Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

How to join slack {{#demisto-developers }} channel

Hi, I registered my account and received an email with following content: Join the Slack workspace Cortex XSOAR DFIR Community now to start collaborating! by clicking here or the button below. However, the link seems expired and I got following msg: This link is no longer active To join this workspace, you’ll need to ask the person who o...

TonyZhu by L2 Linker
  • 7412 Views
  • 12 replies
  • 1 Likes

Demisto-sdk upload doesn't allow override

Hi Community! I have a question since i can't find answer anywhere. I wonder how the demisto-sdk community update the content pack when there is a code change, in my experience. i need to upload the same pack sometimes because I changed one script but the command doesn't allow me and there is not force option. the error message is like :Could ...

Does XSOAR support multithreading/multiprocessing?

I’m currently working with Cortex XSOAR and need some guidance on optimizing the execution of a large number of tasks. Specifically, I have a scenario where I need to close out 50+ child tickets that are linked to a parent ticket. These tasks are currently being handled by a post-processing script, but the script is slow due to the sequential na...

Query on V8

Hi Team, A standard customer has some query on (cluster V8 on-prem) structure. Please find it below: 1. If we don't setup VIP in cluster configuration, we could access the Web GUI by access to any IP of the nodes ? If the node is down, is it need to manually access to another IP ?2. As per my understanding, cluster also embedded with load-bala...

Using custom machine learning models in XSOAR

Hello everyone, I am a machine learning scientist exploring ways to integrate ML algorithms with XSOAR. While I am familiar with XSOAR's AutoML features, my focus is on implementing custom models (e.g., TensorFlow or PyTorch models) within XSOAR workflows. I haven't found a straightforward method to directly integrate these models into a playb...

In the ServiceNow V2 integration, mirrored attachments are not visible on the layout.

I am using the ServiceNow V2 integration. XSOAR fetches the attachments related to an incident from ServiceNow when creating an XSOAR incident. But, when I add another attachment to that ServiceNow incident, the attachment panel does not reflect the newly added attachment. The mirroring is happening and I got the File entry in the War Room. Is t...

MParmar2 by L0 Member
  • 1937 Views
  • 2 replies
  • 0 Likes

Issue with Retrieving Entry ID for Files Attached to ServiceNow Tickets in Cortex XSOAR

We encountered a persistent issue in Cortex XSOAR when trying to retrieve the entry ID for files attached to incidents imported from a ServiceNow instance. Our objective was to access and process an Excel file attached to a ServiceNow ticket within XSOAR. Despite various attempts and methods, we were unable to successfully access the file due to...

Wassif by L1 Bithead
  • 2580 Views
  • 3 replies
  • 0 Likes

How to Send a Test Notification Email in Cortex XSOAR and Identify Available Variables?

Hi everyone, I’m trying to test the email notifications configured in Cortex XSOAR to ensure they include the correct variables (like incident severity, name, and ID). Specifically, I want to verify the notification sent to an analyst when they are assigned an incident. Here are my main questions: Is there a built-in way to send test notifica...

Welcome to the Cortex XSOAR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 654 Views
  • 0 replies
  • 0 Likes

playground query question for servicenow

Hi All, a broad question i know... but is there a way to do a query to list/output all available tables in a specific integration within the playground? and possibly even the fields with each table? this is specific to servicenow v2 ie servicenow-query-table table_name=* thanks in adv

PA_nts by L4 Transporter
  • 709 Views
  • 0 replies
  • 1 Likes

Xsoar Starting your server... Error

I am using Xsoar child tenant. However, I manually selected more than one incident and ran another playbook with the setplaybook command and suddenly Xsoar broke. When I want to reconnect through the browser, I get Starting your server error. I waited for about 3 hours, unfortunately it did not recover. When I checked the system via vmcenter, I ...

2.PNG

Looking for OTP support solution for cortex xsoar system

Hi Guys, I would like to express my interest in implementing a One-Time Password (OTP) authentication mechanism for the Cortex XSOAR login process to enhance security.My specific requirements are:- The OTP solution must be deployed on-premise to ensure full control over authentication.- It should have an application that integrates seamlessly wi...

Duxgbk by L1 Bithead
  • 2091 Views
  • 4 replies
  • 0 Likes
  • 1304 Posts
  • 45 Subscriptions