date": "2021-06-16T00:00:00", "_ResourceId": "" }, { @@ -135,6 +149,7 @@ "technical_details_s": "[\"Detected on url: http://domain-640.com/\"]", "opening_datetime_t": "2020-12-10T15:26:44.056Z", "Type": "CyberpionActionItems_CL", + "is_acknowledged": false, "_ResourceId": "" }, { @@ -158,6 +173,10 @@ "technical_details_s": "[\"Vulnerable url: http://sd2.domain-98.com/media/\"]", "opening_datetime_t": "2020-12-10T15:26:44.83Z", "Type": "CyberpionActionItems_CL", + "is_acknowledged": true, + "acknowledged_by": "david", + "acknowledged_reason": "site is no longer relevant", + "acknowledged_date": "2021-05-16T00:00:00", "_ResourceId": "" }, { @@ -181,6 +200,7 @@ "technical_details_s": "{\"Expiration date\": \"2020-11-23\"}", "opening_datetime_t": "2020-12-10T15:26:41.591Z", "Type": "CyberpionActionItems_CL", + "is_acknowledged": false, "_ResourceId": "" }, { @@ -204,6 +224,10 @@ "technical_details_s": "{\"Expiration date\": \"2020-12-08\"}", "opening_datetime_t": "2020-12-10T15:26:41.587Z", "Type": "CyberpionActionItems_CL", + "is_acknowledged": true, + "acknowledged_by": "oleg", + "acknowledged_reason": "Please use a different certificate", + "acknowledged_date": "2020-05-21T00:00:00", "_ResourceId": "" }, { @@ -227,6 +251,7 @@ "technical_details_s": "[\"Detected on url: http://sd1.domain-675.com/\"]", "opening_datetime_t": "2020-12-10T15:26:43.835Z", "Type": "CyberpionActionItems_CL", + "is_acknowledged": true, "_ResourceId": "" } ]