Visual Studio Code extension - Developer Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Developer Guide

Product
Cortex XSIAM
Creation date
2023-05-01
Last date published
2024-06-04
Category
Developer Guide
Abstract

Use Visual Studio Code extension to design and author scripts and integrations for Cortex XSIAM directly from VS Code.

The Cortex XSOAR extension for Visual Studio Code (compatible with both Cortex XSOAR and Cortex XSIAM) enables you to design and author scripts and integrations for Cortex XSIAM directly from VS Code. When writing code, the plugin provides you with auto-completion of Cortex XSIAM and Python functions. The extension also provides an easy-to-use set of demisto-sdk commands to format your packs, lint, and validate. The extension provides an easy virtual environment setup for Cortex XSIAM integrations and scripts.

Note

The Visual Studio Code extension should be run from the inside the content repository folder. If you run the extension from a different folder, the command 'xsoar.updateDSDK error appears.

Prerequisites
Install the Visual Studio Code extension

Install the Visual Studio Code extension directly from the Visual Studio Code marketplace or use this link. If you are using a Windows machine, click CTRL+SHIFT+P and choose Connect to WSL.

Configurations

Cortex XSIAM recommends keeping the xsoar.autoFindProblems.readProblems configuration set to false, which is the default setting, for improved performance. When this configuration is set to true, it automatically runs demisto-sdk lint and demisto-sdk validate when saving your file.

Commands

All of the commands in the extension start with XSOAR. For example:

  • XSOAR: Demisto-SDK Lint/Validate/Update Release Notes...: Runs the demisto-sdk commands.

  • XSOAR: Configure XSOAR unit tests: Configures the integration unit tests.

  • XSOAR: Configure Demisto-SDK for XSOAR: Configures environment variables for demisto-sdk.

Environment setup
Remote development (Any OS)

To develop in a fully configured remote development environment, see instructions for a traditional development environment or a GitHub Codespace. You can also use a containerized development environment, which includes the Visual Studio Code extension by default.

Local development (Linux, MacOS, WSL2)

The VS Code extension supports setting up your development environment automatically. Run the command XSOAR: install local development environment from VS Code Command Pallete or by right-clicking the file.

If you want to install the dependencies manually, follow the instructions in this guide until the Bootstrap step.

Set up integrations and scripts environment

Each integration or script in Cortex XSIAM runs on a different environment and has different dependencies. This feature configures the integration or script and allows you to debug it and run unit tests. In addition, you can open the integration environment in a new workspace with a virtual environment, for auto-completion.

Usage
  1. Navigate to the integration or script.

  2. Right-click the integration/script and select Setup integration/script environment.

  3. A dialog box appears allowing you to choose to the use the current workspace or to open a new one with a virtual environment. Note that using the current workspace is faster, but you may not have auto-completion for some integrations. Opening a new workspace takes longer, but you have auto-completion for all integrations. Both options allow you to debug your integration or script, run unit test, and identify problems from within the IDE.

Debugging
  1. Setup integrations and scripts environment.

  2. Read the Debugging using your IDE section.

  3. Go to Run and Debug (⇧⌘D), and verify Docker: debug (<integration>) is selected.

  4. Click on the green arrow or the F5 key to begin debugging.

Note

If during the installation one or more Python packages fails to install, the installation proceeds and creates the virtual environment with the packages that were installed.

Troubleshooting
Setup integration/script environment fails