Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Blueliv integration error

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Blueliv integration error

L1 Bithead

Hi!

 

we are testing XSOAR capacities. For testing purposes, we are creating an integration with our intel solution, Blueliv:

https://xsoar.pan.dev/docs/reference/integrations/blueliv-threat-compass

 

When fetching it returns an error. From the mapping editor we get this:

>The request sent by the client was syntactically incorrect

We think that is something related with the date, the field "first_fetch_time". We fill in it using the format as in the help.

Do you have any experience using this integration? How do we fill in the field?

 

Thanks!

M.

1 accepted solution

Accepted Solutions

L1 Bithead

OK, sorry, not date related issue.

 

In line 297, this line:

 

search_offset = demisto.getLastRun().get('offset', 0)

 

should be:

 

search_offset = demisto.getLastRun().get('offset', 1)

 

In order to not get an error from Blueliv API.

 

How can I send this issue to be fixed?

View solution in original post

5 REPLIES 5

L2 Linker

Screen Shot 2022-04-12 at 4.52.59 PM.png

Be sure that the First fetch time is formatted in yyyy-mm-dd or yyyy-mm-ddThh:mm:ss. see my attached screenshot

L1 Bithead

Thanks for your response.

 

I have tried with "2022-04-01T00:00:00" and "2022-04-01".

 

The test button returns OK, and from any playbook I can execute commands, so I think that the rest of the parameters are OK.

L2 Linker

where are you seeing this error? 

L1 Bithead

Here for example:

 

migueltubia_0-1649800808767.png

and from the mapping Editor after selecting the instance:

 

migueltubia_1-1649800859320.png

 

L1 Bithead

OK, sorry, not date related issue.

 

In line 297, this line:

 

search_offset = demisto.getLastRun().get('offset', 0)

 

should be:

 

search_offset = demisto.getLastRun().get('offset', 1)

 

In order to not get an error from Blueliv API.

 

How can I send this issue to be fixed?

  • 1 accepted solution
  • 2864 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!