Getting this error when enabling malwarebytes #xsoar integration

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Getting this error when enabling malwarebytes #xsoar integration

L0 Member

Executed: test-module
Instance Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955
Arguments {}
Start time 2022-10-21T16:15:27.798846102-04:00


2022-10-21T16:15:28.151429016-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) debug-mode started.
#### http client print found: False.
#### Env environ({'PATH': '/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', 'HOSTNAME': '98976a05282d', 'HTTP_PROXY': '', 'http_proxy': '', 'HTTPS_PROXY': '', 'https_proxy': '', 'LANG': 'C.UTF-8', 'GPG_KEY': 'E3FF2839C048B25C084DEBE9B26995E310250568', 'PYTHON_VERSION': '3.9.6', 'PYTHON_PIP_VERSION': '21.1.3', 'PYTHON_GET_PIP_URL': 'https://github.com/pypa/get-pip/raw/a1675ab6c2bd898ed82b1f58c486097f763c74a9/public/get-pip.py', 'PYTHON_GET_PIP_SHA256': '6665659241292b2147b58922b9ffe11dda66b39d52d8a6f3aa310bc1d60ea6f7', 'DOCKER_IMAGE': 'demisto/oauthlib:1.0.0.23674', 'HOME': '/root'}).
#### Params: {
"Fetch_Event_List": "RTP Detections (EP)",
"accountid": "f7290103-c38f-4520-820f-ce81e0952c88",
"clientid": "mwb-cloud-59c71f413ea398e2ed7a0c77e63273c1",
"clientsecret": "<XX_REPLACED>",
"company_name": null,
"email": null,
"incidentFetchInterval": "1",
"incidentType": null,
"insecure": false,
"isFetch": false,
"proxy": false,
"rtp_threat_category": [
"Malware"
],
"suspicious_activity_severity": [
"High"
]
}.
#### Docker image: [demisto/oauthlib:1.0.0.23674]
#### Integration: brand: [Malwarebytes] instance: [Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955]
2022-10-21T16:15:28.188187753-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Encoding `client_id` "mwb-cloud-59c71f413ea398e2ed7a0c77e63273c1" with `client_secret` as Basic auth credentials.
2022-10-21T16:15:28.188673672-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Requesting url https://cloud.malwarebytes.com/oauth2/token using method POST.
2022-10-21T16:15:28.189237671-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Supplying headers {'Accept': 'application/json', 'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8'} and data {'grant_type': 'client_credentials', 'scope': 'read write execute'}
2022-10-21T16:15:28.189571599-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Passing through key word arguments {'timeout': None, 'auth': <requests.auth.HTTPBasicAuth object at 0x7f113ca45820>, 'verify': True, 'proxies': None}.
2022-10-21T16:15:28.191048444-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [urllib3.connectionpool] - Starting new HTTPS connection (1): cloud.malwarebytes.com:443
2022-10-21T16:15:28.240095239-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) send: b'POST /oauth2/token HTTP/1.1\r\nHost: cloud.malwarebytes.com\r\nUser-Agent: python-requests/2.26.0\r\nAccept-Encoding: gzip, deflate\r\nAccept: application/json\r\nConnection: keep-alive\r\nx-mwb-clientid: mwb-cloud-59c71f413ea398e2ed7a0c77e63273c1\r\nx-mwb-accountid: f7290103-c38f-4520-820f-ce81e0952c88\r\nContent-Type: application/x-www-form-urlencoded;charset=UTF-8\r\nContent-Length: 54\r\nAuthorization: Basic bXdiLWNsb3VkLTU5YzcxZjQxM2VhMzk4ZTJlZDdhMGM3N2U2MzI3M2MxOjYxNTAxZDA5OGJhOTZjM2VmZDBkMjQwYTg1ZjEzMzZlYjc5NGRiMDZkMTg4MDEyMmZiY2E1YTQyNzE2YjYzZjQ=\r\n\r\n'
2022-10-21T16:15:28.241812049-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) send: b'grant_type=client_credentials&scope=read+write+execute'
2022-10-21T16:15:28.446516609-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) reply: 'HTTP/1.1 400 Bad Request\r\n'
2022-10-21T16:15:28.448750343-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: Content-Type: application/json; charset=utf-8
2022-10-21T16:15:28.450345982-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: Content-Length: 53
2022-10-21T16:15:28.452169527-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: Connection: keep-alive
2022-10-21T16:15:28.454066097-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: Date: Fri, 21 Oct 2022 20:15:28 GMT
2022-10-21T16:15:28.455784805-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: vary: Origin
2022-10-21T16:15:28.456142519-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: access-control-allow-origin: *
2022-10-21T16:15:28.456469636-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: access-control-expose-headers: location
2022-10-21T16:15:28.456787854-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: X-Cache: Error from cloudfront
2022-10-21T16:15:28.457084778-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: Via: 1.1 b00055aba19ad70a191f40cf775753e8.cloudfront.net (CloudFront)
2022-10-21T16:15:28.457393497-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: X-Amz-Cf-Pop: MIA3-C4
2022-10-21T16:15:28.457733056-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) header: X-Amz-Cf-Id: YjFKv63ZgNJgnmnjlVZLevnAFkaromPInnU2LBaP2_FVCVkpYPueww==
2022-10-21T16:15:28.458025112-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [urllib3.connectionpool] - https://cloud.malwarebytes.com:443 "POST /oauth2/token HTTP/1.1" 400 53
2022-10-21T16:15:28.458679705-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Request to fetch token completed with status 400.
2022-10-21T16:15:28.458948874-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Request url was https://cloud.malwarebytes.com/oauth2/token
2022-10-21T16:15:28.459293077-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Request headers were {'User-Agent': 'python-requests/2.26.0', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'application/json', 'Connection': 'keep-alive', 'x-mwb-clientid': 'mwb-cloud-59c71f413ea398e2ed7a0c77e63273c1', 'x-mwb-accountid': 'f7290103-c38f-4520-820f-ce81e0952c88', 'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8', 'Content-Length': '54', 'Authorization': 'Basic bXdiLWNsb3VkLTU5YzcxZjQxM2VhMzk4ZTJlZDdhMGM3N2U2MzI3M2MxOjYxNTAxZDA5OGJhOTZjM2VmZDBkMjQwYTg1ZjEzMzZlYjc5NGRiMDZkMTg4MDEyMmZiY2E1YTQyNzE2YjYzZjQ='}
2022-10-21T16:15:28.459542153-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Request body was grant_type=client_credentials&scope=read+write+execute
2022-10-21T16:15:28.45980065-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Response headers were {'Content-Type': 'application/json; charset=utf-8', 'Content-Length': '53', 'Connection': 'keep-alive', 'Date': 'Fri, 21 Oct 2022 20:15:28 GMT', 'vary': 'Origin', 'access-control-allow-origin': '*', 'access-control-expose-headers': 'location', 'X-Cache': 'Error from cloudfront', 'Via': '1.1 b00055aba19ad70a191f40cf775753e8.cloudfront.net (CloudFront)', 'X-Amz-Cf-Pop': 'MIA3-C4', 'X-Amz-Cf-Id': 'YjFKv63ZgNJgnmnjlVZLevnAFkaromPInnU2LBaP2_FVCVkpYPueww=='} and content {"statusCode":400,"error":"Bad Request","message":""}.
2022-10-21T16:15:28.460042642-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwarebytes_test-module) python logging: DEBUG [requests_oauthlib.oauth2_session] - Invoking 0 token response hooks.
Exception message is [Traceback (most recent call last):
File "/tmp/pyrunner/_script_docker_python_loop.py", line 735, in <module>
exec(code, sub_globals, sub_globals)
File "<string>", line 13124, in <module>
File "<string>", line 13025, in main
File "<string>", line 12840, in get_token
File "<string>", line 11635, in get_nebula_client
File "/usr/local/lib/python3.9/site-packages/requests_oauthlib/oauth2_session.py", line 360, in fetch_token
self._client.parse_request_body_response(r.text, scope=self.scope)
File "/usr/local/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/clients/base.py", line 429, in parse_request_body_response
self.token = parse_token_response(body, scope=scope)
File "/usr/local/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 425, in parse_token_response
validate_token_parameters(params)
File "/usr/local/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 432, in validate_token_parameters
raise_from_error(params.get('error'), params)
File "/usr/local/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/errors.py", line 403, in raise_from_error
raise CustomOAuth2Error(error=error, **kwargs)
oauthlib.oauth2.rfc6749.errors.CustomOAuth2Error: (Bad Request)
]

End time 2022-10-21T16:15:28.46138292-04:00

1 REPLY 1

L3 Networker

There has been an update to the Malwarebytes integration since you had this issue. I just wanted to check to see if you were still running into issues or if the updated version has resolved it for you. The latest version is 1.1.11. Thanks!

  • 1558 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!