Demisto Content Release Notes for version 18.5.1 (8902)
Published on 2 May 2018
Integrations
2 New Integrations
- __Centreon__
Centreon is a network, system, applicative supervision, and monitoring tool. The integration provides monitoring enrichment context for hosts and applications.
- __EasyVista__
EasyVista enables you to manage the entire process of designing, managing, and delivering IT services. With the integration, you can obtain a list of incidents and requests, such as service, change, investment, and more.
6 Improved Integrations
- __RSA NetWitness Packets and Logs__
Improved parameter descriptions.
- __Threat Grid__
The _threat-grid-get-html-report-by-id ()_ command displays a report file as a file in the War Room.
- __McAfee ePO__
Enhanced War Room result formatting for _epo-commands_ (Fixed _epo-commands_ issue from version 18.5.0).
- __FireEye iSIGHT__
Fixed the timestamp in request headers, which in some cases resulted in failed authentication.
- __Okta__
Added system log commands.
- __Preempt__
Rephrasing error messages and editing context outputs.
---
Scripts
4 New Scripts
- __AquatoneDiscover__
Locates a target's nameservers and shuffle DNS lookups between them.
- __IndicatorMaliciousRatioCalculation__
Returned indicators appears in resolved incidents and resolved incident IDs.
- __TimeStampToDate (Transformer)__
Converts the UNIX Epoch timestamp to a simplified extended ISO format string. Use it to convert timestamp to the Demisto date field.
- __WhereFieldEquals (Transformer)__
Return all items from the list where the items' 'field' attribute is equal to the 'equalTo' argument.
2 Improved Scripts
- __Urlscan.io__
Encoded the URL parameters for the _submit-url_ command.
- __Ping__
Added Ping results as output and removed verbose argument (this change breaks backward compatibility, best practice is to use outputs over context and raw-response=true for verbose results).
---
New Incident Layouts
- __Incident type 'Access'__
Default Incident Summary and Create/Edit Incident layouts.
---
New Classification & Mapping
SplunkPy classification and mapping for 'Access' incident type. Using the layout and mappings, users can handle Access incident type notables from Splunk ES.