Skip to content

XDR Detection and Indicators new commands#42917

Open
noydavidi wants to merge 30 commits intomasterfrom
xdr-detection-and-indicators--new-commands
Open

XDR Detection and Indicators new commands#42917
noydavidi wants to merge 30 commits intomasterfrom
xdr-detection-and-indicators--new-commands

Conversation

@noydavidi
Copy link
Contributor

@noydavidi noydavidi commented Feb 4, 2026
edited
Loading

Added new commands:

  • xdr-bioc-list
  • xdr-bioc-create
  • xdr-bioc-update
  • xdr-bioc-delete
  • xdr-correlation-rule-list
  • xdr-correlation-rule-create
  • xdr-correlation-rule-update
  • xdr-correlation-rule-delete

Status

  • In Progress
  • Ready
  • In Hold - (Reason for hold)

Related Issues

related: link to the issue

Must have

  • Tests
  • Documentation

@content-bot
Copy link
Contributor

content-bot commented Feb 4, 2026

🤖 AI-Powered Code Review Available

You can leverage AI-powered code review to assist with this PR!

Available Commands:

  • @content-bot start review - Initiate a full AI code review
  • @content-bot re-review - Incremental review for new commits

@github-actions
Copy link

github-actions bot commented Feb 4, 2026
edited
Loading

Coverage

Coverage Report
FileStmtsMissCoverMissing
Packs/CortexXDR/Integrations/CortexXDRIR
   CortexXDRIR.py106814186%64, 72, 76–78, 166–167, 250–254, 256, 258, 261, 266, 293–297, 299, 306–309, 328, 331, 337, 340, 373–377, 379, 387, 389, 391–394, 397–401, 403, 525–528, 530, 575, 580, 583, 588, 591, 596, 599, 604, 607, 612, 615, 620, 623–624, 628–630, 633, 638, 641, 645, 648, 652, 655, 660, 663, 669, 674, 677, 757, 804–805, 824, 834, 899, 902, 935, 942, 944, 1008–1009, 1011, 1062, 1143, 1264–1265, 1268, 1318–1319, 1340, 1381–1384, 1440, 1457–1459, 1464, 1469, 1497–1500, 1532, 1548, 1656–1657, 1759–1760, 1839–1840, 1933–1934, 1959–1960, 2088–2089, 2220–2221, 2269–2272, 2284, 2286, 2338–2339
TOTAL106814186% 

Tests Skipped Failures Errors Time
145 0 💤 0 ❌ 0 🔥 18.177s ⏱️

@noydavidi noydavidi added the ready-for-pipeline-running Whether the pr is ready for running the whole pipeline, including testing on SAAS machines label Feb 4, 2026
@noydavidi noydavidi removed the request for review from JudahSchwartz February 4, 2026 09:43
@noydavidi noydavidi added the ready-for-ai-review The PR is ready for reviewing the PR with the AI Reviewer. label Feb 4, 2026
@content-bot content-bot removed the ready-for-ai-review The PR is ready for reviewing the PR with the AI Reviewer. label Feb 4, 2026
@content-bot
Copy link
Contributor

content-bot commented Feb 4, 2026

🤖 Content AI Reviewer: Analysis started. Please wait for results...

@content-bot
Copy link
Contributor

content-bot commented Feb 4, 2026

Review not published as no human-reviewer was assigned as reviewer.

@noydavidi noydavidi added ready-for-ai-review The PR is ready for reviewing the PR with the AI Reviewer. and removed ready-for-pipeline-running Whether the pr is ready for running the whole pipeline, including testing on SAAS machines labels Feb 4, 2026
@content-bot
Copy link
Contributor

content-bot commented Feb 4, 2026

Validate summary
The following errors were reported as warnings: DO106.
The following errors were thrown as a part of this pr: DS108.
The following errors can be ignored: DS108.
If the AG100 validation in the pre-commit GitHub Action fails, the pull request cannot be force-merged.
The following errors don't run as part of the nightly flow and therefore can be force merged: DS108.

Verdict: PR can be force merged from validate perspective? ✅

@content-bot content-bot removed the ready-for-ai-review The PR is ready for reviewing the PR with the AI Reviewer. label Feb 4, 2026
@content-bot
Copy link
Contributor

content-bot commented Feb 4, 2026

🤖 Content AI Reviewer: Analysis started. Please wait for results...

@content-bot
Copy link
Contributor

content-bot commented Feb 4, 2026

🤖 Content-bot Review Disclaimer

This review was generated by an AI-powered tool and may contain inaccuracies. Please be advised, and we extend our sincere apologies for any inconvenience this may cause.

content-bot
content-bot reviewed Feb 4, 2026
View reviewed changes
Copy link
Contributor

@content-bot content-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi there! Thanks for the updates to the Cortex XDR integration. I've reviewed the code and found a few areas that need attention.

Could you please look into adding error handling for JSON parsing and ensuring consistent request wrapping in the Python code? Additionally, there are some discrepancies between the YAML context keys and the actual Python output, along with a few argument type definitions that need standardization. Finally, please double-check the documentation for copy-paste errors and ensure critical arguments are marked as required to prevent safety issues.

Great work so far!

@jlevypaloalto please review and approve the results generated by the AI Reviewer by responding 👍 on this comment.

@noydavidi noydavidi added the ready-for-pipeline-running Whether the pr is ready for running the whole pipeline, including testing on SAAS machines label Feb 5, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@content-bot content-bot content-bot left review comments

@jlevypaloalto jlevypaloalto Awaiting requested review from jlevypaloalto

At least 1 approving review is required to merge this pull request.

Assignees

@talihaff talihaff

Labels

ready-for-pipeline-running Whether the pr is ready for running the whole pipeline, including testing on SAAS machines

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@noydavidi @content-bot @talihaff