Getting this error when enabling malwarebytes #xsoar integration

SCollier1 — Fri, 21 Oct 2022 20:19:52 GMT

Executed: test-module
Instance Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955
Arguments {}
Start time 2022-10-21T16:15:27.798846102-04:00

2022-10-21T16:15:28.151429016-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) debug-mode started.
#### http client print found: False.
#### Env environ({'PATH': '/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', 'HOSTNAME': '98976a05282d', 'HTTP_PROXY': '', 'http_proxy': '', 'HTTPS_PROXY': '', 'https_proxy': '', 'LANG': 'C.UTF-8', 'GPG_KEY': 'E3FF2839C048B25C084DEBE9B26995E310250568', 'PYTHON_VERSION': '3.9.6', 'PYTHON_PIP_VERSION': '21.1.3', 'PYTHON_GET_PIP_URL': 'https://github.com/pypa/get-pip/raw/a1675ab6c2bd898ed82b1f58c486097f763c74a9/public/get-pip.py', 'PYTHON_GET_PIP_SHA256': '6665659241292b2147b58922b9ffe11dda66b39d52d8a6f3aa310bc1d60ea6f7', 'DOCKER_IMAGE': 'demisto/oauthlib:1.0.0.23674', 'HOME': '/root'}).
#### Params: {
"Fetch_Event_List": "RTP Detections (EP)",
"accountid": "f7290103-c38f-4520-820f-ce81e0952c88",
"clientid": "mwb-cloud-59c71f413ea398e2ed7a0c77e63273c1",
"clientsecret": "<XX_REPLACED>",
"company_name": null,
"email": null,
"incidentFetchInterval": "1",
"incidentType": null,
"insecure": false,
"isFetch": false,
"proxy": false,
"rtp_threat_category": [
"Malware"
],
"suspicious_activity_severity": [
"High"
]
}.
#### Docker image: [demisto/oauthlib:1.0.0.23674]
#### Integration: brand: [Malwarebytes] instance: [Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955]
2022-10-21T16:15:28.188187753-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Encoding `client_id` "mwb-cloud-59c71f413ea398e2ed7a0c77e63273c1" with `client_secret` as Basic auth credentials.
2022-10-21T16:15:28.188673672-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Requesting url https://cloud.malwarebytes.com/oauth2/token using method POST.
2022-10-21T16:15:28.189237671-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Supplying headers {'Accept': 'application/json', 'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8'} and data {'grant_type': 'client_credentials', 'scope': 'read write execute'}
2022-10-21T16:15:28.189571599-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Passing through key word arguments {'timeout': None, 'auth': <requests.auth.HTTPBasicAuth object at 0x7f113ca45820>, 'verify': True, 'proxies': None}.
2022-10-21T16:15:28.191048444-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [urllib3.connectionpool] - Starting new HTTPS connection (1): cloud.malwarebytes.com:443
2022-10-21T16:15:28.240095239-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) send: b'POST /oauth2/token HTTP/1.1\r\nHost: cloud.malwarebytes.com\r\nUser-Agent: python-requests/2.26.0\r\nAccept-Encoding: gzip, deflate\r\nAccept: application/json\r\nConnection: keep-alive\r\nx-mwb-clientid: mwb-cloud-59c71f413ea398e2ed7a0c77e63273c1\r\nx-mwb-accountid: f7290103-c38f-4520-820f-ce81e0952c88\r\nContent-Type: application/x-www-form-urlencoded;charset=UTF-8\r\nContent-Length: 54\r\nAuthorization: Basic bXdiLWNsb3VkLTU5YzcxZjQxM2VhMzk4ZTJlZDdhMGM3N2U2MzI3M2MxOjYxNTAxZDA5OGJhOTZjM2VmZDBkMjQwYTg1ZjEzMzZlYjc5NGRiMDZkMTg4MDEyMmZiY2E1YTQyNzE2YjYzZjQ=\r\n\r\n'
2022-10-21T16:15:28.241812049-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) send: b'grant_type=client_credentials&scope=read+write+execute'
2022-10-21T16:15:28.446516609-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) reply: 'HTTP/1.1 400 Bad Request\r\n'
2022-10-21T16:15:28.448750343-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: Content-Type: application/json; charset=utf-8
2022-10-21T16:15:28.450345982-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: Content-Length: 53
2022-10-21T16:15:28.452169527-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: Connection: keep-alive
2022-10-21T16:15:28.454066097-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: Date: Fri, 21 Oct 2022 20:15:28 GMT
2022-10-21T16:15:28.455784805-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: vary: Origin
2022-10-21T16:15:28.456142519-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: access-control-allow-origin: *
2022-10-21T16:15:28.456469636-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: access-control-expose-headers: location
2022-10-21T16:15:28.456787854-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: X-Cache: Error from cloudfront
2022-10-21T16:15:28.457084778-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: Via: 1.1 b00055aba19ad70a191f40cf775753e8.cloudfront.net (CloudFront)
2022-10-21T16:15:28.457393497-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: X-Amz-Cf-Pop: MIA3-C4
2022-10-21T16:15:28.457733056-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: X-Amz-Cf-Id: YjFKv63ZgNJgnmnjlVZLevnAFkaromPInnU2LBaP2_FVCVkpYPueww==
2022-10-21T16:15:28.458025112-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [urllib3.connectionpool] - https://cloud.malwarebytes.com:443 "POST /oauth2/token HTTP/1.1" 400 53
2022-10-21T16:15:28.458679705-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Request to fetch token completed with status 400.
2022-10-21T16:15:28.458948874-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Request url was https://cloud.malwarebytes.com/oauth2/token
2022-10-21T16:15:28.459293077-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Request headers were {'User-Agent': 'python-requests/2.26.0', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'application/json', 'Connection': 'keep-alive', 'x-mwb-clientid': 'mwb-cloud-59c71f413ea398e2ed7a0c77e63273c1', 'x-mwb-accountid': 'f7290103-c38f-4520-820f-ce81e0952c88', 'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8', 'Content-Length': '54', 'Authorization': 'Basic bXdiLWNsb3VkLTU5YzcxZjQxM2VhMzk4ZTJlZDdhMGM3N2U2MzI3M2MxOjYxNTAxZDA5OGJhOTZjM2VmZDBkMjQwYTg1ZjEzMzZlYjc5NGRiMDZkMTg4MDEyMmZiY2E1YTQyNzE2YjYzZjQ='}
2022-10-21T16:15:28.459542153-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Request body was grant_type=client_credentials&scope=read+write+execute
2022-10-21T16:15:28.45980065-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Response headers were {'Content-Type': 'application/json; charset=utf-8', 'Content-Length': '53', 'Connection': 'keep-alive', 'Date': 'Fri, 21 Oct 2022 20:15:28 GMT', 'vary': 'Origin', 'access-control-allow-origin': '*', 'access-control-expose-headers': 'location', 'X-Cache': 'Error from cloudfront', 'Via': '1.1 b00055aba19ad70a191f40cf775753e8.cloudfront.net (CloudFront)', 'X-Amz-Cf-Pop': 'MIA3-C4', 'X-Amz-Cf-Id': 'YjFKv63ZgNJgnmnjlVZLevnAFkaromPInnU2LBaP2_FVCVkpYPueww=='} and content {"statusCode":400,"error":"Bad Request","message":""}.
2022-10-21T16:15:28.460042642-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Invoking 0 token response hooks.
Exception message is [Traceback (most recent call last):
File "/tmp/pyrunner/_script_docker_python_loop.py", line 735, in <module>
exec(code, sub_globals, sub_globals)
File "<string>", line 13124, in <module>
File "<string>", line 13025, in main
File "<string>", line 12840, in get_token
File "<string>", line 11635, in get_nebula_client
File "/usr/local/lib/python3.9/site-packages/requests_oauthlib/oauth2_session.py", line 360, in fetch_token
self._client.parse_request_body_response(r.text, scope=self.scope)
File "/usr/local/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/clients/base.py", line 429, in parse_request_body_response
self.token = parse_token_response(body, scope=scope)
File "/usr/local/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 425, in parse_token_response
validate_token_parameters(params)
File "/usr/local/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 432, in validate_token_parameters
raise_from_error(params.get('error'), params)
File "/usr/local/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/errors.py", line 403, in raise_from_error
raise CustomOAuth2Error(error=error, **kwargs)
oauthlib.oauth2.rfc6749.errors.CustomOAuth2Error: (Bad Request)
]

End time 2022-10-21T16:15:28.46138292-04:00

Re: Getting this error when enabling malwarebytes #xsoar integration

amontminy — Wed, 26 Apr 2023 02:02:06 GMT

There has been an update to the Malwarebytes integration since you had this issue. I just wanted to check to see if you were still running into issues or if the updated version has resolved it for you. The latest version is 1.1.11. Thanks!

topic Re: Getting this error when enabling malwarebytes #xsoar integration in Cortex XSOAR Discussions

Getting this error when enabling malwarebytes #xsoar integration

Re: Getting this error when enabling malwarebytes #xsoar integration