This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

SQL results into layout

Hi ,

 

I’m running a playbook that generates multiple SQL results. What are the best practices for displaying these effectively in the incident layout? Should I use Markdown, custom sections, or widgets? Any tips for handling this?

 

Thanks!

XSOAR Feature Request

Hello all xsoar enthusiasts,

 

There is a FR that helps us to make xsoar a better place for MS Defender integration. Please upvote this FR here: Add Microsoft Sentinel | Cortex XSOAR Customer Feature Request

FR Description:
Palo Alto offers a range of

...

ServiceNow Developer looking for ideas

Hello all,

 

     I am a ServiceNow developer that is assisting a user that is using the XSOAR integration.  The user is using the XSOAR application to run queries on my SN instance, but is not getting any results.  I have checked his API account and

...

Child Incident Evidence In Parent

Hello!

I need to mark some child incident entries as notes and evidence in the parent incident.

I have found ways in which you can pass the entries to the parent and then mark them as note/evidence in the parent. However, I would like to have an auto

...

nickvus0 by L0 Member
  • 754 Views
  • 1 replies
  • 0 Likes

Remove apps with Playbook XSOAR XDR

I would like to know about your experience. How do you handle uninstalling software on specific devices that are not allowed and need to be removed via Cortex XDR with Cortex XSOAR  Playbooks without the user see the uninstall.

tlmarques by L4 Transporter
  • 722 Views
  • 1 replies
  • 0 Likes

Resolved! About XSOAR Free Edition Licenses

Dear All,

 

I installed the free version of XSOAR.
However, when I installed XSOAR after the 30-day free license period, the license was not applied properly when I applied the license file.

 

Can I get the free license again by applying again from th

...

Resolved! Field Change Script To System Fields

Hey Community
Did anyone ever attach a field change trigger script to a system field?

I guess it can't be done directly but is there a work around?

 

Also, is there a way to run a script as soon as incident is created

 

Cortex XSOAR 

Securonix

Can someone help me? I have created an instance in the Securonix integration but I want to fetch incidents but I do not get the alerts from my SIEM SECURONIX. It should be noted that the user and everything is correct. But I would like to know if any

...

mgamarra by L0 Member
  • 632 Views
  • 0 replies
  • 0 Likes
  • 1275 Posts
  • 43 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks