chronicle · haggit-eliyahu · Apr 19, 2026 · Apr 19, 2026 · Apr 20, 2026 · Apr 23, 2026
@@ -0,0 +1 @@
+3.11
@@ -0,0 +1,61 @@
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import annotations
+from soar_sdk.SiemplifyUtils import output_handler
+from soar_sdk.SiemplifyAction import SiemplifyAction
+from ..core.F5BigIQManager import F5BigIQManager
+from TIPCommon import extract_configuration_param
+
+# consts
+f5_big_iq_provider = "F5BigIQ"
+SCRIPT_NAME = "Change Policy Enforcement Mode"
+
+
+@output_handler
+def main():
+
+    siemplify = SiemplifyAction()
+    siemplify.script_name = SCRIPT_NAME
+    # configuration.
+    config = siemplify.get_configuration(f5_big_iq_provider)
+    host_address = config["Server Address"]
+    username = config["Username"]
+    password = config["Password"]
+    verify_ssl = extract_configuration_param(
+        siemplify,
+        provider_name=f5_big_iq_provider,
+        param_name="Verify SSL",
+        default_value=False,
+        input_type=bool,
+    )
+    f5_bigiq_manager = F5BigIQManager(host_address, username, password, verify_ssl)
+
+    # parameters.
+    policy_id = siemplify.parameters["Policy ID"]
+    enforcement_mode = siemplify.parameters["Enforcement Mode"]
+
+    # get event logs result.
+    result_value = f5_bigiq_manager.change_policy_enforcement_mode(
+        policy_id, enforcement_mode
+    )
+    output_message = (
+        f"Policy with ID:{policy_id} enforcement mode changed to: {enforcement_mode}"
+    )
+
+    siemplify.end(output_message, result_value)
+
+
+if __name__ == "__main__":
+    main()
@@ -0,0 +1,31 @@
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: Change Policy Enforcement Mode
+description: Change the enforcement mode of a policy by its ID
+documentation_link: https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/f5-big-iq#change_policy_enforcement_mode
+integration_identifier: F5BigIQ
+parameters:
+-   name: Policy ID
+    default_value: ''
+    type: string
+    description: Policy ID
+    is_mandatory: true
+-   name: Enforcement Mode
+    default_value: ''
+    type: string
+    description: e.g. blocking
+    is_mandatory: true
+dynamic_results_metadata: []
+creator: admin
@@ -0,0 +1,65 @@
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import annotations
+from soar_sdk.SiemplifyUtils import output_handler
+from soar_sdk.SiemplifyAction import SiemplifyAction
+from ..core.F5BigIQManager import F5BigIQManager
+from TIPCommon import extract_configuration_param
+import json
+
+# consts
+F5_BIG_IQ_PROVIDER = "F5BigIQ"
+SCRIPT_NAME = "Get Event Logs By Blocking ID"
+
+
+@output_handler
+def main():
+
+    # define variables.
+    result_value = False
+    siemplify = SiemplifyAction()
+    siemplify.script_name = SCRIPT_NAME
+    # configuration.
+    config = siemplify.get_configuration(F5_BIG_IQ_PROVIDER)
+    host_address = config["Server Address"]
+    username = config["Username"]
+    password = config["Password"]
+    verify_ssl = extract_configuration_param(
+        siemplify,
+        provider_name=F5_BIG_IQ_PROVIDER,
+        param_name="Verify SSL",
+        default_value=False,
+        input_type=bool,
+    )
+    f5_bigiq_manager = F5BigIQManager(host_address, username, password, verify_ssl)
+
+    # parameters.
+    block_id = siemplify.parameters["Blocking ID"]
+
+    # get event logs result.
+    event_logs = f5_bigiq_manager.get_event_logs_by_blocking_id(block_id)
+
+    if event_logs:
+        siemplify.result.add_json(f"Event Logs For: {block_id}", json.dumps(event_logs))
+        output_message = f"Found event logs for blocking ID: {block_id}"
+        result_value = True
+    else:
+        output_message = f"No event logs were found for blocking ID:{block_id}"
+
+    siemplify.end(output_message, result_value)
+
+
+if __name__ == "__main__":
+    main()
@@ -0,0 +1,26 @@
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: Get Event Logs By Blocking ID
+description: Get event logs by its blocking ID
+documentation_link: https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/f5-big-iq#get_event_logs_by_blocking_id
+integration_identifier: F5BigIQ
+parameters:
+-   name: Blocking ID
+    default_value: ''
+    type: string
+    description: Blocking ID
+    is_mandatory: true
+dynamic_results_metadata: []
+creator: admin
@@ -0,0 +1,58 @@
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import annotations
+from soar_sdk.SiemplifyUtils import output_handler
+from soar_sdk.SiemplifyAction import SiemplifyAction
+from ..core.F5BigIQManager import F5BigIQManager
+from TIPCommon import extract_configuration_param
+
+# consts
+F5_BIG_IQ_PROVIDER = "F5BigIQ"
+SCRIPT_NAME = "Get Event Logs By Blocking ID"
-SCRIPT_NAME = "Get Event Logs By Blocking ID"
+SCRIPT_NAME = "Ping"
-SCRIPT_NAME = "Get Event Logs By Blocking ID"
+SCRIPT_NAME = "Ping"
+
+
+@output_handler
+def main():
+
+    # define variables.
+    siemplify = SiemplifyAction()
+    siemplify.script_name = SCRIPT_NAME
+    # configuration.
+    config = siemplify.get_configuration(F5_BIG_IQ_PROVIDER)
+    host_address = config["Server Address"]
+    username = config["Username"]
+    password = config["Password"]
+    verify_ssl = extract_configuration_param(
+        siemplify,
+        provider_name=F5_BIG_IQ_PROVIDER,
+        param_name="Verify SSL",
-        param_name="Verify SSL",
+        default_value=True,
-        param_name="Verify SSL",
+        default_value=True,
+        default_value=False,
+        input_type=bool,
+    )
+
+    f5_bigiq_manager = F5BigIQManager(host_address, username, password, verify_ssl)
+
+    if f5_bigiq_manager:
+        output_message = "Connection Established"
+        result_value = True
+    else:
+        output_message = "Connection Failed"
+        result_value = False
+
+    siemplify.end(output_message, result_value)
-    f5_bigiq_manager = F5BigIQManager(host_address, username, password, verify_ssl)
-
-    if f5_bigiq_manager:
-        output_message = "Connection Established"
-        result_value = True
-    else:
-        output_message = "Connection Failed"
-        result_value = False
-
-    siemplify.end(output_message, result_value)
+    try:
+        f5_bigiq_manager = F5BigIQManager(host_address, username, password, verify_ssl)
+        output_message = "Successfully connected to the F5 Big IQ server with the provided connection parameters!"
+        result_value = True
+    except Exception as e:
+        output_message = f"Failed to connect to the F5 Big IQ server! Error is {e}"
+        result_value = False
+
+    siemplify.end(output_message, result_value)
-    f5_bigiq_manager = F5BigIQManager(host_address, username, password, verify_ssl)
-
-    if f5_bigiq_manager:
-        output_message = "Connection Established"
-        result_value = True
-    else:
-        output_message = "Connection Failed"
-        result_value = False
-
-    siemplify.end(output_message, result_value)
+    try:
+        f5_bigiq_manager = F5BigIQManager(host_address, username, password, verify_ssl)
+        output_message = "Successfully connected to the F5 Big IQ server with the provided connection parameters!"
+        result_value = True
+    except Exception as e:
+        output_message = f"Failed to connect to the F5 Big IQ server! Error is {e}"
+        result_value = False
+
+    siemplify.end(output_message, result_value)
+
+
+if __name__ == "__main__":
+    main()
@@ -0,0 +1,21 @@
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: Ping
+description: Big IQ connectivity test
+documentation_link: https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/f5-big-iq#ping
+integration_identifier: F5BigIQ
+parameters: []
+dynamic_results_metadata: []
+creator: admin
@@ -0,0 +1,14 @@
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+