Cortex XSOAR Discussions

XSOAR EWS 2022 Integration

As you know, the current EWS integration is limited to Exchange 2019. Could you please confirm if there are any plans to extend support for Exchange 2022? Additionally, are there any recommended workaround solutions for implementing inbox monitoring

Conditional saying Any conditon is true

Is there a xsoar conditional that can say if any condition is true, continue on the path for that true condition?

[Cortex XSOAR] Integration TIM to SIEM Elastic

Hello Team,

I have a case that must integrate indicator from TIM Cortex XSOAR to SIEM 3rd Party like Elastic. Is there any documentation about how to integrate indicator from TIM for Elastic? Because when I search in documentation from Cortex XSOAR

Still waiting on XSOAR Community Edition + Cortex XDR lab access

Hello everyone,

I signed up for the XSOAR Community Edition a few days ago and also showed interest in Cortex XDR for lab use. Haven’t received any emails or access yet — just got the usual “someone will be in touch” message.

Is this still a thin

How to Handle High-Volume Email Events in XSOAR Without Overloading the System

Hello guys,

I am currently working on Use Case for my organization to handle email threats that bypass our Trend Micro Email Security (TMS) gateway.

Context

• My organization uses Trend Micro Email Security as the email gateway.

• Some phishing, spam,

WHOIS Integration - Connection Refused Errors

Hi All,

I am using hois integration to use "domain" command. I sometimes have array of strings for domains and sometimes single string and in most of cases whois return results to me but i got sometimes "Connection Refused" Issue. I already adjusted

XSOAR - Execute Commands in Transformer

Hello I was doing a transformer automation and I wanted to execute a command inside it and it works perfectly when I run it on the playground, however when I use it as a transformer it gives me the error Missing invoking entry (7) does anyone know ho

Update XSOAR Incident via API - version issues

I am trying to update XSOAR Incidents via API, but am having issues with the Optimistic lock and incident versions etc.

I can create incidents via API call and can also get the information from incidents via API. 

When I create a new incident in our

Retrieve screenshots from Notes section

Hi!

We are trying to give more importance to XSOAR within our SOC processes. As part of the changes we are introducing, we want all alert documentation to be done from now on in the 'Notes' section of each XSOAR incident.

The issue we are facing

Looking for 2FA/MFA/OTP Solution to Support Authentication for Cortex XSOAR v8 (On-Prem)

Hi everyone,

I'm currently exploring ways to enhance the security of our Cortex XSOAR v8 environment (deployed on-premise) by implementing an OTP / 2FA / MFA authentication mechanism for the login process.

Here are the key requirements:

• The solution

Export Playbook and Import

Hi,

Iam trying to figure out how to perform the following:

Export a playbook, overwrite some of its tasks (send-mail Exchange) and upload the playbook back to XSOAR.

I found in Docu an API for playbook import as yaml but no export API.

If Anyone co

XSOAR 6.x compatible with Vsphere 8

Hi Team,

I have a customer who wants to know whether the xsoar 6.x version is compatible to vsphere version 8.

Please assist.

SSL VS TLS Active Directory Authentication

what version of SSL and TLS version is used here?

our AD is listening to TLS and not SSL. but only ssl can work and TLS get these errors. 

XSOAR 6.X with expired Elastic Search Enterprise license

XSOAR 6.13 with expired Elastic Search Enterprise license is not working properly. Can I downgrade to the Elastic Search basic license until it get purchased to restore the XSOAR operations?

After purchased the Enterprise license, can I upgrade again