Skip to content

removed agentix from integration where both fetch incidents and fetch events #43744

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jbabazadeh merged 11 commits into from
Apr 12, 2026
Merged

removed agentix from integration where both fetch incidents and fetch events #43744

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
16d764d
removed agentix from integration where both fetch incidents and fetch…
Shir2611 Mar 30, 2026
21e91aa
Merged master into current branch.
Apr 5, 2026
1879678
Bump pack from version CrowdStrikeFalcon to 2.8.3.
Apr 5, 2026
c23f74d
Bump pack from version HelloWorld to 4.0.2.
Apr 5, 2026
32929fa
Merge branch 'master' into remove-agentix-from-event-collectors-part-1
Shir2611 Apr 6, 2026
cd6527e
merge from master
Shir2611 Apr 6, 2026
32f2e47
Merge remote-tracking branch 'origin/remove-agentix-from-event-collec…
Shir2611 Apr 6, 2026
c06c574
Merge branch 'master' into remove-agentix-from-event-collectors-part-1
Shir2611 Apr 9, 2026
5eb6f60
remove agentix from supported modules after check
Shir2611 Apr 9, 2026
fa64155
Merge branch 'master' into remove-agentix-from-event-collectors-part-1
Shir2611 Apr 12, 2026
1f736ed
add event fetch interval param to helloworld
Shir2611 Apr 12, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions Packs/Akamai_SIEM/Integrations/Akamai_SIEM/Akamai_SIEM.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,8 @@ configuration:
additionalinfo: The number of events to fetch per request to akamai (multiple requests are made for each fetch). If you're getting aggregated delays, increase the number. The maximum is 80k. Note that if your API has higher ingestion rate, the integration will be able to detect it and immediately starts the next run in order to fetch events quicker.
hidden:
- xsoar
supportedModules:
- "xsiam"
advanced: true
- display: Fetch incidents
name: isFetch
Expand Down Expand Up @@ -114,6 +116,8 @@ configuration:
section: Collect
hidden:
- xsoar
supportedModules:
- "xsiam"
defaultvalue: '1'
advanced: true
- display: Fetch Events
Expand All @@ -123,6 +127,8 @@ configuration:
section: Collect
hidden:
- xsoar
supportedModules:
- "xsiam"
additionalinfo: Make sure this feature is not used with long running configured in the integration params and that there's no config ID used for 2 different instances / features.
- display: Skip events decoding
name: should_skip_decode_events
Expand All @@ -132,13 +138,17 @@ configuration:
section: Collect
hidden:
- xsoar
supportedModules:
- "xsiam"
- display: Long running instance
name: longRunning
additionalinfo: This is a beta feature for high performance fetch events. Use this param only if advised by CS. Make sure this feature is not used with fetch events configured in the integration params and that there's no config ID used for 2 different instances / features.
type: 8
required: false
hidden:
- xsoar
supportedModules:
- "xsiam"
section: Collect
- display: Page Size - high performance mode
name: beta_page_size
Expand All @@ -149,6 +159,8 @@ configuration:
section: Collect
hidden:
- xsoar
supportedModules:
- "xsiam"
- display: Max allowed concurrent tasks
name: max_concurrent_tasks
type: 0
Expand All @@ -158,6 +170,8 @@ configuration:
section: Collect
hidden:
- xsoar
supportedModules:
- "xsiam"
description: Use the Akamai WAF SIEM integration to retrieve security events from Akamai Web Application Firewall (WAF) service.
display: Akamai WAF SIEM
name: Akamai WAF SIEM
Expand Down
6 changes: 6 additions & 0 deletions Packs/Akamai_SIEM/ReleaseNotes/1_2_18.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@

#### Integrations

##### Akamai WAF SIEM

- Documentation and metadata improvements.
2 changes: 1 addition & 1 deletion Packs/Akamai_SIEM/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Akamai WAF SIEM",
"description": "Use the Akamai WAF SIEM integration to retrieve security events from Akamai Web Application Firewall (WAF) service.",
"support": "xsoar",
"currentVersion": "1.2.17",
"currentVersion": "1.2.18",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
20 changes: 20 additions & 0 deletions Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,11 @@ configuration:
defaultvalue: 'true'
hidden:
- xsoar
supportedModules:
- "xsiam"
- "edr"
- "cloud"
- "cloud_runtime_security"
- display: Incident type
name: incidentType
type: 13
Expand Down Expand Up @@ -283,6 +288,11 @@ configuration:
hidden:
- xsoar
- xpanse
supportedModules:
- "xsiam"
- "edr"
- "cloud"
- "cloud_runtime_security"
Comment thread
BEAdi marked this conversation as resolved.
- display: 'Fetch Asset types'
name: fetch_assets_type
defaultvalue: 'Spotlight,CNAPP Alerts'
Expand Down Expand Up @@ -336,6 +346,11 @@ configuration:
hidden:
- xsoar
- xpanse
supportedModules:
- "xsiam"
- "edr"
- "cloud"
- "cloud_runtime_security"
- display: 'Advanced: Time in minutes to look back when fetching incidents and detections'
additionalinfo: Use this parameter to determine the look-back period for searching for incidents that were created before the last run time and did not match the query when they were created.
defaultvalue: 2
Expand All @@ -358,6 +373,11 @@ configuration:
hidden:
- xsoar
- xpanse
supportedModules:
- "xsiam"
- "edr"
- "cloud"
- "cloud_runtime_security"
Comment on lines +376 to +380
Copy link
Copy Markdown
Contributor

@BEAdi BEAdi Apr 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are you sure that this parameter is not relevant for fetch incidents?

Copy link
Copy Markdown
Contributor Author

@Shir2611 Shir2611 Apr 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is for fetch events
image

see additionalinfo: Use this parameter to determine the look-back period for searching for **events** that were created before the last run time and did not match the query when they were created.

Copy link
Copy Markdown
Contributor

@BEAdi BEAdi Apr 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it is better to check this in the code to be sure because the names change during the upload (look at the additionalinfo here).
Anyway, you are correct.
Image

- additionalinfo: The fetch interval for assets and vulnerabilities. It is recommended to set it to 1 hour.
defaultvalue: 60
display: Assets Fetch Interval
Expand Down
6 changes: 6 additions & 0 deletions Packs/CrowdStrikeFalcon/ReleaseNotes/2_8_3.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@

#### Integrations

##### CrowdStrike Falcon

- Documentation and metadata improvements.
2 changes: 1 addition & 1 deletion Packs/CrowdStrikeFalcon/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "CrowdStrike Falcon",
"description": "The CrowdStrike Falcon OAuth 2 API (formerly the Falcon Firehose API), enables fetching and resolving detections, searching devices, getting behaviors by ID, containing hosts, and lifting host containment.",
"support": "xsoar",
"currentVersion": "2.8.2",
"currentVersion": "2.8.3",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
6 changes: 6 additions & 0 deletions ...amSecurityOperationsPlatform/Integrations/ExabeamSecOpsPlatform/ExabeamSecOpsPlatform.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,8 @@ configuration:
required: false
hidden:
- xsoar
supportedModules:
- "xsiam"
- display: Incidents Fetch Interval
name: incidentFetchInterval
type: 19
Expand All @@ -63,6 +65,8 @@ configuration:
section: Collect
hidden:
- xsoar
supportedModules:
- "xsiam"
- display: Maximum Incidents Per Fetch
additionalinfo: This value should not exceed 3,000 due to product's API limitations.
name: max_fetch # for fetch-incidents on XSOAR
Expand All @@ -79,6 +83,8 @@ configuration:
section: Collect
hidden:
- xsoar
supportedModules:
- "xsiam"
- display: Fetch query
additionalinfo: 'In the `key:value` format. For example: `NOT stage:"CLOSED"`.'
name: fetch_query
Expand Down
6 changes: 6 additions & 0 deletions Packs/ExabeamSecurityOperationsPlatform/ReleaseNotes/1_3_2.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@

#### Integrations

##### Exabeam Security Operations Platform

- Documentation and metadata improvements.
2 changes: 1 addition & 1 deletion Packs/ExabeamSecurityOperationsPlatform/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Exabeam Security Operations Platform",
"description": " Exabeam Security Operations Platform ",
"support": "xsoar",
"currentVersion": "1.3.1",
"currentVersion": "1.3.2",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
14 changes: 14 additions & 0 deletions Packs/HelloWorld/Integrations/HelloWorldV2/HelloWorldV2.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,16 @@ configuration:
required: false
section: Connect
advanced: true
- display: Events Fetch Interval
name: eventFetchInterval
defaultvalue: '1'
type: 19
required: false
section: Collect
hidden:
- xsoar
supportedModules:
- "xsiam"
- name: threshold_ip
display: Score threshold for IP reputation command
defaultvalue: '65'
Expand Down Expand Up @@ -113,6 +123,8 @@ configuration:
section: Collect
hidden:
- xsoar
supportedModules:
- "xsiam"
- name: max_events_fetch
display: Maximum number of events per fetch
defaultvalue: '1000'
Expand All @@ -121,6 +133,8 @@ configuration:
section: Collect
hidden:
- xsoar
supportedModules:
- "xsiam"
# Fetch Assets (and Vulnerabilities)
# Not supported in Cortex XSOAR
- display: Fetch assets and vulnerabilities
Expand Down
6 changes: 6 additions & 0 deletions Packs/HelloWorld/ReleaseNotes/4_0_2.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@

#### Integrations

##### Hello World v2

- Documentation and metadata improvements.
2 changes: 1 addition & 1 deletion Packs/HelloWorld/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "HelloWorld",
"description": "This is the Hello World integration for getting started.",
"support": "community",
"currentVersion": "4.0.1",
"currentVersion": "4.0.2",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
Loading