Hello, I have signed up for the community edition, however I have never received the download URL. Also, I signed up for the DFIR, but cannot access the slack, as the link is expired when sent.
Hello all,
I am working with Slack from the playbook level where a message summarizing an incident is sent followed by Slackask automation to ask users on a channel to confirm the information with two interactive buttons. Take note that the flow has
...
Post here for all of your Community Edition support questions and one of our product experts will get back to you soon!
soemtimes for testing purpose we need to create similar incident again but I am stuck at this phase. I have exisiting incident and i want to re run it(either manually create, duplicate and re run it or just simply re run exisitng incident, or importi
...
Cortex XSOAR 8 will have a new FQDN and IP Address in the new platform. May I know is there any existing playbook have pulled the XSOAR data, and export to third-party platform automatically? If yes, it may require to re-configure the IP Address.
C
...
Need help
We have several analysts on schedule to perform ticket review bi-weekly.
I have used a demisto xsoar job to generate a ticket review ticket every 2 weeks.
However, how do i assign this ticket to the analyst automatically based on the shif
...
Hi All,
We have a requirement to create a ServiceNow ticket by taking the slack user responses.
I have built a playbook which does send the SlackBlockBuilder to the specified Slack channel but the playbook runs only when an incident is attached to it
...
Hi Everyone,
Is there any possibility within Cortex XSOAR to pull updated hash values of unwanted software from unit42?
Scenario: If we have a list of hash values of unwanted software (like Team viewer for eg) and we enrich the hash indicators us
...
Hi,
I've created a playbook to analyze some alerts related to SOC and GPO, but the alerts come with ObjectGUID and I need to convert the GUID to DisplayName.
In PowerShell, the command is simple: (Get-GPO -Guid "$GUID").DisplayName.
I tried running
...
Hi Team, I have a customer who wants to enable the "content-repository" built-in feature.
They tried the below steps:
1. First, they have enabled the feature successfully in DEV.
2. Next, when they enabled the feature in PROD, they got an error (refer
Hello everyone,
I'm trying to get the free licence of Xsoar and i'm struggling. I didn't get the link, key or instructions.
Please can someone help me with this.
Cordially.
Cortex XSOAR
Hello, I need your help. I need feeds for domain classification and another feed for phishing, to determine whether domains, emails have been compromised or not. What do you recommend for Cortex XSOAR
What feed and integration people use??
I need
Hi Team,
The customer uses the XSOAR in High Availability using OpenSearch. and the number of app servers is 2.
So is it possible to upgrade the XSOAR not stopping the server?
For ex) Stop the App server 1 and upgrade the App server 1 first, an s
...
I just had our instance migrated to 8.5. during testing we figure out that we could not update our engine using the shell program and need to do a zip deployment. The basic instructions for ZIP does not support multple engines on the same host. He
...
I've been trying to send a block message from the SlackBlockBuilder automation. However, when I try to test it out via the debugger panel, it would result in an error.
