Jira and Teams XSIAM Integration

This is in XSIAM. When I create an instance in "Automation and Feed integrations" I can see that it creates one in the "Data sources" section as well. I do not want the logs from Teams in XSIAM and hence to not want an instance in the "Data sources"

Options to onboard Microsoft Message trace logs into XSIAM

As we have an option in Splunk to see the all the message tracking logs through Microsoft message trace app, do we have any similar app to integrate?

Cortex XSIAM 

Extract Incident context data using 'set' script

Hi All

very simple task running the 'set' script in a very basic playbook in xsiam

i am trying to pull the 'xsiam url link to the incident' from the incident context data ${parentIncidentFields.xdr_url} into a set task.. but it keeps showing as empty

Agent Not updating

Hi,

We have Windows clients which are sometimes not on the network nor connected to the internet. Their agent does not get updated. Tell me what other solutions we have to get it updated

Forcepoint proxy integration with XSIAM

Hi Palo Team, I am trying to onboard Forcepoint proxy logs into XSIAM, but i couldn't found any marketplace app/supporting datamodel.

Could someone help/guide to onboard the forcepoint proxy logs.

additionally referring to Splunk where we have a option

How to group related alerts in XSIAM and create a unique incident

Hi dear community :):  I have a question

Several alerts are forwarding in my Cortex XSIAM system coming from Microsoft Defender, these alerts have different names but all of them are part of a unique incident in MDefender and have a unique event ID. 

How to take XISM dataset backup/ Clone xsiam dataset

I am looking for the queries/procedure to take the XISM dataset backup/Clone dataset

Create Dataset XSIAM

I want to create a dataset to send certain types of logs to this dataset. For example, I want to create a dataset linux_facility_1 for example. Then I want to create a pharse with Ingest that "throws" all the logs of type facilty=1 to this dataset.

I

Output of prevalence commands

Hi

I have been searching around online, both on https://xsoar.pan.dev/ and looking at looking at the source code on github, for the Core - Investigation & Response integration. In order to figure what the values returned by the analytic prevalence co

Context polling playbook

In XSIAM playbook,I’m trying to fetch the incident status. When the incident status is changed to for eg under_investigation I want to my playbook to run a certain task. 
for this I want use context polling sub playbook 

key : parentIncidentFields.sta

How to write a data model to map to an authentication story

We are creating a data model and have questions like:

==============================================

We are aware that the method of mapping to an authentication story requires defining the following,
as described in the documentation.

However, w

XSIAM Incidents notes and messenger

Hi everyone,

I am trying to get all the information added to the Notepad or Messenger fields (Incident Discussion) from the incidents.
I do not need the information contained in the RESOLVE_COMMENT column of the incidents table.
Would it be possible

About cross-tabulation in XQL

Hi

Is it possible to execute PIVOT on the results of XQL execution?

For example, if I execute an XQL query on the following table

1/1/2025 allow hostname
1/1/2025 deny hostname
1/2/2025 allow hostname
1/2/2025 allow hostname
1/3/2025 deny hostname
1/3/2