SecuronixGetViolations
Gets a list of violations related to a specific threat from the context data and displays it in the layout.
python · Securonix
Source
import demistomock as demisto # noqa: F401 from CommonServerPython import * # noqa: F401 """ MAIN FUNCTION """ def main(): try: # Get the Violations data from the Incident Context. violations = demisto.get(demisto.context(), "Securonix.ViolationData") if not violations: return_results(CommandResults(readable_output="\n#### No violations information available for threat.")) else: # If only 1 violation, convert it into list. if isinstance(violations, dict): violations = [violations] # Get the latest 200 violations from the API. violation_output = violations[-200:] heading = f"\n# Latest {len(violation_output)} Violation Events:" headers = ["Eventid", "Violator", "Policyname", "Riskthreatname", "Tenantname", "Category", "Jobstarttime"] human_readable = tableToMarkdown(heading, t=remove_empty_elements(violation_output), headers=headers, removeNull=True) if len(violations) > 200: human_readable += ( '\n### For all violations navigate to the War Room and search with the filter "Playbook task results". ' ) return_results(CommandResults(readable_output=human_readable)) except Exception as e: return_results(CommandResults(readable_output=f"\n#### Could not find violations Information. \n {e}")) """ ENTRY POINT """ if __name__ in ("__main__", "__builtin__", "builtins"): main()
README
Gets a list of violations related to a specific threat from the context data and displays it in the layout.
Script Data
| Name | Description |
|---|---|
| Script Type | python3 |
| Tags | field-change-triggered, dynamic-section |
Inputs
There are no inputs for this script.
Outputs
There are no outputs for this script.