IBM Security QRadar SOAR

 View Only

Release of v44.0.2810 Python Libraries to PyPi

By Bo Bleckel posted Wed March 09, 2022 12:17 PM

  
Our following Python Libraries have been updated to version 44.0.2810:

Change Log

See https://ibm.biz/soar-python-docs for a detailed Change Log of each library.

What's New

We have added the ability to include a Playbook with an app. This is different from the UI ability to export/import a Playbook. This works like Rules and Workflows do with the resilient-sdk, allowing a developer to design and package Playbooks alongside their functions and to have them imported to the platform when installing an app.

The libraries also now officially support Python 3.9.

The make use of the latest Playbooks features for the SDK:

  1. Ensure you are running resilient-sdk>=v44.0.x connected to SOAR >=v44 or CP4S >=v1.9
  2. To create a new app which includes a playbook:
    $ resilient-sdk codegen -p <path_to_new_package> --playbook <api_name_of_playbook> -m <api_name_of_message_destination> --script "name_of_global_script_to_include"
  3. To update an app with changes to a playbook or a new playbook:
    $ resilient-sdk codegen -p my_playbook_app --reload
  4. To export an app with a playbook:
    $ resilient-sdk extract --playbook <api_name_of_playbook> -m <api_name_of_message_destination> --script "name_of_global_script_to_include"
  5. To clone a playbook on the SOAR appliance (this example takes a playbook created on an incident and clones it to a playbook for an artifact):
    $ resilient-sdk clone --playbook <api_name_of_playbook> <cloned_playbook_api_name_to_create> --changetype artifact
  6. docgen and package will include the playbook information as appropriate if it has been added through codegen.

More details can be found in the usage section for each command of the resilient-sdk at https://ibm.biz/soar-python-docs.


#Highlights-home
#Highlights
0 comments
7710 views

Permalink