[Buganizer ID: 470917785] Feature: Refactor GetAttachment to support Alert and Case execution scopes

[Arabindaksha-Mishra]

Feature: Refactor GetAttachment to support Alert and Case execution scopes

---

Description

What problem does this PR solve?
The attachment retrieval action did not support Case-scoped playbooks, failing to correctly find or fetch case-wide files when executed outside of an Alert scope.

How does this PR solve the problem?

Added Scope Support: Dynamically detects whether the playbook is in Alert or Case scope to filter attachments correctly.
Decoupled Retrieval: Separated attachment metadata filtering from actual file content downloads.
Improved Resilience: Wrapped file downloads in error blocks so one failed file won't crash the entire action.
Metadata Bump: Bumped the integration version and added release notes for ticket 470917785.
Any other relevant information (e.g., design choices, tradeoffs, known issues):

Backward Compatibility: Maintains full support for older SOAR SDK versions via safe fallback checks.
Fault Tolerance: Logs file failures individually to ensure successful files are still returned.

Checklist:

Please ensure you have completed the following items before submitting your PR.
This helps us review your contribution faster and more efficiently.

General Checks:

• I have read and followed the project's contributing.md guide.
• My code follows the project's coding style guidelines.
• I have performed a self-review of my own code.
• My changes do not introduce any new warnings.
• My changes pass all existing tests.
• I have added new tests where appropriate to cover my changes. (If applicable)
• I have updated the documentation where necessary (e.g., README, API docs). (If applicable)

Open-Source Specific Checks:

• My changes do not introduce any Personally Identifiable Information (PII) or sensitive customer data.
• My changes do not expose any internal-only code examples, configurations, or URLs.
• All code examples, comments, and messages are generic and suitable for a public repository.
• I understand that any internal context or sensitive details related to this work are handled separately in internal systems (Buganizer for Google team members).

For Google Team Members and Reviewers Only:

• I have included the Buganizer ID in the PR title or description (e.g., "Internal Buganizer ID: 123456789" or "Related Buganizer: go/buganizer/123456789").
• I have ensured that all internal discussions and PII related to this work remain in Buganizer.
• I have tagged the PR with one or more labels that reflect the pull request purpose.

---

Screenshots (If Applicable)

If your changes involve UI or visual elements, please include screenshots or GIFs here.
Ensure any sensitive data is redacted or generalized.

---

Further Comments / Questions

Any additional comments, questions, or areas where you'd like specific feedback.

[github-actions]

❌ Marketplace Validation Failed

Click to view the full report

---

Validation Report

🧩 Integrations

Pre-Build Stage

file_utilities

Validation Name	Details
⚠️ Test Config Validation	'file_utilities' is missing tests/config.json

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refactors the attachment retrieval process within the FileUtilities integration to enable support for Case-scoped playbooks. By introducing an AttachmentsManager and explicit execution scope detection, the changes ensure that attachments are correctly identified and fetched regardless of whether the playbook is running in an Alert or Case context. Additionally, the update improves overall system resilience by isolating file download errors.

Highlights

• Execution Scope Support: Updated the attachment retrieval logic to dynamically detect and support both Alert and Case execution scopes.
• Decoupled Retrieval Logic: Separated metadata filtering from file content downloading to improve modularity and maintainability.
• Fault Tolerance: Implemented error handling for individual file downloads to ensure that a single failure does not interrupt the entire process.
• Version Update: Bumped the integration version to 24.0 and added relevant release notes for Buganizer ticket 470917785.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request refactors the GetAttachment action to utilize a new AttachmentsManager class, supporting attachment retrieval across both Alert and Case execution scopes. The version has been bumped to 24.0. Feedback includes the need for corresponding unit tests and JSON result examples as per the style guide. Additionally, several improvements were suggested for docstring formatting, defensive programming to avoid AttributeError on null objects, and preventing potential UnboundLocalError in exception handling.

[github-actions]

❌ Marketplace Validation Failed

Click to view the full report

---

Validation Report

🧩 Integrations

websense

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Websense must be a boolean true

f5_big_iq

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in F5 Big IQ must be a boolean true

outpost24

Validation Name	Details
⚠️ Mapping Rules Validation	'outpost24' has connectors but doesn't have default mapping rules

mc_afee_active_response

Validation Name	Details
⚠️ SSL Integration Validation	McAfee Active Response is missing a 'Verify SSL' parameter

observe_it

Validation Name	Details
⚠️ Mapping Rules Validation	'observe_it' has connectors but doesn't have default mapping rules
⚠️ SSL Connectors Validation	- ObserveIT - Alerts Connector is missing a 'Verify SSL' parameter

mc_afee_atd

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in McAfee ATD must be a boolean true

lastline

Validation Name

Details

⚠️ Fields Validation

Action Parameter name: Wait for the report? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Wait for the report? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

site24x7

Validation Name	Details
⚠️ Mapping Rules Validation	'site24x7' has connectors but doesn't have default mapping rules

illusive_networks

Validation Name	Details
⚠️ Mapping Rules Validation	'illusive_networks' has connectors but doesn't have default mapping rules
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Illusive Networks must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Illusive Networks - Incidents Connector must be a boolean true

fire_eye_ex

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in FireEye EX must be a boolean true
⚠️ Connectors Documentation Link Validation	Integration 'fire_eye_ex' contains connectors with missing documentation link: - FireEye EX - Alerts Connector

[github-actions]

❌ Marketplace Validation Failed

Click to view the full report

---

Validation Report

🧩 Integrations

cisco_threat_grid

Validation Name	Details
⚠️ SSL Integration Validation	Cisco Threat Grid is missing a 'Verify SSL' parameter

f5_big_iq

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in F5 Big IQ must be a boolean true

armis

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Armis - Alerts Connector must be a boolean true

fortinet_forti_siem

Validation Name	Details
⚠️ Mapping Rules Validation	'fortinet_forti_siem' has connectors but doesn't have default mapping rules

fire_eye_ex

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in FireEye EX must be a boolean true
⚠️ Connectors Documentation Link Validation	Integration 'fire_eye_ex' contains connectors with missing documentation link: - FireEye EX - Alerts Connector

websense

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Websense must be a boolean true

log_point

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Logpoint - Incidents Connector must be a boolean true
⚠️ Connectors Documentation Link Validation	Integration 'log_point' contains connectors with missing documentation link: - Logpoint - Incidents Connector

blue_liv

Validation Name	Details
⚠️ Mapping Rules Validation	'blue_liv' has connectors but doesn't have default mapping rules
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in BlueLiv - Threats Connector must be a boolean true

f5_bigip_access_policy_manager

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in F5 BIG-IP Access Policy Manager must be a boolean true

humio

Validation Name	Details
⚠️ Mapping Rules Validation	'humio' has connectors but doesn't have default mapping rules

ca_service_desk

Validation Name	Details
⚠️ SSL Integration Validation	CA Service Desk Manager is missing a 'Verify SSL' parameter
⚠️ SSL Connectors Validation	- CA Service Desk Connector is missing a 'Verify SSL' parameter
⚠️ Connectors Documentation Link Validation	Integration 'ca_service_desk' contains connectors with missing documentation link: - CA Service Desk Connector

cb_response

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Carbon Black Response must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Carbon Black Response Connector must be a boolean true

anomali_staxx

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Anomali Staxx - Indicators Connector must be a boolean true

check_point_firewall

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Check Point Firewall must be a boolean true

observe_it

Validation Name	Details
⚠️ Mapping Rules Validation	'observe_it' has connectors but doesn't have default mapping rules
⚠️ SSL Connectors Validation	- ObserveIT - Alerts Connector is missing a 'Verify SSL' parameter

mc_afee_mvision_edr

Validation Name	Details
⚠️ Mapping Rules Validation	'mc_afee_mvision_edr' has connectors but doesn't have default mapping rules

exchange_extension_pack

Validation Name	Details
⚠️ SSL Integration Validation	Exchange Extension Pack is missing a 'Verify SSL' parameter
⚠️ Fields Validation	Action Parameter name: Remove Compliance Search Once Action Completes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Case Wall Output Table? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Perform a HardDelete for deleted emails? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Remove Compliance Search Once Action Completes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Should remove senders' domains from the corresponding Domains List rule as well? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Should add senders' domain to the corresponding Domains List rule as well? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Time Frame (hours) does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Fetch Compliance Search Results? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Case Wall Output Table? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

anomali

Validation Name	Details
⚠️ SSL Integration Validation	Anomali is missing a 'Verify SSL' parameter

illusive_networks

Validation Name	Details
⚠️ Mapping Rules Validation	'illusive_networks' has connectors but doesn't have default mapping rules
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Illusive Networks must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Illusive Networks - Incidents Connector must be a boolean true

harmony_mobile

Validation Name	Details
⚠️ Mapping Rules Validation	'harmony_mobile' has connectors but doesn't have default mapping rules

http

Validation Name	Details
⚠️ SSL Integration Validation	HTTP Rest API is missing a 'Verify SSL' parameter

cyberint

Validation Name	Details
⚠️ Mapping Rules Validation	'cyberint' has connectors but doesn't have default mapping rules

active_directory

Validation Name	Details
⚠️ SSL Integration Validation	Active Directory is missing a 'Verify SSL' parameter
⚠️ Fields Validation	Action Parameter name: Should Case Wall Table be filtered by the specified Attributes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Should JSON result be filtered by the specified Attributes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

mc_afee_epo

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in McAfeeEPO must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in McAfee ePO - Threats Connector must be a boolean true

outpost24

Validation Name	Details
⚠️ Mapping Rules Validation	'outpost24' has connectors but doesn't have default mapping rules

google_grr

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Google Rapid Response (GRR) must be a boolean true

cb_defense

Validation Name	Details
⚠️ SSL Integration Validation	Carbon Black Defense is missing a 'Verify SSL' parameter

check_point_threat_reputation

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in CheckPoint Threat Reputation must be a boolean true
⚠️ Fields Validation	Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

cisco_ise

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Cisco ISE must be a boolean true

check_point_cloud_guard

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Check Point CloudGuard must be a boolean true
⚠️ Connectors Documentation Link Validation	Integration 'check_point_cloud_guard' contains connectors with missing documentation link: - Check Point Cloud Guard - Alerts Connector

mc_afee_atd

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in McAfee ATD must be a boolean true

falcon_sandbox

Validation Name	Details
⚠️ SSL Integration Validation	Falcon Sandbox is missing a 'Verify SSL' parameter

bulk_who_is

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in BulkWhoIs must be a boolean true

fire_eye_etp

Validation Name	Details
⚠️ Mapping Rules Validation	'fire_eye_etp' has connectors but doesn't have default mapping rules

digital_shadows

Validation Name	Details
⚠️ SSL Integration Validation	DigitalShadows is missing a 'Verify SSL' parameter

site24x7

Validation Name	Details
⚠️ Mapping Rules Validation	'site24x7' has connectors but doesn't have default mapping rules

cb_enterprise_edr

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in VMware Carbon Black Enterprise EDR must be a boolean true

lastline

Validation Name

Details

⚠️ Fields Validation

Action Parameter name: Wait for the report? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Wait for the report? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

fire_eye_hx

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in FireEye HX must be a boolean true

fortigate

Validation Name	Details
⚠️ Mapping Rules Validation	'fortigate' has connectors but doesn't have default mapping rules

mc_afee_active_response

Validation Name	Details
⚠️ SSL Integration Validation	McAfee Active Response is missing a 'Verify SSL' parameter

cb_live_response

Validation Name	Details
⚠️ SSL Integration Validation	VMware Carbon Black Endpoint Standard Live Response is missing a 'Verify SSL' parameter

devo

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Devo Alerts Connector must be a boolean true

auto_focus

Validation Name	Details
⚠️ SSL Integration Validation	Palo Alto AutoFocus is missing a 'Verify SSL' parameter

cylance

Validation Name	Details
⚠️ SSL Integration Validation	Cylance is missing a 'Verify SSL' parameter
⚠️ SSL Connectors Validation	- Cylance connector is missing a 'Verify SSL' parameter

check_point_sand_blast

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Check Point SandBlast must be a boolean true

cynet

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Cynet must be a boolean true

[github-actions]

❌ Marketplace Validation Failed

Click to view the full report

---

Validation Report

🧩 Integrations

virus_total

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in VirusTotal must be a boolean true

varonis_data_security_platform

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Varonis Data Security Platform must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Varonis Data Security Platform Alerts Connector must be a boolean true

blue_liv

Validation Name	Details
⚠️ Mapping Rules Validation	'blue_liv' has connectors but doesn't have default mapping rules
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in BlueLiv - Threats Connector must be a boolean true

anomali_staxx

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Anomali Staxx - Indicators Connector must be a boolean true

digital_shadows

Validation Name	Details
⚠️ SSL Integration Validation	DigitalShadows is missing a 'Verify SSL' parameter

fire_eye_ex

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in FireEye EX must be a boolean true
⚠️ Connectors Documentation Link Validation	Integration 'fire_eye_ex' contains connectors with missing documentation link: - FireEye EX - Alerts Connector

fire_eye_hx

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in FireEye HX must be a boolean true

f5_bigip_access_policy_manager

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in F5 BIG-IP Access Policy Manager must be a boolean true

mc_afee_mvision_edr

Validation Name	Details
⚠️ Mapping Rules Validation	'mc_afee_mvision_edr' has connectors but doesn't have default mapping rules

cb_enterprise_edr

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in VMware Carbon Black Enterprise EDR must be a boolean true

ca_service_desk

Validation Name	Details
⚠️ SSL Integration Validation	CA Service Desk Manager is missing a 'Verify SSL' parameter
⚠️ SSL Connectors Validation	- CA Service Desk Connector is missing a 'Verify SSL' parameter
⚠️ Connectors Documentation Link Validation	Integration 'ca_service_desk' contains connectors with missing documentation link: - CA Service Desk Connector

falcon_sandbox

Validation Name	Details
⚠️ SSL Integration Validation	Falcon Sandbox is missing a 'Verify SSL' parameter

harmony_mobile

Validation Name	Details
⚠️ Mapping Rules Validation	'harmony_mobile' has connectors but doesn't have default mapping rules

trend_micro_deep_security

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Trend Micro Deep Security must be a boolean true

cyberint

Validation Name	Details
⚠️ Mapping Rules Validation	'cyberint' has connectors but doesn't have default mapping rules

symantec_blue_coat_proxy_sg

Validation Name	Details
⚠️ SSL Integration Validation	Symantec Blue Coat ProxySG is missing a 'Verify SSL' parameter

anomali

Validation Name	Details
⚠️ SSL Integration Validation	Anomali is missing a 'Verify SSL' parameter

auto_focus

Validation Name	Details
⚠️ SSL Integration Validation	Palo Alto AutoFocus is missing a 'Verify SSL' parameter

illusive_networks

Validation Name	Details
⚠️ Mapping Rules Validation	'illusive_networks' has connectors but doesn't have default mapping rules
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Illusive Networks must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Illusive Networks - Incidents Connector must be a boolean true

mc_afee_epo

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in McAfeeEPO must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in McAfee ePO - Threats Connector must be a boolean true

f5_big_iq

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in F5 Big IQ must be a boolean true

mc_afee_atd

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in McAfee ATD must be a boolean true

cylance

Validation Name	Details
⚠️ SSL Integration Validation	Cylance is missing a 'Verify SSL' parameter
⚠️ SSL Connectors Validation	- Cylance connector is missing a 'Verify SSL' parameter

exchange_extension_pack

Validation Name	Details
⚠️ SSL Integration Validation	Exchange Extension Pack is missing a 'Verify SSL' parameter
⚠️ Fields Validation	Action Parameter name: Time Frame (hours) does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Fetch Compliance Search Results? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Case Wall Output Table? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Should add senders' domain to the corresponding Domains List rule as well? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Should remove senders' domains from the corresponding Domains List rule as well? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Remove Compliance Search Once Action Completes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Case Wall Output Table? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Perform a HardDelete for deleted emails? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Remove Compliance Search Once Action Completes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

trend_micro_apex_central

Validation Name

Details

⚠️ Fields Validation

Action Parameter name: Expire In (Days) does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

observe_it

Validation Name	Details
⚠️ Mapping Rules Validation	'observe_it' has connectors but doesn't have default mapping rules
⚠️ SSL Connectors Validation	- ObserveIT - Alerts Connector is missing a 'Verify SSL' parameter

cb_response

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Carbon Black Response must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Carbon Black Response Connector must be a boolean true

check_point_cloud_guard

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Check Point CloudGuard must be a boolean true
⚠️ Connectors Documentation Link Validation	Integration 'check_point_cloud_guard' contains connectors with missing documentation link: - Check Point Cloud Guard - Alerts Connector

cb_defense

Validation Name	Details
⚠️ SSL Integration Validation	Carbon Black Defense is missing a 'Verify SSL' parameter

lastline

Validation Name

Details

⚠️ Fields Validation

Action Parameter name: Wait for the report? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Wait for the report? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

cisco_threat_grid

Validation Name	Details
⚠️ SSL Integration Validation	Cisco Threat Grid is missing a 'Verify SSL' parameter

fortinet_forti_siem

Validation Name	Details
⚠️ Mapping Rules Validation	'fortinet_forti_siem' has connectors but doesn't have default mapping rules

cisco_ise

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Cisco ISE must be a boolean true

check_point_sand_blast

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Check Point SandBlast must be a boolean true

wmi

Validation Name	Details
⚠️ SSL Integration Validation	WMI is missing a 'Verify SSL' parameter

humio

Validation Name	Details
⚠️ Mapping Rules Validation	'humio' has connectors but doesn't have default mapping rules

fire_eye_etp

Validation Name	Details
⚠️ Mapping Rules Validation	'fire_eye_etp' has connectors but doesn't have default mapping rules

check_point_threat_reputation

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in CheckPoint Threat Reputation must be a boolean true
⚠️ Fields Validation	Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

log_point

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Logpoint - Incidents Connector must be a boolean true
⚠️ Connectors Documentation Link Validation	Integration 'log_point' contains connectors with missing documentation link: - Logpoint - Incidents Connector

mc_afee_active_response

Validation Name	Details
⚠️ SSL Integration Validation	McAfee Active Response is missing a 'Verify SSL' parameter

bulk_who_is

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in BulkWhoIs must be a boolean true

site24x7

Validation Name	Details
⚠️ Mapping Rules Validation	'site24x7' has connectors but doesn't have default mapping rules

websense

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Websense must be a boolean true

fortigate

Validation Name	Details
⚠️ Mapping Rules Validation	'fortigate' has connectors but doesn't have default mapping rules

v_sphere

Validation Name	Details
⚠️ SSL Integration Validation	VSphere is missing a 'Verify SSL' parameter

google_grr

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Google Rapid Response (GRR) must be a boolean true

cynet

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Cynet must be a boolean true

devo

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Devo Alerts Connector must be a boolean true

cb_live_response

Validation Name	Details
⚠️ SSL Integration Validation	VMware Carbon Black Endpoint Standard Live Response is missing a 'Verify SSL' parameter

active_directory

Validation Name	Details
⚠️ SSL Integration Validation	Active Directory is missing a 'Verify SSL' parameter
⚠️ Fields Validation	Action Parameter name: Should Case Wall Table be filtered by the specified Attributes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Should JSON result be filtered by the specified Attributes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

armis

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Armis - Alerts Connector must be a boolean true

check_point_firewall

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Check Point Firewall must be a boolean true

wildfire

Validation Name	Details
⚠️ SSL Integration Validation	Palo Alto Wildfire is missing a 'Verify SSL' parameter

talos

Validation Name	Details
⚠️ SSL Integration Validation	Talos ThreatSource is missing a 'Verify SSL' parameter

outpost24

Validation Name	Details
⚠️ Mapping Rules Validation	'outpost24' has connectors but doesn't have default mapping rules

[github-actions]

❌ Marketplace Validation Failed

Click to view the full report

---

Validation Report

🧩 Integrations

wmi

Validation Name	Details
⚠️ SSL Integration Validation	WMI is missing a 'Verify SSL' parameter

v_sphere

Validation Name	Details
⚠️ SSL Integration Validation	VSphere is missing a 'Verify SSL' parameter

fire_eye_hx

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in FireEye HX must be a boolean true

trend_micro_apex_central

Validation Name

Details

⚠️ Fields Validation

Action Parameter name: Expire In (Days) does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

cb_enterprise_edr

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in VMware Carbon Black Enterprise EDR must be a boolean true

mc_afee_active_response

Validation Name	Details
⚠️ SSL Integration Validation	McAfee Active Response is missing a 'Verify SSL' parameter

lastline

Validation Name

Details

⚠️ Fields Validation

Action Parameter name: Wait for the report? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Wait for the report? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

anomali

Validation Name	Details
⚠️ SSL Integration Validation	Anomali is missing a 'Verify SSL' parameter

observe_it

Validation Name	Details
⚠️ Mapping Rules Validation	'observe_it' has connectors but doesn't have default mapping rules
⚠️ SSL Connectors Validation	- ObserveIT - Alerts Connector is missing a 'Verify SSL' parameter

fire_eye_ex

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in FireEye EX must be a boolean true
⚠️ Connectors Documentation Link Validation	Integration 'fire_eye_ex' contains connectors with missing documentation link: - FireEye EX - Alerts Connector

log_point

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Logpoint - Incidents Connector must be a boolean true
⚠️ Connectors Documentation Link Validation	Integration 'log_point' contains connectors with missing documentation link: - Logpoint - Incidents Connector

ca_service_desk

Validation Name	Details
⚠️ SSL Integration Validation	CA Service Desk Manager is missing a 'Verify SSL' parameter
⚠️ SSL Connectors Validation	- CA Service Desk Connector is missing a 'Verify SSL' parameter
⚠️ Connectors Documentation Link Validation	Integration 'ca_service_desk' contains connectors with missing documentation link: - CA Service Desk Connector

f5_big_iq

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in F5 Big IQ must be a boolean true

illusive_networks

Validation Name	Details
⚠️ Mapping Rules Validation	'illusive_networks' has connectors but doesn't have default mapping rules
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Illusive Networks must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Illusive Networks - Incidents Connector must be a boolean true

varonis_data_security_platform

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Varonis Data Security Platform must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Varonis Data Security Platform Alerts Connector must be a boolean true

cisco_threat_grid

Validation Name	Details
⚠️ SSL Integration Validation	Cisco Threat Grid is missing a 'Verify SSL' parameter

fortigate

Validation Name	Details
⚠️ Mapping Rules Validation	'fortigate' has connectors but doesn't have default mapping rules

virus_total

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in VirusTotal must be a boolean true

armis

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Armis - Alerts Connector must be a boolean true

trend_micro_deep_security

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Trend Micro Deep Security must be a boolean true

bulk_who_is

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in BulkWhoIs must be a boolean true

cisco_ise

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Cisco ISE must be a boolean true

mc_afee_epo

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in McAfeeEPO must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in McAfee ePO - Threats Connector must be a boolean true

wildfire

Validation Name	Details
⚠️ SSL Integration Validation	Palo Alto Wildfire is missing a 'Verify SSL' parameter

f5_bigip_access_policy_manager

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in F5 BIG-IP Access Policy Manager must be a boolean true

check_point_firewall

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Check Point Firewall must be a boolean true

anomali_staxx

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Anomali Staxx - Indicators Connector must be a boolean true

google_grr

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Google Rapid Response (GRR) must be a boolean true

falcon_sandbox

Validation Name	Details
⚠️ SSL Integration Validation	Falcon Sandbox is missing a 'Verify SSL' parameter

check_point_threat_reputation

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in CheckPoint Threat Reputation must be a boolean true
⚠️ Fields Validation	Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Insight? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

outpost24

Validation Name	Details
⚠️ Mapping Rules Validation	'outpost24' has connectors but doesn't have default mapping rules

websense

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Websense must be a boolean true

blue_liv

Validation Name	Details
⚠️ Mapping Rules Validation	'blue_liv' has connectors but doesn't have default mapping rules
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in BlueLiv - Threats Connector must be a boolean true

devo

Validation Name	Details
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Devo Alerts Connector must be a boolean true

symantec_blue_coat_proxy_sg

Validation Name	Details
⚠️ SSL Integration Validation	Symantec Blue Coat ProxySG is missing a 'Verify SSL' parameter

check_point_cloud_guard

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Check Point CloudGuard must be a boolean true
⚠️ Connectors Documentation Link Validation	Integration 'check_point_cloud_guard' contains connectors with missing documentation link: - Check Point Cloud Guard - Alerts Connector

harmony_mobile

Validation Name	Details
⚠️ Mapping Rules Validation	'harmony_mobile' has connectors but doesn't have default mapping rules

digital_shadows

Validation Name	Details
⚠️ SSL Integration Validation	DigitalShadows is missing a 'Verify SSL' parameter

exchange_extension_pack

Validation Name	Details
⚠️ SSL Integration Validation	Exchange Extension Pack is missing a 'Verify SSL' parameter
⚠️ Fields Validation	Action Parameter name: Time Frame (hours) does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Fetch Compliance Search Results? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Case Wall Output Table? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Should add senders' domain to the corresponding Domains List rule as well? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Should remove senders' domains from the corresponding Domains List rule as well? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Remove Compliance Search Once Action Completes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Create Case Wall Output Table? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Perform a HardDelete for deleted emails? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Remove Compliance Search Once Action Completes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

cylance

Validation Name	Details
⚠️ SSL Integration Validation	Cylance is missing a 'Verify SSL' parameter
⚠️ SSL Connectors Validation	- Cylance connector is missing a 'Verify SSL' parameter

cb_defense

Validation Name	Details
⚠️ SSL Integration Validation	Carbon Black Defense is missing a 'Verify SSL' parameter

cynet

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Cynet must be a boolean true

talos

Validation Name	Details
⚠️ SSL Integration Validation	Talos ThreatSource is missing a 'Verify SSL' parameter

mc_afee_atd

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in McAfee ATD must be a boolean true

cb_response

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Carbon Black Response must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Carbon Black Response Connector must be a boolean true

fortinet_forti_siem

Validation Name	Details
⚠️ Mapping Rules Validation	'fortinet_forti_siem' has connectors but doesn't have default mapping rules

mc_afee_mvision_edr

Validation Name	Details
⚠️ Mapping Rules Validation	'mc_afee_mvision_edr' has connectors but doesn't have default mapping rules

auto_focus

Validation Name	Details
⚠️ SSL Integration Validation	Palo Alto AutoFocus is missing a 'Verify SSL' parameter

humio

Validation Name	Details
⚠️ Mapping Rules Validation	'humio' has connectors but doesn't have default mapping rules

cb_live_response

Validation Name	Details
⚠️ SSL Integration Validation	VMware Carbon Black Endpoint Standard Live Response is missing a 'Verify SSL' parameter

check_point_sand_blast

Validation Name	Details
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Check Point SandBlast must be a boolean true

active_directory

Validation Name	Details
⚠️ SSL Integration Validation	Active Directory is missing a 'Verify SSL' parameter
⚠️ Fields Validation	Action Parameter name: Should Case Wall Table be filtered by the specified Attributes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds) Action Parameter name: Should JSON result be filtered by the specified Attributes? does not match the regex: ^[a-zA-Z0-9-'\s]+$|Verify SSL Ceritifcate?|Git Password/Token/SSH Key|EML/MSG Base64 String|Country(For multiple countries, provide comma-separated values)|Entity Identifier(s)|logzio_security_token|logzio_region|minimum_score|api_token|eyeglass_ip|API_Key|Alert_ID|Queue_State|logzio_operations_token|logzio_custom_endpoint|api_key|fields_to_search|severity_threshold|Entity Identifier(s) Type|Target Entity Identifier(s)|IOC_Enrichment|SLA (in minutes)|raw_json|alert_event_id|Additional_Data|page_size|sort_by|Data_Range|Incident_Key|Team_IDS|User_IDS|Service_IDS|Entity_State|Incidents_Statuses|from_time|to_time|Incident_ID|from_date|logzio_token|search_term|Ingest\ only\ alerts\ that\ have\ “is_security”\ attribute\ set\ to\ True?|Ingest\ only\ alerts\ that\ have\ “is_incident”\ attribute\ set\ to\ True?|Fetch\ Backwards\ Time\ Interval\ (minutes)|Events\ Padding\ Period\ (hours)|Is\ Exchange\ On-Prem?|Is\ Office365\ (Exchange\ Online)?|Extract\ urls\ from\ HTML\ email\ part?|Create\ a\ Separate\ Siemplify\ Alert\ per\ Attached\ Mail\ File?|Email\ Padding\ Period\ (minutes)|Tenant\ (Directory)\ ID|Should\ ingest\ only\ starred\ threats?|Should\ ingest\ threats\ related\ to\ incidents?|Use\ the\ same\ approach\ with\ event\ creation\ for\ all\ alert\ types?|Enable\ Fallback\ Logic\ Debug?|Create\ Chronicle\ SOAR\ Alerts\ for\ Sentinel\ incidents\ that\ do\ not\ have\ entities?|Incidents\ Padding\ Period\ (minutes)|Wait\ For\ Scheduled/NRT\ Alert\ Object|Api_Key|Fetch\ Private\ Notes?|Offenses\ Creation\ Timer\ (minutes)|What\ Value\ to\ use\ for\ the\ Name\ Field\ of\ Siemplify\ Alert?|What\ Value\ to\ use\ for\ the\ Rule\ Generator\ Field\ of\ Siemplify\ Alert?|Mask\ findings?|Events\ Padding\ Period\ (minutes)|Track\ New\ Events\ Threshold\ (hours)|Token\ Timeout\ (in\ Seconds)|Script\ Timeout\ (Seconds)

site24x7

Validation Name	Details
⚠️ Mapping Rules Validation	'site24x7' has connectors but doesn't have default mapping rules

cyberint

Validation Name	Details
⚠️ Mapping Rules Validation	'cyberint' has connectors but doesn't have default mapping rules

fire_eye_etp

Validation Name	Details
⚠️ Mapping Rules Validation	'fire_eye_etp' has connectors but doesn't have default mapping rules