Hi everyone! I have a question about the XSOAR Bot in Slack. If you send anything to the bot, it responds with a message like this:
Hi community,
I'd like to enquire whether Cortex XSOAR can create BIOC rules from our xdr integration.
Cortex XDR Cortex XSOAR
Is there any way to set a task within a playbook so that it does NOT execute if all the "arrows" pointing to it haven't completed their execution yet? For example, in the following image, I would like the "Close Investigation" task to execute only if
...
Hi team
Where we have multiple XDR tenants integrated into XSOAR, how can a playbook determine which tenant they are working with? For e.g. by running "!xdr-update-incident", the incident identifier is the XDR incident ID ("incident_id") which the
...
Has anyone done something like this before? I know that it requires some scripting, but I am not too sure how to do so, given that it has to be work on the "Duration" / "Number" widget.
Would appreciate some guidance here, thank you in advance!
Hello,
we are working on a playbook that needs to run a single task on 10 different instances of the same integration. Currently, the only way we know to handle this is by creating a separate sub-playbook for each instance, with the task configured to
I'm currently developing a phishing email playbook that includes the ML module DBotPredictOutOfTheBoxV2, which is causing issues. Upon investigation, I found that the Machine Learning content pack is installed, but the Demisto image demisto/ml is not
I currently have 5 SOAR licenses contracted. However, I have a question: Does the Admin user consume a license? It should be noted that this user has been assigned the administrator role.
Hi,
I have been looking for a solution to block multiple IP's at the same time using pan-os integration. Is there any way where multiple IP's are given as input to block from firewall.
Hey,
I have a xsoar instance hosted by PA (saas access) and today none of my containers seems to work. Any script run gives the following message
Error from Scripts is : Script failed to run: "docker images demisto/python3:3.10.13.86272" with error "...
Hello,
Since we use XSOAR 8.6.0 OVA and the SSH user (Viewer) does not have authority to use sudo to alter the hosts file on the OVA, I need to add local domains to the Cortex XSOAR hosts file. Is there another SSH user with the highest privileges
...
Hi all,
I'm developing a playbook for Cortex XSOAR that sends a number of queries to our SIEM in parallel and uploads the results as files to an incident. I want to introduce subsequent steps that all depend on the files existing, however I cannot
...
Hi,
Does anyone have a #Cortex XSOAR sync with a MISP server (bidirectional sync)?
I have two objectives:
Hi,
I installed engine using Shell following instructions on https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/8/Cortex-XSOAR-Administrator-Guide/Install-an-Engine. Then when trying to configure Syslog v2 integration I got multiple errors. F
...
Hi Team,
We are encountering a connection timeout issue when attempting to create incidents in Cortex XSOAR using a custom QRadar integration. Based on our observations, we suspect this issue is due to low IOPS on XSOAR, as low as 100, despite the
...
