Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Resolved! Custom Automation issue

Hi , 
I created a custom automation in python and in one point I need to retrieve a value from the incident the automation was running on.
For example , in a playbook there is an automation set to status=[ERROR,SUCCESS,ERROR,ERROR] and after that there

...

Extract some fields from csv file

Hi,

 

I have exported a output of splunk query in csv format using exporttocsv automation in a playbook. Now I wanted to use a column of this csv output to be a input for other task. Any one can please suggest if this is possible.

Himangi by L2 Linker
  • 457 Views
  • 1 replies
  • 0 Likes

Resolved! AWS - IAM Identity Center Integration

Hi All,

 

Thank you in advance.

 

I am facing an issue currently in integrating the AWS - IAM Identity Center Community Contribution. I am not able to find the relevant information for the integration such as Role Session Name, and Role Session durat

...

Netskope API v2 error in XSOAR

XSOAR does not parse properly the ids from Netskope. It changes the last two digits with zeros. These errors are in the official XSOAR documentation. Example:

"incident_id": 1478029261577663500

"app_session_id": 4359394467077842400

"browser_session_i

...

SanDev by L2 Linker
  • 544 Views
  • 2 replies
  • 0 Likes

Auto Incidnet closure

Dear Community,

 

I'm looking for a way to daily automatically close all incidents with specific criteria.

 

I'm trying to archive that using jobs , I'm trying to create a playbook the query incidents (with specific criteria) and whatever the query o

...

Issue with talos integration

Dear Community,

 

I'm getting the following issue in Talos integration.

 

Error
(November 26, 2023 1:29 PM)

Error in Talos Feed Integration. Verify that the server URL parameter is correct and that you have access to the server from your host. (85)

...

talos.png

Installation of cortex SOAR offline

Dear All,

i was trying to install COrtext SOAR in an Airgap (offline)Enviorment with no internet where i was refering cortex offline installation guide, and i i could not complte the installation and stuck in uploading docker dependaci file  to which

...

  • 932 Posts
  • 30 Subscriptions