Remove apps with Playbook XSOAR XDR
Hi,
Anyone encountered the following error when executing "wfr-status"?
Dear All,
I installed the free version of XSOAR.
However, when I installed XSOAR after the 30-day free license period, the license was not applied properly when I applied the license file.
Can I get the free license again by applying again from th
...
Hey Community
Did anyone ever attach a field change trigger script to a system field?
I guess it can't be done directly but is there a work around?
Also, is there a way to run a script as soon as incident is created
Cortex XSOAR
Hi everyone! I hope you're doing well. I wanted to ask something: Is it possible for the disk usage on my XSOAR to sometimes be at 60% and other times drop below that number? I mean, without me taking any action, can the disk space percentage decreas
...
How can we set the preprocess rule to drop any incidents created by schedule jobs?
For example: any incident category=job and some incident field like description contains "False". The playbook in schedule Job, will run some tasks and condition and
...
Can someone help me? I have created an instance in the Securonix integration but I want to fetch incidents but I do not get the alerts from my SIEM SECURONIX. It should be noted that the user and everything is correct. But I would like to know if any
...
How to use, dashboard filter query in scripts?
Cortex XSOAR
I'm in the process of creating a widget and need help retrieving details of incidents that were closed within a specific week or time frame, irrespective of their creation date. Additionally, I would like to know if there's a method to achieve this w
...
Hello, used this integration guide (https://xsoar.pan.dev/docs/reference/integrations/microsoft-365-defender) and the integration pulls incidents just fine. Currently using a self-deployed application and device code flow. Problem I am running into i
...
Hello all,
I have customized a ticketing integration to our image. The last part I'm struggling with is returning values from the integration to incident fields.
My usecase is that, SOC analyst will create a ticket inside our ServiceDesk application
Is there a way to receive an alert when no incidents are fetched in XSOAR for a certain integration for by example 24 hours. Not related to integration issues but if the integration works but nothing is fetched?
Would be beneficial to know if there i
Hi all,
The current XSOAR incident report is unclear and poorly formatted. We need a properly aligned report to serve as the basis for our reporting.
Is there any way for this or any available template that we could use?
Thanks in advance.
Hi All,
My XSOAR instance is a cloud hosted environment running on the latest version 8 build.
I have a playbook that sends a notification email to a user in response to a change in their account settings to confirm if recognized. The user is req
...
Hi Guys,
After assigning an analyst to an incident we receive one email per task change from DBOT, that is very noisy and I don't see any reference on the documentation to customize the same. Highly appreciate if anyone can tell me how to get around
...