diff --git a/analyzers/ValidateObservable/ValidateObservable.json b/analyzers/ValidateObservable/ValidateObservable.json index 93eff6777..a991089ac 100644 --- a/analyzers/ValidateObservable/ValidateObservable.json +++ b/analyzers/ValidateObservable/ValidateObservable.json @@ -14,5 +14,6 @@ "configurationItems": [], "registration_required": false, "subscription_required": false, - "free_subscription": false + "free_subscription": false, + "integration_type": "local" } diff --git a/responders/DomainToolsIris_AddRiskyDNSTag/DomainToolsIris_AddRiskyDNSTag.json b/responders/DomainToolsIris/DomainToolsIris_AddRiskyDNSTag.json similarity index 88% rename from responders/DomainToolsIris_AddRiskyDNSTag/DomainToolsIris_AddRiskyDNSTag.json rename to responders/DomainToolsIris/DomainToolsIris_AddRiskyDNSTag.json index be634926d..f54354a05 100644 --- a/responders/DomainToolsIris_AddRiskyDNSTag/DomainToolsIris_AddRiskyDNSTag.json +++ b/responders/DomainToolsIris/DomainToolsIris_AddRiskyDNSTag.json @@ -6,7 +6,7 @@ "license": "AGPL-V3", "description": "Add Tag saying that the case contains a risky DNS.", "dataTypeList": ["thehive:case_artifact"], - "command": "DomainToolsIris_AddRiskyDNSTag/domaintoolsiris_responder.py", + "command": "DomainToolsIris/DomainToolsIris_add_risky_dns_tag.py", "baseConfig": "DomainToolsIris", "configurationItems": [ { diff --git a/responders/DomainToolsIris_CheckMaliciousTags/DomainToolsIris_CheckMaliciousTags.json b/responders/DomainToolsIris/DomainToolsIris_CheckMaliciousTags.json similarity index 87% rename from responders/DomainToolsIris_CheckMaliciousTags/DomainToolsIris_CheckMaliciousTags.json rename to responders/DomainToolsIris/DomainToolsIris_CheckMaliciousTags.json index 402bfa357..54d4678ad 100644 --- a/responders/DomainToolsIris_CheckMaliciousTags/DomainToolsIris_CheckMaliciousTags.json +++ b/responders/DomainToolsIris/DomainToolsIris_CheckMaliciousTags.json @@ -6,7 +6,7 @@ "license": "AGPL-V3", "description": "Add Tag saying that the observable and case have a malicious tag in their Iris Tags.", "dataTypeList": ["thehive:case_artifact"], - "command": "DomainToolsIris_CheckMaliciousTags/domaintoolsiris_responder.py", + "command": "DomainToolsIris/DomainToolsIris_check_malicious_tags.py", "baseConfig": "DomainToolsIris", "configurationItems": [ { diff --git a/responders/DomainToolsIris_AddRiskyDNSTag/domaintoolsiris_responder.py b/responders/DomainToolsIris/DomainToolsIris_add_risky_dns_tag.py similarity index 100% rename from responders/DomainToolsIris_AddRiskyDNSTag/domaintoolsiris_responder.py rename to responders/DomainToolsIris/DomainToolsIris_add_risky_dns_tag.py diff --git a/responders/DomainToolsIris_CheckMaliciousTags/domaintoolsiris_responder.py b/responders/DomainToolsIris/DomainToolsIris_check_malicious_tags.py similarity index 100% rename from responders/DomainToolsIris_CheckMaliciousTags/domaintoolsiris_responder.py rename to responders/DomainToolsIris/DomainToolsIris_check_malicious_tags.py diff --git a/responders/DomainToolsIris_AddRiskyDNSTag/requirements.txt b/responders/DomainToolsIris/requirements.txt similarity index 100% rename from responders/DomainToolsIris_AddRiskyDNSTag/requirements.txt rename to responders/DomainToolsIris/requirements.txt diff --git a/responders/DomainToolsIris_CheckMaliciousTags/requirements.txt b/responders/DomainToolsIris_CheckMaliciousTags/requirements.txt deleted file mode 100644 index 37dfee161..000000000 --- a/responders/DomainToolsIris_CheckMaliciousTags/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -cortexutils \ No newline at end of file diff --git a/responders/ZEROFOX_Close_alert/ZEROFOX_Close_alert.json b/responders/ZEROFOX/ZEROFOX_Close_alert.json similarity index 92% rename from responders/ZEROFOX_Close_alert/ZEROFOX_Close_alert.json rename to responders/ZEROFOX/ZEROFOX_Close_alert.json index 57833da94..3a5ff0fd1 100644 --- a/responders/ZEROFOX_Close_alert/ZEROFOX_Close_alert.json +++ b/responders/ZEROFOX/ZEROFOX_Close_alert.json @@ -6,7 +6,7 @@ "license": "AGPL-V3", "description": "Close alert in Zerofox", "dataTypeList": ["thehive:case"], - "command": "ZEROFOX_Close_alert/ZEROFOX_Close_alert.py", + "command": "ZEROFOX/ZEROFOX_close_alert.py", "baseConfig": "ZEROFOX", "configurationItems": [ { diff --git a/responders/ZEROFOX_Takedown_request/ZEROFOX_Takedown_request.json b/responders/ZEROFOX/ZEROFOX_Takedown_request.json similarity index 91% rename from responders/ZEROFOX_Takedown_request/ZEROFOX_Takedown_request.json rename to responders/ZEROFOX/ZEROFOX_Takedown_request.json index f0d0573da..172eefa8c 100644 --- a/responders/ZEROFOX_Takedown_request/ZEROFOX_Takedown_request.json +++ b/responders/ZEROFOX/ZEROFOX_Takedown_request.json @@ -6,7 +6,7 @@ "license": "AGPL-V3", "description": "Request for a takedown regarding the alert in Zerofox", "dataTypeList": ["thehive:case"], - "command": "ZEROFOX_Takedown_request/ZEROFOX_Takedown_request.py", + "command": "ZEROFOX/ZEROFOX_takedown_request.py", "baseConfig": "ZEROFOX", "configurationItems": [ { diff --git a/responders/ZEROFOX_Close_alert/ZEROFOX_Close_alert.py b/responders/ZEROFOX/ZEROFOX_close_alert.py similarity index 100% rename from responders/ZEROFOX_Close_alert/ZEROFOX_Close_alert.py rename to responders/ZEROFOX/ZEROFOX_close_alert.py diff --git a/responders/ZEROFOX_Takedown_request/ZEROFOX_Takedown_request.py b/responders/ZEROFOX/ZEROFOX_takedown_request.py similarity index 100% rename from responders/ZEROFOX_Takedown_request/ZEROFOX_Takedown_request.py rename to responders/ZEROFOX/ZEROFOX_takedown_request.py diff --git a/responders/ZEROFOX_Close_alert/requirements.txt b/responders/ZEROFOX/requirements.txt similarity index 100% rename from responders/ZEROFOX_Close_alert/requirements.txt rename to responders/ZEROFOX/requirements.txt diff --git a/responders/ZEROFOX_Takedown_request/requirements.txt b/responders/ZEROFOX_Takedown_request/requirements.txt deleted file mode 100644 index 655e90ed6..000000000 --- a/responders/ZEROFOX_Takedown_request/requirements.txt +++ /dev/null @@ -1,3 +0,0 @@ -cortexutils -requests -