diff --git a/Packs/VectraXDR/Integrations/VectraXDR/README.md b/Packs/VectraXDR/Integrations/VectraXDR/README.md
index e379724191cc..5fe41f830f9e 100644
--- a/Packs/VectraXDR/Integrations/VectraXDR/README.md
+++ b/Packs/VectraXDR/Integrations/VectraXDR/README.md
@@ -443,7 +443,7 @@ Describes an entity by ID.
| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
-| entity_id | Specify the id of the entity. | Required |
+| entity_id | Specify the ID of the entity. | Required |
| entity_type | Specify the type of the entity. Possible values are: host and account. | Required |
#### Context Output
@@ -546,7 +546,7 @@ Returns a list of detections for a specified entity.
| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
-| entity_id | Specify the id of the entity. | Required |
+| entity_id | Specify the ID of the entity. | Required |
| entity_type | Specify the type of the entity. Possible values are: account, host. | Required |
| page | Enables the caller to specify a particular page of results. Default is 1. | Optional |
| page_size | Specify the desired page size for the request. Maximum is 5000. Default is 50. | Optional |
@@ -1237,7 +1237,7 @@ Add a note to the entity.
| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
-| entity_id | Specify the id of the entity. | Required |
+| entity_id | Specify the ID of the entity. | Required |
| entity_type | Specify the type of the entity. Possible values are: account, host. | Required |
| note | Note to be added in the specified entity_id. | Required |
@@ -1277,6 +1277,60 @@ Add a note to the entity.
>
>Returned Note ID: **19**
+### vectra-detection-note-add
+
+***
+Add a note to the detection.
+
+#### Base Command
+
+`vectra-detection-note-add`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| detection_id | Specify the ID of the detection. | Required |
+| note | Note to be added in the specified detection_id. | Required |
+
+#### Context Output
+
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| Vectra.Detection.Notes.detection_id | String | ID of the detection associated with the note. |
+| Vectra.Detection.Notes.note_id | Number | ID of the note. |
+| Vectra.Detection.Notes.id | Number | ID of the note. |
+| Vectra.Detection.Notes.date_created | Date | Date when the note was created. |
+| Vectra.Entity.Notes.date_modified | Unknown | Date when the note was last modified. |
+| Vectra.Detection.Notes.created_by | String | User who created the note. |
+| Vectra.Detection.Notes.modified_by | String | User who last modified the note. |
+| Vectra.Detection.Notes.note | String | Content of the note. |
+
+#### Command example
+
+```!vectra-detection-note-add detection_id=1 note="test note"```
+
+#### Context Example
+
+```json
+{
+ "Vectra.Detection.Notes(val.detection_id && val.detection_id == obj.detection_id && val.note_id && val.note_id == obj.note_id)": {
+ "date_created": "2023-06-21T06:19:15.224449Z",
+ "created_by": "test_user",
+ "note": "test note",
+ "note_id": 19,
+ "id": 19,
+ "detection_id": 1
+ }
+}
+```
+
+#### Human Readable Output
+
+>##### The note has been successfully added to the detection
+>
+>Returned Note ID: **19**
+
### vectra-entity-note-update
***
@@ -1290,7 +1344,7 @@ Update a note in the entity.
| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
-| entity_id | Specify the id of the entity. | Required |
+| entity_id | Specify the ID of the entity. | Required |
| entity_type | Specify the type of the entity. Possible values are: account, host. | Required |
| note_id | Specify the ID of the note. | Required |
| note | Note to be updated for the specified note_id. | Required |
@@ -1331,6 +1385,61 @@ Update a note in the entity.
>##### The note has been successfully updated in the entity
+### vectra-detection-note-update
+
+***
+Update a note in the detection.
+
+#### Base Command
+
+`vectra-detection-note-update`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| detection_id | Specify the ID of the detection. | Required |
+| note_id | Specify the ID of the note. | Required |
+| note | Note to be updated for the specified note_id. | Required |
+
+#### Context Output
+
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| Vectra.Detection.Notes.detection_id | String | ID of the detection associated with the note. |
+| Vectra.Detection.Notes.note_id | Number | ID of the note. |
+| Vectra.Detection.Notes.id | Number | ID of the note. |
+| Vectra.Detection.Notes.date_created | Date | Date when the note was created. |
+| Vectra.Detection.Notes.date_modified | Date | Date when the note was last modified. |
+| Vectra.Detection.Notes.created_by | String | User who created the note. |
+| Vectra.Detection.Notes.modified_by | String | User who last modified the note. |
+| Vectra.Detection.Notes.note | String | Content of the note. |
+
+#### Command example
+
+```!vectra-detection-note-update detection_id=1 note_id=1 note="note modified"```
+
+#### Context Example
+
+```json
+{
+ "Vectra.Detection.Notes(val.detection_id && val.detection_id == obj.detection_id && val.note_id && val.note_id == obj.note_id)": {
+ "date_created": "2023-06-16T04:55:58Z",
+ "date_modified": "2023-06-22T04:57:09Z",
+ "created_by": "test_user",
+ "modified_by": "test_user",
+ "note": "note modified",
+ "note_id": 8,
+ "id": 8,
+ "detection_id": 1
+ }
+}
+```
+
+#### Human Readable Output
+
+>##### The note has been successfully updated in the detection
+
### vectra-entity-note-remove
***
@@ -1366,127 +1475,122 @@ There is no context output for this command.
>##### The note has been successfully removed from the entity
-### vectra-entity-tag-add
+### vectra-detection-note-remove
***
-Add tags in the entity.
+Remove a note from the detection.
#### Base Command
-`vectra-entity-tag-add`
+`vectra-detection-note-remove`
#### Input
| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
-| entity_id | Specify the id of the entity. | Required |
-| entity_type | Specify the type of the entity. Possible values are: host, account. | Required |
-| tags | Comma-separated values of tags to be included in the entity. | Required |
+| detection_id | Specify the ID of the detection. | Required |
+| note_id | Specify the ID of the note. | Required |
#### Context Output
-| **Path** | **Type** | **Description** |
-| --- | --- | --- |
-| Vectra.Entity.Tags.tag_id | String | ID of the tag. |
-| Vectra.Entity.Tags.entity_id | String | ID of the entity associated with the tag. |
-| Vectra.Entity.Tags.entity_type | String | Type of the entity. |
-| Vectra.Entity.Tags.tags | Unknown | A list of tags linked to an entity. |
+There is no context output for this command.
-#### Command example
+#### Command Example
-```!vectra-entity-tag-add entity_id=1 entity_type=host tags="tag1, tag2"```
+```!vectra-detection-note-remove note_id=1"```
#### Context Example
```json
-{
- "Vectra.Entity.Tags(val.tag_id && val.tag_id == obj.tag_id && val.entity_type && val.entity_type == obj.entity_type)": {
- "tag_id": "1",
- "tags": [
- "tag1",
- "tag2"
- ],
- "entity_type": "host",
- "entity_id": 1
- }
-}
+{}
```
#### Human Readable Output
->##### Tags have been successfully added to the entity
->
->Updated list of tags: **tag1**, **tag2**
+>##### The note has been successfully removed from the detection
-### vectra-entity-tag-list
+### vectra-detections-mark-fixed
***
-Returns a list of tags for a specified entity.
+Mark detection as fixed with provided detection IDs in argument.
#### Base Command
-`vectra-entity-tag-list`
+`vectra-detections-mark-fixed`
#### Input
| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
-| entity_id | Specify the id of the entity. | Required |
-| entity_type | Specify the type of the entity. Possible values are: host, account. | Required |
+| detection_ids | Provide a list of detection IDs separated by commas or a single detection ID. | Required |
#### Context Output
-| **Path** | **Type** | **Description** |
+There is no context output for this command.
+
+#### Command Example
+
+```!vectra-detections-mark-fixed detection_ids=1,2,3```
+
+#### Context Example
+
+```json
+{}
+```
+
+#### Human Readable Output
+
+>##### The provided detection IDs have been successfully marked as fixed
+
+### vectra-detections-unmark-fixed
+
+***
+Unmark detection as fixed with provided detection IDs in argument.
+
+#### Base Command
+
+`vectra-detections-unmark-fixed`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
-| Vectra.Entity.Tags.tag_id | String | ID of the tag. |
-| Vectra.Entity.Tags.entity_id | String | ID of the entity associated with the tag. |
-| Vectra.Entity.Tags.entity_type | String | Type of the entity. |
-| Vectra.Entity.Tags.tags | Unknown | A list of tags linked to an entity. |
+| detection_ids | Provide a list of detection IDs separated by commas or a single detection ID. | Required |
-#### Command example
+#### Context Output
-```!vectra-entity-tag-list entity_id=1 entity_type=host```
+There is no context output for this command.
+
+#### Command Example
+
+```!vectra-detections-unmark-fixed detection_ids=1,2,3```
#### Context Example
```json
-{
- "Vectra": {
- "Entity": {
- "Tags": {
- "tag_id": "1",
- "tags": [
- "tag1",
- "tag2"
- ],
- "entity_type": "host",
- "entity_id": 1
- }
- }
- }
-}
+{}
```
#### Human Readable Output
->##### List of tags: **tag1**, **tag2**
+>##### The provided detection IDs have been successfully unmarked as fixed
-### vectra-entity-tag-remove
+### vectra-entity-tag-add
***
-Remove tags from the entity.
+Add tags in the entity.
#### Base Command
-`vectra-entity-tag-remove`
+`vectra-entity-tag-add`
#### Input
| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
-| entity_id | Specify the id of the entity. | Required |
+| entity_id | Specify the ID of the entity. | Required |
| entity_type | Specify the type of the entity. Possible values are: host, account. | Required |
-| tags | Comma-separated values of tags to be removed from the entity. | Required |
+| tags | Comma-separated values of tags to be included in the entity. | Required |
#### Context Output
@@ -1499,15 +1603,18 @@ Remove tags from the entity.
#### Command example
-```!vectra-entity-tag-remove entity_id=1 entity_type=host tags="tag2"```
+```!vectra-entity-tag-add entity_id=1 entity_type=host tags="tag1, tag2"```
#### Context Example
```json
{
- "Vectra.Entity.Tags(val.tag_id && val.tag_id == obj.tag_id && val.entity_type && val.entity_type == obj.entity_type && val.entity_id && val.entity_id == obj.entity_id)": {
+ "Vectra.Entity.Tags(val.tag_id && val.tag_id == obj.tag_id && val.entity_type && val.entity_type == obj.entity_type)": {
"tag_id": "1",
- "tags": ["tag1"],
+ "tags": [
+ "tag1",
+ "tag2"
+ ],
"entity_type": "host",
"entity_id": 1
}
@@ -1516,75 +1623,111 @@ Remove tags from the entity.
#### Human Readable Output
->##### Specified tags have been successfully removed for the entity
+>##### Tags have been successfully added to the entity
>
->Updated list of tags: **tag1**
+>Updated list of tags: **tag1**, **tag2**
-### vectra-detections-mark-fixed
+### vectra-entity-tag-remove
***
-Mark detection as fixed with provided detection IDs in argument.
+Remove tags from the entity.
#### Base Command
-`vectra-detections-mark-fixed`
+`vectra-entity-tag-remove`
#### Input
| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
-| detection_ids | Provide a list of detection IDs separated by commas or a single detection ID. | Required |
+| entity_id | Specify the ID of the entity. | Required |
+| entity_type | Specify the type of the entity. Possible values are: host, account. | Required |
+| tags | Comma-separated values of tags to be removed from the entity. | Required |
#### Context Output
-There is no context output for this command.
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| Vectra.Entity.Tags.tag_id | String | ID of the tag. |
+| Vectra.Entity.Tags.entity_id | String | ID of the entity associated with the tag. |
+| Vectra.Entity.Tags.entity_type | String | Type of the entity. |
+| Vectra.Entity.Tags.tags | Unknown | A list of tags linked to an entity. |
-#### Command Example
+#### Command example
-```!vectra-detections-mark-fixed detection_ids=1,2,3```
+```!vectra-entity-tag-remove entity_id=1 entity_type=host tags="tag2"```
#### Context Example
```json
-{}
+{
+ "Vectra.Entity.Tags(val.tag_id && val.tag_id == obj.tag_id && val.entity_type && val.entity_type == obj.entity_type && val.entity_id && val.entity_id == obj.entity_id)": {
+ "tag_id": "1",
+ "tags": ["tag1"],
+ "entity_type": "host",
+ "entity_id": 1
+ }
+}
```
#### Human Readable Output
->##### The provided detection IDs have been successfully marked as fixed
+>##### Specified tags have been successfully removed for the entity
+>
+>Updated list of tags: **tag1**
-### vectra-detections-unmark-fixed
+### vectra-entity-tag-list
***
-Unmark detection as fixed with provided detection IDs in argument.
+Returns a list of tags for a specified entity.
#### Base Command
-`vectra-detections-unmark-fixed`
+`vectra-entity-tag-list`
#### Input
| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
-| detection_ids | Provide a list of detection IDs separated by commas or a single detection ID. | Required |
+| entity_id | Specify the ID of the entity. | Required |
+| entity_type | Specify the type of the entity. Possible values are: host, account. | Required |
#### Context Output
-There is no context output for this command.
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| Vectra.Entity.Tags.tag_id | String | ID of the tag. |
+| Vectra.Entity.Tags.entity_id | String | ID of the entity associated with the tag. |
+| Vectra.Entity.Tags.entity_type | String | Type of the entity. |
+| Vectra.Entity.Tags.tags | Unknown | A list of tags linked to an entity. |
-#### Command Example
+#### Command example
-```!vectra-detections-unmark-fixed detection_ids=1,2,3```
+```!vectra-entity-tag-list entity_id=1 entity_type=host```
#### Context Example
```json
-{}
+{
+ "Vectra": {
+ "Entity": {
+ "Tags": {
+ "tag_id": "1",
+ "tags": [
+ "tag1",
+ "tag2"
+ ],
+ "entity_type": "host",
+ "entity_id": 1
+ }
+ }
+ }
+}
```
#### Human Readable Output
->##### The provided detection IDs have been successfully unmarked as fixed
+>##### List of tags: **tag1**, **tag2**
### vectra-entity-assignment-add
@@ -2402,7 +2545,7 @@ Returns a list of all groups.
| ips | Filter by IPs. Supports comma-separated values.
Note: Only valid when the group_type parameter is set to "ip". | Optional |
| description | Filter by group description. | Optional |
| last_modified_timestamp | Return only the groups which have a last modification timestamp equal to or after the given timestamp.
Supported formats: 2 minutes, 2 hours, 2 days, 2 weeks, 2 months, 2 years, yyyy-mm-dd, yyyy-mm-ddTHH:MM:SSZ.
For example: 01 May 2023, 01 Mar 2023 04:45:33, 2023-04-17T14:05:44Z. | Optional |
-| last_modified_by | Filters by the user id who made the most recent modification to the group. | Optional |
+| last_modified_by | Filters by the user ID who made the most recent modification to the group. | Optional |
| group_name | Filters by group name. | Optional |
#### Context Output
@@ -2934,3 +3077,102 @@ Remove tags from the detection.
>##### Specified tags have been successfully removed for the detection
>
>Updated list of tags: **tag**, **tag1**, **tag2**
+
+### vectra-detection-note-list
+
+***
+Returns a list of notes for a specified detection.
+
+#### Base Command
+
+`vectra-detection-note-list`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| detection_id | Specify the ID of the detection. | Required |
+
+#### Context Output
+
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| Vectra.Detection.Notes.note_id | Number | ID of the note. |
+| Vectra.Detection.Notes.id | Number | ID of the note. |
+| Vectra.Detection.Notes.date_created | Date | Date when the note was created. |
+| Vectra.Detection.Notes.date_modified | Date | Date when the note was last modified. |
+| Vectra.Detection.Notes.created_by | String | User who created the note. |
+| Vectra.Detection.Notes.modified_by | String | User who last modified the note. |
+| Vectra.Detection.Notes.note | String | Content of the note. |
+| Vectra.Detection.Notes.detection_id | String | ID of the detection associated with the note. |
+
+#### Command example
+
+```!vectra-detection-note-list detection_id=1```
+
+#### Context Example
+
+```json
+{
+ "Vectra": {
+ "Entity": {
+ "Notes": [
+ {
+ "created_by": "test_user@mail.com",
+ "date_created": "2023-08-25T07:09:08Z",
+ "detection_id": 1,
+ "id": 1070,
+ "modified_by": "test_user@mail.com",
+ "note": "From XSOAR",
+ "note_id": 1070
+ },
+ {
+ "created_by": "test_user@mail.com",
+ "date_created": "2023-08-25T07:08:58Z",
+ "detection_id": 1,
+ "id": 1069,
+ "modified_by": "test_user@mail.com",
+ "note": "Test note",
+ "note_id": 1069
+ },
+ {
+ "created_by": "api_client",
+ "date_created": "2023-08-16T05:23:33Z",
+ "detection_id": 1,
+ "id": 922,
+ "note": "[Mirrored From XSOAR] XSOAR Incident ID: 14228\n\nNote: **bold**\n\n_Italic_\n\n+Underline+\n\n~~strikethrough~~\n\nAdded By: admin",
+ "note_id": 922
+ }
+ ]
+ }
+ }
+}
+```
+
+### vectra-entity-reset-fetch
+
+***
+Resets the given entity to refetch incidents.
+
+#### Base Command
+
+`vectra-entity-reset-fetch`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| entity_id | Specify the ID of the entity. | Required |
+| entity_type | Specify the type of the entity. Possible values are: account, host. | Required |
+
+#### Context Output
+
+There is no context output for this command.
+
+#### Command example
+
+```!vectra-entity-reset-fetch entity_id=1 entity_type=host```
+
+#### Human Readable Output
+
+>Reset fetch status for 1-host
diff --git a/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR.py b/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR.py
index 58640aefb7a1..560660464ce0 100644
--- a/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR.py
+++ b/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR.py
@@ -84,7 +84,9 @@
"GROUP_ENDPOINT": "/api/v3.3/groups",
"ENTITY_ENDPOINT": "/api/v3.3/entities",
"DETECTION_ENDPOINT": "/api/v3.3/detections",
+ "ADD_AND_LIST_DETECTION_NOTE_ENDPOINT": "/api/v3.3/detections/{}/notes",
"ADD_AND_LIST_ENTITY_NOTE_ENDPOINT": "/api/v3.3/entities/{}/notes",
+ "UPDATE_AND_REMOVE_DETECTION_NOTE_ENDPOINT": "/api/v3.3/detections/{}/notes/{}",
"UPDATE_AND_REMOVE_ENTITY_NOTE_ENDPOINT": "/api/v3.3/entities/{}/notes/{}",
"ENTITY_TAG_ENDPOINT": "/api/v3.3/tagging/entity/{}",
"ASSIGNMENT_ENDPOINT": "/api/v3.3/assignments",
@@ -422,6 +424,23 @@ def list_entity_note_request(self, entity_id: int = None, entity_type: str = Non
)
return notes
+ def list_detection_note_request(self, detection_id: int = None) -> dict:
+ """
+ List detection notes.
+
+ Args:
+ detection_id (int): The ID of the detection to get the notes for.
+
+ Returns:
+ Dict: Response from the API.
+ """
+ notes = self.http_request(
+ method="GET",
+ url_suffix=ENDPOINTS["ADD_AND_LIST_DETECTION_NOTE_ENDPOINT"].format(detection_id),
+ response_type="json",
+ )
+ return notes
+
def add_entity_note_request(self, entity_id: int = None, entity_type: str = None, note: str = None) -> dict:
"""
Add a note to an entity.
@@ -445,6 +464,26 @@ def add_entity_note_request(self, entity_id: int = None, entity_type: str = None
)
return notes
+ def add_detection_note_request(self, detection_id: int = None, note: str = None) -> dict:
+ """
+ Add a note to a detection.
+
+ Args:
+ detection_id (int): The ID of the detection to add the note to.
+ note (str): The note to add.
+
+ Returns:
+ Dict: Response from the API containing the added note.
+ """
+ data = {"note": note}
+ notes = self.http_request(
+ method="POST",
+ url_suffix=ENDPOINTS["ADD_AND_LIST_DETECTION_NOTE_ENDPOINT"].format(detection_id),
+ data=data,
+ response_type="json",
+ )
+ return notes
+
def update_entity_note_request(
self, entity_id: int = None, entity_type: str = None, note: str = None, note_id: int = None
) -> dict:
@@ -471,6 +510,27 @@ def update_entity_note_request(
)
return notes
+ def update_detection_note_request(self, detection_id: int = None, note: str = None, note_id: int = None) -> dict:
+ """
+ Updates the note of a detection.
+
+ Args:
+ detection_id (int): The ID of the detection to update the note for.
+ note (str): The updated note for the detection.
+ note_id (int): The ID of the note to be updated.
+
+ Returns:
+ Dict: Response from the API containing the updated note details.
+ """
+ data = {"note": note}
+ notes = self.http_request(
+ method="PATCH",
+ url_suffix=ENDPOINTS["UPDATE_AND_REMOVE_DETECTION_NOTE_ENDPOINT"].format(detection_id, note_id),
+ data=data,
+ response_type="json",
+ )
+ return notes
+
def remove_entity_note_request(self, entity_id: int = None, entity_type: str = None, note_id: int = None):
"""
Removes a note from an entity.
@@ -492,6 +552,24 @@ def remove_entity_note_request(self, entity_id: int = None, entity_type: str = N
)
return res
+ def remove_detection_note_request(self, detection_id: int = None, note_id: int = None):
+ """
+ Removes a note from a detection.
+
+ Args:
+ detection_id (int): The ID of the detection to remove the note from.
+ note_id (int): The ID of the note to be removed.
+
+ Returns:
+ Dict: Response from the API confirming the removal of the note.
+ """
+ res = self.http_request(
+ method="DELETE",
+ url_suffix=ENDPOINTS["UPDATE_AND_REMOVE_DETECTION_NOTE_ENDPOINT"].format(detection_id, note_id),
+ response_type="response",
+ )
+ return res
+
def update_entity_tags_request(self, entity_id: int = None, entity_type: str = None, tags: List = None) -> dict:
"""
Update tags to an entity.
@@ -1063,6 +1141,21 @@ def validate_entity_note_list_command_args(args: dict[Any, Any]):
raise ValueError(ERRORS["INVALID_COMMAND_ARG_VALUE"].format("entity_type", ", ".join(VALID_ENTITY_TYPE)))
+def validate_detection_note_list_command_args(args: dict[Any, Any]):
+ """
+ Validates the arguments provided for the detection note list command.
+
+ Args:
+ args (dict[Any, Any]): The arguments dictionary.
+
+ Raises:
+ ValueError: If any of the arguments are invalid.
+ """
+ detection_id = args.get("detection_id")
+ # Validate detection_id value
+ validate_positive_integer_arg(detection_id, arg_name="detection_id", required=True)
+
+
def validate_entity_note_add_command_args(args: dict[Any, Any]):
"""
Validates the arguments provided for the entity note add command.
@@ -1088,6 +1181,25 @@ def validate_entity_note_add_command_args(args: dict[Any, Any]):
raise ValueError(ERRORS["REQUIRED_ARGUMENT"].format("note"))
+def validate_detection_note_add_command_args(args: dict[Any, Any]):
+ """
+ Validates the arguments provided for the detection note add command.
+
+ Args:
+ args (dict[Any, Any]): The arguments dictionary.
+
+ Raises:
+ ValueError: If any of the arguments are invalid.
+ """
+ note = args.get("note")
+ detection_id = args.get("detection_id")
+ # Validate detection_id value
+ validate_positive_integer_arg(detection_id, arg_name="detection_id", required=True)
+
+ if not note:
+ raise ValueError(ERRORS["REQUIRED_ARGUMENT"].format("note"))
+
+
def validate_entity_note_update_command_args(args: dict[Any, Any]):
"""
Validates the arguments provided for the entity note update command.
@@ -1115,6 +1227,28 @@ def validate_entity_note_update_command_args(args: dict[Any, Any]):
raise ValueError(ERRORS["REQUIRED_ARGUMENT"].format("note"))
+def validate_detection_note_update_command_args(args: dict[Any, Any]):
+ """
+ Validates the arguments provided for the detection note update command.
+
+ Args:
+ args (dict[Any, Any]): The arguments dictionary.
+
+ Raises:
+ ValueError: If any of the arguments are invalid.
+ """
+ note = args.get("note")
+ detection_id = args.get("detection_id")
+ note_id = args.get("note_id")
+ # Validate detection_id value
+ validate_positive_integer_arg(detection_id, arg_name="detection_id", required=True)
+ # Validate note_id value
+ validate_positive_integer_arg(note_id, arg_name="note_id", required=True)
+ # Validate note value
+ if not note:
+ raise ValueError(ERRORS["REQUIRED_ARGUMENT"].format("note"))
+
+
def validate_entity_note_remove_command_args(args: dict[Any, Any]):
"""
Validates the arguments provided for the entity note update command.
@@ -1139,6 +1273,24 @@ def validate_entity_note_remove_command_args(args: dict[Any, Any]):
raise ValueError(ERRORS["INVALID_COMMAND_ARG_VALUE"].format("entity_type", ", ".join(VALID_ENTITY_TYPE)))
+def validate_detection_note_remove_command_args(args: dict[Any, Any]):
+ """
+ Validates the arguments provided for the detection note remove command.
+
+ Args:
+ args (dict[Any, Any]): The arguments dictionary.
+
+ Raises:
+ ValueError: If any of the arguments are invalid.
+ """
+ detection_id = args.get("detection_id")
+ note_id = args.get("note_id")
+ # Validate detection_id value
+ validate_positive_integer_arg(detection_id, arg_name="detection_id", required=True)
+ # Validate note_id value
+ validate_positive_integer_arg(note_id, arg_name="note_id", required=True)
+
+
def validate_entity_tag_add_command_args(args: dict[Any, Any]):
"""
Validates the arguments provided for the entity tag add command.
@@ -1906,6 +2058,43 @@ def get_list_entity_notes_command_hr(notes: dict, entity_id: Optional[int], enti
return human_readable
+def get_list_detection_notes_command_hr(notes: dict, detection_id: Optional[int]) -> str:
+ """
+ Returns the human-readable output for the detection notes.
+
+ Args:
+ notes (Dict): list of detection notes.
+ detection_id (Optional[int]): Detection ID.
+
+ Returns:
+ str: The human-readable output.
+ """
+ hr_dict = []
+ for note in notes:
+ note["note_id"] = note["id"]
+ note.update({"detection_id": detection_id})
+
+ hr_dict.append(
+ {
+ "Note ID": note.get("id"),
+ "Note": note.get("note"),
+ "Created By": note.get("created_by"),
+ "Created Date": note.get("date_created"),
+ "Modified By": note.get("modified_by"),
+ "Modified Date": note.get("date_modified"),
+ }
+ )
+
+ # Prepare human-readable output table
+ human_readable = tableToMarkdown(
+ "Detection Notes Table",
+ hr_dict,
+ ["Note ID", "Note", "Created By", "Created Date", "Modified By", "Modified Date"],
+ removeNull=True,
+ )
+ return human_readable
+
+
def get_group_list_command_hr(groups: List):
"""
Converts a list of groups into a human-readable table format.
@@ -2669,6 +2858,42 @@ def vectra_entity_note_list_command(client: VectraClient, args: dict[str, Any]):
)
+def vectra_detection_note_list_command(client: VectraClient, args: dict[str, Any]):
+ """
+ List detection notes.
+
+ Args:
+ client (VectraClient): An instance of the VectraClient class.
+ args (Dict[str, Any]): The command arguments provided by the user.
+
+ Returns:
+ CommandResults: The command results containing the outputs, readable output, raw response, and outputs key field.
+ """
+ validate_detection_note_list_command_args(args)
+ # Get function arguments
+ detection_id = arg_to_number(args.get("detection_id"), arg_name="detection_id", required=True)
+
+ # Call Vectra API to list detection notes
+ notes = client.list_detection_note_request(detection_id=detection_id) # type: ignore
+ notes = remove_empty_elements(notes)
+ if notes:
+ human_readable = get_list_detection_notes_command_hr(notes, detection_id)
+
+ context = [createContext(note) for note in notes]
+
+ return CommandResults(
+ outputs_prefix="Vectra.Detection.Notes",
+ outputs=context,
+ readable_output=human_readable,
+ raw_response=notes,
+ outputs_key_field=["detection_id", "note_id"],
+ )
+ else:
+ return CommandResults(
+ outputs={}, readable_output="##### Couldn't find any notes for provided detection.", raw_response=notes
+ )
+
+
def vectra_entity_note_add_command(client: VectraClient, args: dict[str, Any]):
"""
Adds a note to an entity in Vectra API.
@@ -2704,6 +2929,40 @@ def vectra_entity_note_add_command(client: VectraClient, args: dict[str, Any]):
)
+def vectra_detection_note_add_command(client: VectraClient, args: dict[str, Any]):
+ """
+ Adds a note to a detection in Vectra API.
+
+ Args:
+ client (VectraClient): An instance of the VectraClient class.
+ args (Dict[str, Any]): The command arguments provided by the user.
+
+ Returns:
+ CommandResults: The command results containing the outputs, readable output, raw response, and outputs key field.
+ """
+ validate_detection_note_add_command_args(args)
+ # Get function arguments
+ detection_id = arg_to_number(args.get("detection_id"), arg_name="detection_id", required=True)
+ note = args.get("note")
+
+ # Call Vectra API to add detection note
+ notes = client.add_detection_note_request(detection_id=detection_id, note=note) # type: ignore
+ if notes:
+ notes["note_id"] = notes["id"]
+ notes.update({"detection_id": detection_id})
+
+ human_readable = "##### The note has been successfully added to the detection."
+ human_readable += f"\nReturned Note ID: **{notes['note_id']}**"
+
+ return CommandResults(
+ outputs_prefix="Vectra.Detection.Notes",
+ outputs=createContext(remove_empty_elements(notes)),
+ readable_output=human_readable,
+ raw_response=notes,
+ outputs_key_field=["detection_id", "note_id"],
+ )
+
+
def vectra_entity_note_update_command(client: VectraClient, args: dict[str, Any]):
"""
Updates a note to an entity in Vectra API.
@@ -2744,6 +3003,44 @@ def vectra_entity_note_update_command(client: VectraClient, args: dict[str, Any]
)
+def vectra_detection_note_update_command(client: VectraClient, args: dict[str, Any]):
+ """
+ Updates a note to a detection in Vectra API.
+
+ Args:
+ client (VectraClient): An instance of the VectraClient class.
+ args (Dict[str, Any]): The command arguments provided by the user.
+
+ Returns:
+ CommandResults: The command results containing the outputs, readable output, raw response, and outputs key field.
+ """
+ validate_detection_note_update_command_args(args)
+ # Get function arguments
+ detection_id = arg_to_number(args.get("detection_id"), arg_name="detection_id", required=True)
+ note = args.get("note")
+ note_id = arg_to_number(args.get("note_id"), arg_name="note_id", required=True)
+
+ # Call Vectra API to update detection note
+ notes = client.update_detection_note_request(
+ detection_id=detection_id, # type: ignore
+ note=note, # type: ignore
+ note_id=note_id, # type: ignore
+ )
+ if notes:
+ notes["note_id"] = notes["id"]
+ notes.update({"detection_id": detection_id})
+
+ human_readable = "##### The note has been successfully updated in the detection."
+
+ return CommandResults(
+ outputs_prefix="Vectra.Detection.Notes",
+ outputs=createContext(remove_empty_elements(notes)),
+ readable_output=human_readable,
+ raw_response=notes,
+ outputs_key_field=["detection_id", "note_id"],
+ )
+
+
def vectra_entity_note_remove_command(client: VectraClient, args: dict[str, Any]):
"""
Updates a note to an entity in Vectra API.
@@ -2774,6 +3071,34 @@ def vectra_entity_note_remove_command(client: VectraClient, args: dict[str, Any]
return CommandResults(outputs={}, readable_output=human_readable)
+def vectra_detection_note_remove_command(client: VectraClient, args: dict[str, Any]):
+ """
+ Removes a note from a detection
+
+ Args:
+ client (VectraClient): An instance of the VectraClient class.
+ args (Dict[str, Any]): The command arguments provided by the user.
+
+ Returns:
+ CommandResults: The command results containing the outputs, readable output, raw response, and outputs key field.
+ """
+ validate_detection_note_remove_command_args(args)
+ # Get function arguments
+ detection_id = arg_to_number(args.get("detection_id"), arg_name="detection_id", required=True)
+ note_id = arg_to_number(args.get("note_id"), arg_name="note_id", required=True)
+
+ # Call Vectra API to remove note
+ response = client.remove_detection_note_request(
+ detection_id=detection_id, # type: ignore
+ note_id=note_id, # type: ignore
+ )
+ if response.status_code == 204:
+ human_readable = "##### The note has been successfully removed from the detection."
+ else:
+ human_readable = "Something went wrong."
+ return CommandResults(outputs={}, readable_output=human_readable)
+
+
def vectra_entity_tag_add_command(client: VectraClient, args: dict[str, Any]):
"""
Add tags to an entity.
@@ -3407,6 +3732,19 @@ def vectra_group_list_command(client: VectraClient, args: dict[str, Any]):
)
+def vectra_entity_reset_fetch_command(client: VectraClient, args: dict[str, Any]):
+ """Reset the Already_fetched state for the given entity
+
+ Args:
+ client (VectraClient): An instance of the VectraClient class.
+ args (Dict[str, Any]): The command arguments.
+ """
+ entity_id = args.get("entity_id", "")
+ entity_type = args.get("entity_type", "")
+ add_refetch_id_to_integration_context(entity_id=entity_id, entity_type=entity_type)
+ return CommandResults(readable_output=f"Reset fetch status for {entity_id}-{entity_type}")
+
+
def vectra_group_unassign_command(client: VectraClient, args: dict[str, Any]):
"""
Unassign members in Group.
@@ -4162,6 +4500,10 @@ def main():
"vectra-entity-tag-list": vectra_entity_tag_list_command,
"vectra-detections-mark-fixed": vectra_detections_mark_fixed_command,
"vectra-detections-unmark-fixed": vectra_detections_unmark_fixed_command,
+ "vectra-detection-note-list": vectra_detection_note_list_command,
+ "vectra-detection-note-add": vectra_detection_note_add_command,
+ "vectra-detection-note-update": vectra_detection_note_update_command,
+ "vectra-detection-note-remove": vectra_detection_note_remove_command,
"vectra-assignment-list": vectra_assignment_list_command,
"vectra-entity-assignment-add": vectra_entity_assignment_add_command,
"vectra-entity-assignment-update": vectra_entity_assignment_update_command,
@@ -4178,6 +4520,7 @@ def main():
"vectra-detection-tag-list": vectra_detection_tag_list_command,
"vectra-detection-tag-add": vectra_detection_tag_add_command,
"vectra-detection-tag-remove": vectra_detection_tag_remove_command,
+ "vectra-entity-reset-fetch": vectra_entity_reset_fetch_command,
}
try:
result = None
diff --git a/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR.yml b/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR.yml
index 9753fbd95ec0..cc06a15f7403 100644
--- a/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR.yml
+++ b/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR.yml
@@ -388,7 +388,7 @@ script:
type: String
- arguments:
- default: false
- description: Specify the id of the entity.
+ description: Specify the ID of the entity.
isArray: false
name: entity_id
required: true
@@ -494,7 +494,7 @@ script:
type: Unknown
- arguments:
- default: false
- description: Specify the id of the entity.
+ description: Specify the ID of the entity.
isArray: false
name: entity_id
required: true
@@ -1015,7 +1015,7 @@ script:
type: String
- arguments:
- default: false
- description: Specify the id of the entity.
+ description: Specify the ID of the entity.
isArray: false
name: entity_id
required: true
@@ -1064,7 +1064,43 @@ script:
type: String
- arguments:
- default: false
- description: Specify the id of the entity.
+ description: Specify the ID of the detection.
+ isArray: false
+ name: detection_id
+ required: true
+ secret: false
+ - default: false
+ description: Note to be added in the specified detection_id.
+ isArray: false
+ name: note
+ required: true
+ secret: false
+ deprecated: false
+ description: Add a note to the detection.
+ execution: false
+ name: vectra-detection-note-add
+ outputs:
+ - contextPath: Vectra.Detection.Notes.detection_id
+ description: ID of the detection associated with the note.
+ type: String
+ - contextPath: Vectra.Detection.Notes.note_id
+ description: ID of the note.
+ type: Number
+ - contextPath: Vectra.Detection.Notes.id
+ description: ID of the note.
+ type: Number
+ - contextPath: Vectra.Detection.Notes.date_created
+ description: Date when the note was created.
+ type: Date
+ - contextPath: Vectra.Detection.Notes.created_by
+ description: User who created the note.
+ type: String
+ - contextPath: Vectra.Detection.Notes.note
+ description: Content of the note.
+ type: String
+ - arguments:
+ - default: false
+ description: Specify the ID of the entity.
isArray: false
name: entity_id
required: true
@@ -1117,6 +1153,54 @@ script:
- contextPath: Vectra.Entity.Notes.note
description: Content of the note.
type: String
+ - arguments:
+ - default: false
+ description: Specify the ID of the detection.
+ isArray: false
+ name: detection_id
+ required: true
+ secret: false
+ - default: false
+ description: Specify the ID of the note.
+ isArray: false
+ name: note_id
+ required: true
+ secret: false
+ - default: false
+ description: Note to be updated for the specified note_id.
+ isArray: false
+ name: note
+ required: true
+ secret: false
+ deprecated: false
+ description: Update a note in the detection.
+ execution: false
+ name: vectra-detection-note-update
+ outputs:
+ - contextPath: Vectra.Detection.Notes.detection_id
+ description: ID of the detection associated with the note.
+ type: String
+ - contextPath: Vectra.Detection.Notes.note_id
+ description: ID of the note.
+ type: Number
+ - contextPath: Vectra.Detection.Notes.id
+ description: ID of the note.
+ type: Number
+ - contextPath: Vectra.Detection.Notes.date_created
+ description: Date when the note was created.
+ type: Date
+ - contextPath: Vectra.Detection.Notes.date_modified
+ description: Date when the note was last modified.
+ type: Date
+ - contextPath: Vectra.Detection.Notes.created_by
+ description: User who created the note.
+ type: String
+ - contextPath: Vectra.Detection.Notes.modified_by
+ description: User who last modified the note.
+ type: String
+ - contextPath: Vectra.Detection.Notes.note
+ description: Content of the note.
+ type: String
- arguments:
- default: false
description: Specify the ID of the entity.
@@ -1144,6 +1228,23 @@ script:
description: Remove a note from the entity.
execution: false
name: vectra-entity-note-remove
+ - arguments:
+ - default: false
+ description: Specify the ID of the detection.
+ isArray: false
+ name: detection_id
+ required: true
+ secret: false
+ - default: false
+ description: Specify the ID of the note.
+ isArray: false
+ name: note_id
+ required: true
+ secret: false
+ deprecated: false
+ description: Remove a note from the detection.
+ execution: false
+ name: vectra-detection-note-remove
- arguments:
- default: false
description: Provide a list of detection IDs separated by commas or a single detection ID.
@@ -1168,7 +1269,7 @@ script:
name: vectra-detections-unmark-fixed
- arguments:
- default: false
- description: Specify the id of the entity.
+ description: Specify the ID of the entity.
isArray: false
name: entity_id
required: true
@@ -1208,21 +1309,21 @@ script:
type: Unknown
- arguments:
- default: false
- description: Specify the id of the entity.
+ description: Specify the ID of the entity.
isArray: false
name: entity_id
required: true
secret: false
- - auto: PREDEFINED
- default: false
+ - default: false
description: Specify the type of the entity.
isArray: false
name: entity_type
+ required: true
+ secret: false
+ auto: PREDEFINED
predefined:
- account
- host
- required: true
- secret: false
- default: false
description: Comma-separated values of tags to be removed from the entity.
isArray: true
@@ -1248,7 +1349,7 @@ script:
type: Unknown
- arguments:
- default: false
- description: Specify the id of the entity.
+ description: Specify the ID of the entity.
isArray: false
name: entity_id
required: true
@@ -1498,12 +1599,12 @@ script:
required: true
secret: false
- default: false
- defaultValue: Updated by XSOAR.
description: A note to be added for resolving an assignment in the entity.
isArray: false
name: note
required: false
secret: false
+ defaultValue: Updated by XSOAR.
- default: false
description: Triage rule for resolving an assignment in the entity.
isArray: false
@@ -1681,26 +1782,26 @@ script:
name: entity_ids
required: false
secret: false
- - auto: PREDEFINED
- default: false
+ - default: false
description: Specify the type of the entity.
isArray: false
name: entity_type
+ required: false
+ secret: false
+ auto: PREDEFINED
predefined:
- account
- host
- required: false
- secret: false
- - auto: PREDEFINED
- default: false
+ - default: false
description: Filter by resolved status.
isArray: false
name: resolved
+ required: false
+ secret: false
+ auto: PREDEFINED
predefined:
- 'True'
- 'False'
- required: false
- secret: false
- default: false
description: Filter by user ids of the assignment. Comma-separated values supported.
isArray: false
@@ -1720,19 +1821,19 @@ script:
required: false
secret: false
- default: false
- defaultValue: '1'
description: Enables the caller to specify a particular page of results.
isArray: false
name: page
required: false
secret: false
+ defaultValue: '1'
- default: false
- defaultValue: '50'
description: Specify the desired page size for the request.
isArray: false
name: page_size
required: false
secret: false
+ defaultValue: '50'
deprecated: false
description: Returns a list of all assignments.
execution: false
@@ -1827,19 +1928,19 @@ script:
type: String
- arguments:
- default: false
- defaultValue: '1'
description: Enables the caller to specify a particular page of results.
isArray: false
name: page
required: false
secret: false
+ defaultValue: '1'
- default: false
- defaultValue: '50'
- description: Specify the desired page size for the request.
+ description: "Specify the desired page size for the request."
isArray: false
name: page_size
required: false
secret: false
+ defaultValue: '50'
deprecated: false
description: Returns a list of all entity assignment outcomes.
execution: false
@@ -1867,16 +1968,16 @@ script:
name: entity_id
required: true
secret: false
- - auto: PREDEFINED
- default: false
- description: Specify the type of the entity.
+ - default: false
+ description: "Specify the type of the entity."
isArray: false
name: entity_type
+ required: true
+ secret: false
+ auto: PREDEFINED
predefined:
- host
- account
- required: true
- secret: false
deprecated: false
description: Returns a list of notes for a specified entity.
execution: false
@@ -1910,26 +2011,62 @@ script:
description: Type of the entity associated with the note.
type: String
- arguments:
- - auto: PREDEFINED
+ - description: Specify the ID of the detection.
+ name: detection_id
+ required: true
default: false
- description: Filter by group type.
+ isArray: false
+ secret: false
+ description: Returns a list of notes for a specified detection.
+ execution: false
+ name: vectra-detection-note-list
+ deprecated: false
+ outputs:
+ - contextPath: Vectra.Detection.Notes.note_id
+ description: ID of the note.
+ type: Number
+ - contextPath: Vectra.Detection.Notes.id
+ description: ID of the note.
+ type: Number
+ - contextPath: Vectra.Detection.Notes.date_created
+ description: Date when the note was created.
+ type: Date
+ - contextPath: Vectra.Detection.Notes.date_modified
+ description: Date when the note was last modified.
+ type: Unknown
+ - contextPath: Vectra.Detection.Notes.created_by
+ description: User who created the note.
+ type: String
+ - contextPath: Vectra.Detection.Notes.modified_by
+ description: User who last modified the note.
+ type: Date
+ - contextPath: Vectra.Detection.Notes.note
+ description: Content of the note.
+ type: String
+ - contextPath: Vectra.Detection.Notes.detection_id
+ description: ID of the detection associated with the note.
+ type: String
+ - arguments:
+ - description: Filter by group type.
isArray: false
name: group_type
+ required: false
+ auto: PREDEFINED
+ default: false
predefined:
- account
- host
- ip
- domain
- required: false
secret: false
- - default: false
- description: |-
+ - description: |-
Filter by Account Names. Supports comma-separated values.
Note: Only valid when the group_type parameter is set to "account".
- isArray: true
name: account_names
required: false
+ default: false
+ isArray: true
secret: false
- default: false
description: |-
@@ -1997,7 +2134,7 @@ script:
required: false
secret: false
- default: false
- description: Filters by the user id who made the most recent modification to the group.
+ description: Filters by the user ID who made the most recent modification to the group.
isArray: false
name: last_modified_by
required: false
@@ -2008,10 +2145,10 @@ script:
name: group_name
required: false
secret: false
- deprecated: false
description: Returns a list of all groups.
execution: false
name: vectra-group-list
+ deprecated: false
outputs:
- contextPath: Vectra.Group.group_id
description: ID of the group.
@@ -2068,11 +2205,11 @@ script:
description: Whether the group is managed by Cognito or not.
type: Boolean
- arguments:
- - default: false
- description: Specify Group ID to unassign members.
+ - description: Specify Group ID to unassign members.
isArray: false
name: group_id
required: true
+ default: false
secret: false
- default: false
description: "Member values based on the group type. Supports comma-separated values.\n\n Note: \nIf the group type is host, then the \"Host IDs\". \nIf the group type is account, then \"Account Names\".\nIf the group type is ip, then the list of \"IPs\".\nIf the group type is domain, then the list of \"Domains\" ."
@@ -2080,10 +2217,10 @@ script:
name: members
required: true
secret: false
- deprecated: false
description: Unassign members from the specified group.
execution: false
name: vectra-group-unassign
+ deprecated: false
outputs:
- contextPath: Vectra.Group.group_id
description: ID of the group.
@@ -2134,11 +2271,11 @@ script:
description: Description of the rule.
type: String
- arguments:
- - default: false
- description: Specify Group ID to assign members.
- isArray: false
+ - description: Specify Group ID to assign members.
name: group_id
required: true
+ default: false
+ isArray: false
secret: false
- default: false
description: "Member values based on the group type. Supports comma-separated values.\n\n Note: \nIf the group type is host, then the \"Host IDs\". \nIf the group type is account, then \"Account Names\".\nIf the group type is ip, then the list of \"IPs\".\nIf the group type is domain, then the list of \"Domains\" ."
@@ -2203,13 +2340,13 @@ script:
- description: Specify the ID of the entity.
name: entity_id
required: true
- - auto: PREDEFINED
- description: Specify the type of the entity.
+ - description: Specify the type of the entity.
name: entity_type
+ required: true
+ auto: PREDEFINED
predefined:
- account
- host
- required: true
- auto: PREDEFINED
description: Specify the close reason.
name: close_reason
@@ -2222,16 +2359,16 @@ script:
name: vectra-entity-detections-mark-asclosed
- arguments:
- description: Provide a list of detection IDs separated by commas or a single detection ID.
- isArray: true
name: detection_ids
required: true
- - auto: PREDEFINED
- description: Specify the close reason.
+ isArray: true
+ - description: Specify the close reason.
name: close_reason
+ required: true
+ auto: PREDEFINED
predefined:
- benign
- remediated
- required: true
description: Mark detections as close with provided detection IDs in the argument.
execution: false
name: vectra-detections-mark-asclosed
@@ -2305,7 +2442,28 @@ script:
- contextPath: Vectra.Detection.Tags.tags
description: A list of tags linked to a detection.
type: Unknown
- dockerimage: demisto/python3:3.12.12.5490952
+ - arguments:
+ - default: false
+ description: Specify the ID of the entity.
+ isArray: false
+ name: entity_id
+ required: true
+ secret: false
+ - auto: PREDEFINED
+ default: false
+ description: Specify the type of the entity.
+ isArray: false
+ name: entity_type
+ predefined:
+ - account
+ - host
+ required: true
+ secret: false
+ deprecated: false
+ description: Resets the given entity to refetch incidents.
+ execution: false
+ name: vectra-entity-reset-fetch
+ dockerimage: demisto/python3:3.12.12.6391686
feed: false
isfetch: true
isremotesyncin: true
diff --git a/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR_description.md b/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR_description.md
index 42ebc6cf5a7e..317adaca3133 100644
--- a/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR_description.md
+++ b/Packs/VectraXDR/Integrations/VectraXDR/VectraXDR_description.md
@@ -57,4 +57,4 @@ To fetch Vectra XDR Entity follow the next steps:
- mirror_tags: This field determines what would be the tag needed to mirror the XSOAR entry out to Vectra XDR. It is a required field for XSOAR to enable mirroring support.
- mirror_instance: This field determines from which instance the XSOAR incident was created. It is a required field for XSOAR to enable mirroring support.
-For more information about this integration, visit [Vectra's knwoledge base](https://support.vectra.ai/s/article/KB-VS-1692).
+For more information about this integration, visit [Vectra's knowledge base](https://support.vectra.ai/s/article/KB-VS-1692).
diff --git a/Packs/VectraXDR/ReleaseNotes/1_3_0.md b/Packs/VectraXDR/ReleaseNotes/1_3_0.md
new file mode 100644
index 000000000000..34b14f04193b
--- /dev/null
+++ b/Packs/VectraXDR/ReleaseNotes/1_3_0.md
@@ -0,0 +1,12 @@
+
+#### Integrations
+
+##### Vectra XDR
+
+- Added support for **vectra-detection-note-add** command that adds a note to the detection.
+- Added support for **vectra-detection-note-update** command that updates a note in the detection.
+- Added support for **vectra-detection-note-remove** command that removes a note from the detection.
+- Added support for **vectra-detection-note-list** command that returns a list of notes for a specified detection.
+- Added support for **vectra-entity-reset-fetch** command that resets the given entity to refetch incidents.
+
+- Updated Docker image to demisto/python3:3.12.12.6391686.
diff --git a/Packs/VectraXDR/pack_metadata.json b/Packs/VectraXDR/pack_metadata.json
index 46209151d5f1..de275c70f385 100644
--- a/Packs/VectraXDR/pack_metadata.json
+++ b/Packs/VectraXDR/pack_metadata.json
@@ -2,7 +2,7 @@
"name": "Vectra XDR",
"description": "Vectra XDR pack empowers the SOC to create incidents using Vectra AI's Attack Signal Intelligence.",
"support": "partner",
- "currentVersion": "1.2.0",
+ "currentVersion": "1.3.0",
"author": "Vectra AI",
"url": "https://support.vectra.ai",
"email": "support@vectra.ai",