Merge branch 'develop'

README.md

@@ -6,7 +6,7 @@ Copyright (C) 2012-2016 Palo Alto Networks Inc. All Rights Reserved.
 
 * **App Homepage:** https://splunkbase.splunk.com/app/491
 * **Authors:** Brian Torres-Gil and Paul Nguyen - Palo Alto Networks
-* **App Version:** 5.3.0
+* **App Version:** 5.3.1
 * **Required Add-on (TA) Version:** Splunk_TA_paloalto 3.7.x
 
 ### Description ###

default/app.conf

@@ -5,11 +5,11 @@ label = Palo Alto Networks
 [launcher]
 author = btorres-gil@paloaltonetworks.com, panguy@paloaltonetworks.com
 description = The Palo Alto Networks App for Splunk is a set of reports and dashboards which provide visibility into the Palo Alto Networks Next-generation Firewall, Panorama, and Advanced Endpoint Security logs.
-version = 5.3.0
+version = 5.3.1
 
 [package]
 id = SplunkforPaloAltoNetworks
 
 [install]
-build = 5300
+build = 5310
 

default/data/ui/views/globalprotect_overview.xml

@@ -293,7 +293,6 @@
         <option name="colorBy">value</option>
         <option name="colorMode">none</option>
         <option name="drilldown">none</option>
-        <option name="linkView">search</option>
         <option name="numberPrecision">0</option>
         <option name="rangeColors">["0x65a637","0x6db7c6","0xf7bc38","0xf58f39","0xd93f3c"]</option>
         <option name="rangeValues">[0,30,70,100]</option>

docs/release_notes.rst

@@ -7,11 +7,25 @@ Release Notes
 App
 ===
 
-v5.3.0
+v5.3.1
+  * Changes made to meet new certification requirements
+
+
+Add-on
+======
+
+v3.7.1
+  * Changes made to meet new certification requirements 
+
+Previous Versions
+=================
+
+App v5.3.0
+----------
   * GlobalProtect Dashboard
   * Other updates are in the Add-on (see below)
 
-Important App Upgrade Notes
+..  note::
   * App 5.3.x requires Add-on 3.7.x
   * The App setup screen has moved to the Add-on. If you has previous set firewall credentials
     or a WildFire API key in the App setup screen, you'll need to set them in the Add-on
@@ -23,25 +37,20 @@ Important App Upgrade Notes
     pan_url, pan_data, pan_file, and pan_wildfire.
 
 
-Add-on
-======
-
-v3.7.0
+Add-on v3.7.0
+-------------
   * Integration with new Splunk Adaptive Response
   * Tag to dynamic address group using modular actions and Adaptive Response
   * Submit URL’s from any log in Splunk to WildFire
   * Logs with malware hashes have a new event action that links directly to that hash in Autofocus
   * Improved tagging for Splunk Enterprise Security, based on customer feedback
   * New parser for GlobalProtect logs
-
-Important Add-on Upgrade Notes
-  * Eventtype pan_threat no longer includes these log_subtypes: url, data, file, and wildfire.
+
+..  note:: Eventtype pan_threat no longer includes these log_subtypes: url, data, file, and wildfire.
     You might need to update custom searches or panels you created that leverage
     the pan_threat eventtype. There are new eventtypes for each of the removed log_subtypes:
     pan_url, pan_data, pan_file, and pan_wildfire.
 
-Previous Versions
-=================
 
 App v5.2
 --------

install/Splunk_TA_paloalto/README.md

@@ -6,7 +6,7 @@ Copyright (C) 2014-2016 Palo Alto Networks Inc. All Rights Reserved.
 
 * **Add-on Homepage:** https://splunkbase.splunk.com/app/2757
 * **Authors:** Brian Torres-Gil and Paul Nguyen - Palo Alto Networks
-* **Add-on Version:** 3.7.0
+* **Add-on Version:** 3.7.1
 
 ### Description ###
 

install/Splunk_TA_paloalto/default/app.conf

@@ -5,11 +5,11 @@ docs_section_override=AddOns:released
 
 [launcher]
 author=Splunk
-version=3.7.0
+version=3.7.1
 description = The Splunk Add-on for Palo Alto Networks allows a Splunk Enterprise administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.
 
 [package]
 id = Splunk_TA_paloalto
 
 [install]
-build = 3700
+build = 3710

install/Splunk_TA_paloalto/default/data/ui/alerts/panwildfiresubmit.html

@@ -0,0 +1,2 @@
+<form class="form-horizontal form-complex">
+</form>

install/Splunk_TA_paloalto/default/props.conf

@@ -111,7 +111,7 @@ rename = pan:system
 
 [pan:system]
 SHOULD_LINEMERGE = false
-REPORT-search = extract_system, extract_globalprotect_user, extract_globalprotect_ip, extract_globalprotect_loginip, extact_globalprotect_clientversion, extract_globalprotect_message
+REPORT-search = extract_system, extract_globalprotect_user, extract_globalprotect_ip, extract_globalprotect_loginip, extract_globalprotect_clientversion, extract_globalprotect_message
 
 FIELDALIAS-vsys                   = virtual_system as vsys
 # Field Aliases to map specific fields to the Splunk Common Information Model - Update

install/Splunk_TA_paloalto/metadata/default.meta

@@ -1,12 +1,7 @@
 # shared Application-level permissions
-[]
-access = read : [ * ], write : [ admin ]
-export = system
-
 # This is a TA, so export almost everything
-
 []
-access = read : [ * ], write : [ admin, power ]
+access = read : [ * ], write : [ admin ]
 export = system
 
 # Do not export commands