Build search indicator query from arguments. #40648
Open
+241
−1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dantavori
approved these changes
Jul 21, 2025
| type: python | ||
| fromversion: 6.5.0 | ||
| tests: | ||
| - No tests (auto formatted) |
There was a problem hiding this comment.
please add:
marketplaces:
- platform
supportedModules:
- agentix
|
|
||
| ##### New: SearchIndicatorAgentix | ||
|
|
||
| - New: Added a new script- SearchIndicatorAgentix that Searches Cortex XSOAR Indicators. |
There was a problem hiding this comment.
Suggested change
| - New: Added a new script- SearchIndicatorAgentix that Searches Cortex XSOAR Indicators. | |
| - New: This script searches indicators by specified fields. |
| @@ -0,0 +1,38 @@ | |||
| Search for Indicators and returns the id, indicator_type, value, expiration status, lastSeen timestamp, related investigations and score/verdict. | |||
There was a problem hiding this comment.
Suggested change
| Search for Indicators and returns the id, indicator_type, value, expiration status, lastSeen timestamp, related investigations and score/verdict. | |
| This script searches indicators by specified fields. |
Comment on lines
+21
to
+25
| Searches Cortex XSOAR Indicators. | ||
|
|
||
| Search for XSOAR Indicators and returns the id, indicator_type, value, expiration status, lastSeen timestamp, related investigations and score/verdict. | ||
|
|
||
| You can add additional fields from the indicators using the add_field_to_context argument. |
There was a problem hiding this comment.
Suggested change
| Searches Cortex XSOAR Indicators. | |
| Search for XSOAR Indicators and returns the id, indicator_type, value, expiration status, lastSeen timestamp, related investigations and score/verdict. | |
| You can add additional fields from the indicators using the add_field_to_context argument. | |
| This script searches indicators by specified fields. |
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
|
|
|
Validate summary Verdict: PR can be force merged from validate perspective? ✅ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: link to the issue
Description
A few sentences describing the overall goals of the pull request's commits.
Must have