From 9f222ff2aa9e53b83c9707784e631e1cf2beedd6 Mon Sep 17 00:00:00 2001
From: Nithin Reddy <nreddy@abnormalsecurity.com>
Date: Tue, 18 Jun 2024 13:22:26 +0000
Subject: [PATCH] lte datetime issue.

---
 .../soar_connector_async.py                           | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator/soar_connector_async.py b/Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator/soar_connector_async.py
index cd6a601a5bb..dae56cecc48 100644
--- a/Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator/soar_connector_async.py	
+++ b/Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator/soar_connector_async.py	
@@ -64,7 +64,16 @@ def _get_filter_query(self, filter_param, gte_datetime=None, lte_datetime=None):
         if gte_datetime:
             filter_string += ' ' + f'gte {gte_datetime}'
         if lte_datetime:
-            filter_string += ' ' + f'lte {lte_datetime}'
+            final_lte_value = lte_datetime
+            try:
+                parsed_lte_value = datetime.strptime(lte_datetime, TIME_FORMAT)
+                final_lte_value = (parsed_lte_value + timedelta(seconds=30)).strftime(TIME_FORMAT)
+                
+                logging.info(f"Adding buffer to lte time {lte_datetime} to make it {final_lte_value}")
+            except Exception as e:
+                logging.error(f"Failed to parse lte time {lte_datetime} to add buffer with error {e}")
+
+            filter_string += ' ' + f'lte {final_lte_value}'
         return {
             'filter': filter_string,
         }