Cortex XSOAR Discussions

Pre Processing Rules Logs

Dear Experts,

I have configured Cortex XSOAR to ingest cases/alerts, but for certain conditions, I want to prevent these from becoming incidents or triggering playbooks. I’ve created a script to drop alerts that meet specific criteria. However, I nee

Problem 1 in 1,000,000? I hope not

hello community! I hope you are doing well. I'm here to ask a question that PAN support didn't know how to deal with and maybe some of you have already gone through the same thing. It was Saturday morning and xsoar and its functions were completely f

XSAOR - 503 Service Temporarily Unavailable Issue

Hello,

I'm currently implementing Cortex XSOAR On-Prem 8.8. I'm fairly new to this product. 

I have deployed the VM and cluster configuration completed successfully. I was able access GUI and do the basic configurations. After I updated the versi

Integration of SIEM Instances with Load Balancer IPs

Can we integrate two instances of the SIEM, given that both IP addresses belong to the same SIEM but are associated with load balancer IPs? However, if we integrate both instances, there is a slight chance of data duplication. What would be the best

Cannot add Links between Tasks - messed up in browser.

Hi All,

Weird one.. so recently this started and I tried chrome, firefox and edge.. all does the same.. even in private windows.

i can edit a playbook, add tasks etc.. but when i try to add the 'link' between tasks, the link either disappears or sh

whois integration issue

Hi Everyone, I am enriching domain with domain command of whois but i got issue if any one of domain has no data at their server side for example [Domain1,Domain2] whois will return error if any one of domain data is missing. I just want if no data f

proofpoint-tr-get-list (Gets items for the specified list)

Hello,

In proofpoint threat response integration there is a command : proofpoint-tr-get-list (Gets items for the specified list). I need some guidance on what this command do and what list ID needs to provide to get contents?

proofpoint-tr-get-list

XSOAR CMDB - SQL issue

Hi everyone,

I'm trying to use Cortex XDR and Cortex XSOAR to build a basic CMDB
In my XSOAR playbook, I run an XDR XQL query, then try to insert the results into an SQL database using the sql-command automation.

The command looks like this:

INSERT INTO

Not able to link more than 50 incident into first incident

Hi Team,

I want the know in one incident how many incident we can link using pre-processing rule. Is there is any limitation kindly let us know.

Currently i am not able to link more than 50 incident into one incident.

Cortex XSOAR 

Question about the execution of the Set Assignee Task

In my playbook, I have a task that runs the Set Assignee Task script, sending an email as a parameter. During the flow execution, this task remains in the waiting status, displaying the message: waiting for user input to continue this task. I would l

Problem with Cisco WSA Proxy integration

Hello Team,

I have a problem with Cisco WSA Proxy integration.

I'm trying to connect XSOAR with Cisco WSA Proxy through Cisco WSA v2 integration. The user for this API has full administrator rights, authentication is successful, and I get a respon

Adding a Timestamp/Date to Custom Report Subject

Hola Livecomm,

I have a very trivial question; I want to define a custom subject for my reports to include the date or timestamp of when it runs. I have researched this extensively and have found the Server Configuration Key for this but it does not

Where is the XSAOR 8 CLI Reference?

In the XSOAR 8.x documentation there are examples of CLI commands, including Integration commands, system commands, and information about how to escape specific characters.

However, try as I might, I can't seem to find an authoritative XSOAR CLI refer

Customfield in JIRA

Hi,
I have integrated JIRA with XSOAR.
I have created a custom field in JIRA which has a dropdown list with options. I want the value to be populated in JIRA by XSOAR.
I am using jira edit issue automation where I am providing {"fields":{"customfield_xy