IBM Security QRadar SOAR

 View Only

Release of v43.1.2656 Python Libraries to PyPi

By Shane Curtin posted Thu January 20, 2022 11:00 AM

Our following Python Libraries have been updated to version 43.1.2656:

Change Log

See for a detailed Change Log of each library

What's New

We have added the ability to gather the results of a function for use in a Playbook. This saves a sample payload of your function results and produces a schema used when parsing the results within a Playbook. It allows a designer to use type-ahead, when this playbook feature becomes available, to add multiple function results. Without these sample results and schema, a Playbook designer will need to reference the documentation to know how to navigate the payload results for the data.

We have also updated docgen to enhance the documentation.

To gather results, perform the following steps:

  1. Install resilient-circuits >= 43.1
  2. Run resilient-circuits in DEBUG mode
    • $ resilient-circuits run --loglevel=DEBUG
  3. Invoke the Function in SOAR
  4. Gather the results using:
    • $ resilient-sdk codegen -p my_app --gather-results
  5. Generate your docs using docgen (which will now include the results automatically)
    • $ resilient-sdk docgen -p my_app
  6. Then package your app:
    • $ resilient-sdk package -p my_app
You can also specify specific functions to get the results for:
$ resilient-sdk codegen -p my_app --gather-results -f func_one func_two

You can also use a custom app.log file that has the results (if you use another environment to get the results):
$ resilient-sdk codegen -p my_app --gather-results <path_to_custom_app.log> -f func_one func_two