XSIAM and ITSM Integration question

Hi All,

anyone successfully done this to date?

my integration works in that I can communicate with ITSM ok.

however, I have the following issue.. our ITSM Dev team have provided some fields that is required from XSIAM playbook to ingest the tickets s

OT Security | XQL

Hello community,

Can someone please help me with build some XQL queries to monitor some OT environment, or give me some tips and idea for this topic.

thnx 

Post Webinar Recording on "Your Secops. Unified."

Can someone please post the recording on the latest webinar title "Your Secops. Unified" which happen last Sept 25.. Specifically the demo video for xsiam 

Is there a way to monitor the Broker VMs to see what is connecting (or attempting to connect) to them?

Is there a way to monitor the Broker VMs to see what is connecting (or attempting to connect) to them?

Is there a way in the XSIAM UI to determine what devices are attempting to connect to them (IP, protocol, and port) to observe if certain devices

Lookups to compare the difference

I am trying to find clients missing software, I found all the clients WITH the software, dumped them into a a lookup and now trying to find the difference, basically return the ones NOT in the lookup,
So something like this: 

dataset = host_inventory
|

XSOAR engine upgrade

For engine upgrade , do we have to manually run the upgrade installer file in engines or just clicking on the “ upgrade engine” button in the UI of XSiam would be enough?

Urgent Help Needed: Where Can I Find Cortex XSIAM Deployment and Service Management Training Videos?

Hi Team,

I have a new client, one urgently transitioning from QRadar to Cortex XSIAM, and I'm completely unfamiliar with XSIAM. I urgently need instructor-led training on deploying and managing this solution, as I'm unsure how to proceed. Any help

Integrating Proofpoint TAP into XSIAM

Hi,

I would like some guidance on which data source I should use when integrating Proofpoint TAP into XSIAM.

In the content pack "Proofpoint TAP" on the marketplace,

There is a data source named "Proofpoint TAP".  This data source has the abili

Rule list

I would like to see a list of rules regarding the types of incidents I receive in XSIAM.

I am not talking about IOC/BIOC 

Can anyone help with the path ?

Widget Library XQL Query

Hi All,

So in the xsiam portal under 'Dashboard and reports' there is a pre-defined list of Widgets in the library..

Within the 'system monitoring' library there is a widget called 'daily consumption' which is great to identify data sources ingestion

XSIAM Multi-Tenancy

How does multi-tenancy work for MSSPs in XSIAM? 
We are looking to use XSIAM as the core SecOps tooling to replace our current SIEM and we were wondering how does the multi-tenancy function work?  

Simple QXL Query help needed

Hi All,

withing query builder i have a very basic query as per below..

dataset = metrics_source
| fields _vendor , _product , total_size_bytes

which shows me the data sources and the amount of ingested data per source which is fine over a period