Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FortiNDR Cloud Sentinel add new fields for detections #11118

Merged
merged 9 commits into from
Oct 1, 2024
Merged

FortiNDR Cloud Sentinel add new fields for detections #11118

merged 9 commits into from
Oct 1, 2024

Conversation

FortiNDR-Integration
Copy link

Required items, please complete

Change(s):

  • Add Mitre Attack primary/secondary ids to detections
  • Add link URL to detection rule page to detections
  • Remove PDNS and DHCP fields from detections

Reason for Change(s):

  • Fields update required by the customer

Version Updated:

  • Yes

Testing Completed:

  • Yes

Checked that the validations are passing and have addressed any issues that are present:

  • Yes

@FortiNDR-Integration
Copy link
Author

FortiNDR-Integration commented Sep 11, 2024
edited
Loading

Here are the working images:
Overview:
DataConnector

OrchestratorWatchdog;
OrchestratorWatchdog

SingletonEternalOrchestrator:
SingletonEternalOrchestrator

FetchAndSendEventsHistory:
FetchAndSendEventsHistory

FetchAndSendDetectionsHistory:
FetchAndSendDetectionsHistory

FetchAndSendEvents:
FetchAndSendEvents

FetchAndSendDetections:
FetchAndSendDetections

@v-prasadboke v-prasadboke self-assigned this Sep 12, 2024
@v-prasadboke v-prasadboke added Connector Connector specialty review needed Parser Parser specialty review needed Solution Solution specialty review needed labels Sep 12, 2024
@FortiNDR-Integration FortiNDR-Integration marked this pull request as draft September 23, 2024 19:50
@FortiNDR-Integration
Copy link
Author

Hi @v-prasadboke,

As you asked, we updated the data connector to use Python 3.11, but we met an issue, and need your help.

After we update python 3.11, urllib3 starts to give an error when making requests, SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)'))).

Have you dealt with this kind of situation before? Could you please help us with it?

@FortiNDR-Integration FortiNDR-Integration marked this pull request as ready for review September 25, 2024 21:52
@FortiNDR-Integration
Copy link
Author

Hi @v-prasadboke ,

We have fixed the SSL issue and updated the integration to use python 3.11.

Here are the working images:
Overview:
Overview

OrchestratorWatchdog;
OrchestratorWatchdog

SingletonEternalOrchestrator:
SingletonEternalOrchestrator

FetchAndSendEventsHistory:
FetchAndSendEventsHistory

FetchAndSendDetectionsHistory:
FetchAndSendDetectionsHistory

FetchAndSendEvents:
FetchAndSendEvents

FetchAndSendDetections:
FetchAndSendDetections

Best

@v-prasadboke v-prasadboke merged commit 9b540e2 into Azure:master Oct 1, 2024
32 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@v-prasadboke v-prasadboke v-prasadboke approved these changes

Assignees

@v-prasadboke v-prasadboke

Labels
Connector Connector specialty review needed Parser Parser specialty review needed Solution Solution specialty review needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@FortiNDR-Integration @v-prasadboke