Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Can I test Playbooks with CLI?

Hi everyone,

I'd like to know if it's possible to test Playbooks via the command line interface or something similar. Currently, I always use the GUI for testing purposes, loading an incident from the debugger panel and just clicking to run. However,

...

Incident Tables in Custom Layouts

I have a custom layout containing an Linked Incidents table panel. I've edited this layout/table to present specific incident fields (columns) in a defined order. First, I've noticed this does not always show changes to these columns when editing the

...

Dynamic user input

Hi,

 

I was asked to display a dropdown with each element representing a script. A button next to the dropdown would execute the selected script. Each script requires different user input. Is there a way to ask the user for input based on what elemen

...

Looping A Sub-Playbook

Require some suggestions.

I am trying to loop a sub-playbook. 
If the exit condition is met, everything is okay. However, if max number of iterations are reached the playbook throws and error that waiting for manual input and fails. 

Anyone has any id

...

Resolved! Cortex XSOAR SSH Outbound Connection IP issue

Hello, I'm working on configuring SSH connections from Cortex XSOAR to our internal Azure-based system. To ensure secure and uninterrupted connectivity, I need to whitelist the IP address used by Cortex XSOAR for these outbound connections in our fir

...

Wassif by L0 Member
  • 136 Views
  • 1 replies
  • 0 Likes

Reopen XSOAR Incidents Bulk in XSOAR

Hello all, 

I need to reopen a large amount of incidents on Xsoar. Can anyone suggest how I can do this? 

I have tried to run both the built-in command and the automation to reopen from the run command button with the bulk incidents selected but to n

...

Resolved! XSOAR - EmailAskUserResponse

Hi I am new to XSOAR. I am trying to configure sending email to user and capturing their response via email. I used the script named ‘EmailAskUser’ to send email and then I am trying to capture the response using ‘EmailAskUserResponse’. However, it s

...

Help with feeds

Hello, I need your help. I need feeds for domain classification and another feed for phishing, to determine whether domains have been compromised or not. What do you recommend for Cortex XSOAR #

  • 889 Posts
  • 30 Subscriptions