ChronicleDomainIntelligenceSourcesWidgetScript
Shows the details of sources in the Chronicle Domain Intelligence Sources section of the incident.
python · Google SecOps
Source
import json import traceback from typing import Any import demistomock as demisto from CommonServerPython import * def get_source_hr(source) -> dict[str, Any]: return { "Category/Description": source.get("Category", ""), "Confidence": source.get("IntRawConfidenceScore", 0), "Normalized Confidence": source.get("NormalizedConfidenceScore", ""), "Severity": source.get("RawSeverity", ""), } def main() -> None: try: incident_details = demisto.incidents()[0].get("details", "") try: incident_details = json.loads(incident_details) except Exception: demisto.debug("Error while loading investigation data from incident details.") sources_hr = "" sources = incident_details.get("Sources", {}) for source in sources: sources_hr += tableToMarkdown( "{}".format(source.get("Source")), get_source_hr(source), ["Category/Description", "Confidence", "Normalized Confidence", "Severity"], ) result = { "Type": entryTypes["note"], "Contents": "", "ContentsFormat": "", "ReadableContentsFormat": formats["markdown"], "HumanReadable": sources_hr, } demisto.results(result) except Exception as e: demisto.error(traceback.format_exc()) return_error(f"Could not load widget:\n{e}") # python2 uses __builtin__ python3 uses builtins if __name__ == "__builtin__" or __name__ == "builtins": main()
README
Shows the details of sources in the Chronicle Domain Intelligence Sources section of the incident.
Script Data
| Name | Description |
|---|---|
| Script Type | python3 |
| Tags | dynamic-section |
| Cortex XSOAR Version | 0.0.0 |
Inputs
There are no inputs for this script.
Outputs
There are no outputs for this script.