From a0c49ebea042d49289cf46a815dfcd595f8c38db Mon Sep 17 00:00:00 2001 From: root Date: Thu, 6 Jan 2022 20:09:42 -0800 Subject: [PATCH] Release notes for version 2.0.23 --- readme.md | 96 ++++++++++++++++++++++++++++++++ release_notes/2.0.23.md | 6 ++ release_notes/release_notes.html | 6 +- release_notes/unreleased.md | 1 - 4 files changed, 107 insertions(+), 2 deletions(-) create mode 100644 release_notes/2.0.23.md diff --git a/readme.md b/readme.md index 1f732ea..6cc990d 100644 --- a/readme.md +++ b/readme.md @@ -1,3 +1,15 @@ +[comment]: # "Auto-generated SOAR connector documentation" +# DNS + +Publisher: Splunk +Connector Version: 2\.0\.23 +Product Vendor: Generic +Product Name: DNS +Product Version Supported (regex): "\.\*" +Minimum Product Version: 5\.0\.0 + +This app implements investigative actions that return DNS Records for the object queried + [comment]: # " File: readme.md" [comment]: # " Copyright (c) 2016-2022 Splunk Inc." [comment]: # "" @@ -15,3 +27,87 @@ This simple DNS resolver app is designed to provide both forward and reverse lookup capabilities. Users can specify a name and record type in a "lookup domain" action, or an IP address in a "lookup ip" action. IPv4 and IPv6 addresses are both supported. + + +### Configuration Variables +The below configuration variables are required for this Connector to operate. These variables are specified when configuring a DNS asset in SOAR. + +VARIABLE | REQUIRED | TYPE | DESCRIPTION +-------- | -------- | ---- | ----------- +**dns\_server** | optional | string | IP of the DNS server for lookups +**host\_name** | optional | string | Hostname to be used in test connectivity + +### Supported Actions +[test connectivity](#action-test-connectivity) - Validate the asset configuration for connectivity +[lookup domain](#action-lookup-domain) - Query DNS records for a Domain or Host Name +[lookup ip](#action-lookup-ip) - Query Reverse DNS records for an IP + +## action: 'test connectivity' +Validate the asset configuration for connectivity + +Type: **test** +Read only: **True** + +#### Action Parameters +No parameters are required for this action + +#### Action Output +No Output + +## action: 'lookup domain' +Query DNS records for a Domain or Host Name + +Type: **investigate** +Read only: **True** + +A list of record types to be resolved is supplied, one of which the user may choose as the value for the type parameter, these are\:
When taking a lookup domain action from a Playbook, the author can look up arbitrary DNS record types by supplying the desired record type as a string for the type parameter\. + +#### Action Parameters +PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS +--------- | -------- | ----------- | ---- | -------- +**domain** | required | Record to resolve | string | `host name` `domain` +**type** | optional | DNS Record Type | string | + +#### Action Output +DATA PATH | TYPE | CONTAINS +--------- | ---- | -------- +action\_result\.status | string | +action\_result\.parameter\.domain | string | `host name` `domain` +action\_result\.parameter\.type | string | +action\_result\.data\.\*\.record\_info\_objects\.\*\.record\_info | string | `ip` +action\_result\.data\.\*\.record\_infos | string | `ip` +action\_result\.summary\.cannonical\_name | string | +action\_result\.summary\.canonical\_name | string | +action\_result\.summary\.hostname | string | `host name` `domain` +action\_result\.summary\.record\_info | string | `ip` +action\_result\.summary\.total\_record\_infos | numeric | +action\_result\.message | string | +summary\.total\_objects | numeric | +summary\.total\_objects\_successful | numeric | + +## action: 'lookup ip' +Query Reverse DNS records for an IP + +Type: **investigate** +Read only: **True** + +The lookup ip action takes an IP address parameter\. The IP address \(IPv4 or IPv6\) will be looked up against the appropriate reverse lookup DNS records, and any associate hostname\(s\) will be returned\. Only PTR type lookups are returned\. + +#### Action Parameters +PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS +--------- | -------- | ----------- | ---- | -------- +**ip** | required | IP to resolve | string | `ip` + +#### Action Output +DATA PATH | TYPE | CONTAINS +--------- | ---- | -------- +action\_result\.status | string | +action\_result\.parameter\.ip | string | `ip` +action\_result\.data | string | +action\_result\.summary\.cannonical\_name | string | +action\_result\.summary\.canonical\_name | string | +action\_result\.summary\.hostname | string | `host name` `domain` +action\_result\.summary\.ip | string | `ip` +action\_result\.message | string | +summary\.total\_objects | numeric | +summary\.total\_objects\_successful | numeric | \ No newline at end of file diff --git a/release_notes/2.0.23.md b/release_notes/2.0.23.md new file mode 100644 index 0000000..5dc699f --- /dev/null +++ b/release_notes/2.0.23.md @@ -0,0 +1,6 @@ +**DNS Release Notes - Published by Splunk January 07, 2022** + + +**Version 2.0.23 - Released January 07, 2022** + +* Marked the app as FIPS Compliant [PAPP-21502] \ No newline at end of file diff --git a/release_notes/release_notes.html b/release_notes/release_notes.html index f9fb210..5289df9 100644 --- a/release_notes/release_notes.html +++ b/release_notes/release_notes.html @@ -1,5 +1,9 @@ -DNS Release Notes - Published by Splunk December 17, 2020 +DNS Release Notes - Published by Splunk January 07, 2022

+Version 2.0.23 - Released January 07, 2022 + Version 2.0.22 - Released December 17, 2020