The Demisto SDK library can be used to manage your Cortex XSOAR content with ease and efficiency. The library uses python 3.8+.
-
Install -
pip3 install demisto-sdk
-
Upgrade -
pip3 install --upgrade demisto-sdk
-
Connect demisto-sdk with Cortex XSOAR server - In order that demisto-sdk and Cortex XSOAR server communicate, perfrom the following steps:
-
Get an API key for Cortex XSOAR/XSIAM-server -
Settings
->Integrations
->API keys
->Get your Key
(copy it) -
Add the following parameters to your environment. You can also use a .env file, the demisto-sdk will automatically load that file.:
export DEMISTO_BASE_URL=<http or https>://<demisto-server url or ip>:<port> export DEMISTO_API_KEY=<API key>
To use on Cortex XSIAM the
XSIAM_AUTH_ID
environment variable should also be set.export XSIAM_AUTH_ID=<auth id>
for example:
export DEMISTO_BASE_URL=http://127.0.0.1:8080 export DEMISTO_API_KEY=XXXXXXXXXXXXXXXXXXXXXX
As long as
XSIAM_AUTH_ID
environment variable is set, SDK commands will be configured to work with an XSIAM instance. In order to set Demisto SDK to work with Cortex XSOAR instance, you need to delete the XSIAM_AUTH_ID parameter from your environment.unset XSIAM_AUTH_ID
For more configurations, check the demisto-py repository (which is used by the demisto-sdk to communicate with Cortex XSOAR).
-
Reload your terminal before continue.
-
You can use the SDK in the CLI as follows:
demisto-sdk <command> <args>
For more information, run demisto-sdk -h
.
For more information on a specific command execute demisto-sdk <command> -h
.
demisto-sdk
will check against the GitHub repository releases for a new version every time it runs and will issue a warning if you are not using the latest and greatest. If you wish to skip this check you can set the environment variable: DEMISTO_SDK_SKIP_VERSION_CHECK
. For example:
export DEMISTO_SDK_SKIP_VERSION_CHECK=yes
Supported commands:
- init
- Validate
- Lint
- Secrets
- Unify
- Split
- Format
- Run
- Run-playbook
- Upload
- Download
- Generate-docs
- Generate-test-playbook
- Generate-outputs
- Update-release-notes
- Zip-packs
- openapi-codegen
- postman-codegen
- generate-integration
- generate-yml-from-python
You can create your own configuration for the demisto-sdk
commands by creating a file named .demisto-sdk-conf
within the directory from which you run the commands.
This file will enable you to set a default value to the existing command flags that will take effect whenever the command is run.
This can be done by entering the following structure into the file:
[command_name]
flag_name=flag_default_value
Note: Make sure to use the flag's full name and input _
instead of a -
if it exists in the flag name (e.g. instead of no-docker-checks
use no_docker_checks
).
Here are a few examples:
- As a user, I would like to not use the
mypy
linter in my environment when using thelint
command. In the.demisto-sdk-conf
file I'll enter:
[lint]
no_mypy=true
- As a user, I would like to include untracked git files in my validation when running the
validate
command. In the.demisto-sdk-conf
file I'll enter:
[validate]
include_untracked=true
- As a user, I would like to automatically use minor version changes when running the
update-release-notes
command. In the.demisto-sdk-conf
file I'll enter:
[update-release-notes]
update_type=minor
Follow the guide found here to setup your demisto-sdk-dev
virtual environment.
The development environment is connected to the branch you are currently using in the SDK repository.
Simply activate it by running workon demisto-sdk-dev
.
The virtual environment can be deactivated at all times by running deactivate
.
Our CLI supports autocomplete for Linux/MacOS machines, you can turn this feature on by running one of the following: for zsh users run in the terminal
eval "$(_DEMISTO_SDK_COMPLETE=source_zsh demisto-sdk)"
for regular bashrc users run in the terminal
eval "$(_DEMISTO_SDK_COMPLETE=source demisto-sdk)"
MIT - See LICENSE for more information.
Contributions are welcome and appreciated. For information regarding contributing, press here. For release guide, press here