This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Using custom machine learning models in XSOAR

Hello everyone, I am a machine learning scientist exploring ways to integrate ML algorithms with XSOAR. While I am familiar with XSOAR's AutoML features, my focus is on implementing custom models (e.g., TensorFlow or PyTorch models) within XSOAR workflows. I haven't found a straightforward method to directly integrate these models into a playb...

In the ServiceNow V2 integration, mirrored attachments are not visible on the layout.

I am using the ServiceNow V2 integration. XSOAR fetches the attachments related to an incident from ServiceNow when creating an XSOAR incident. But, when I add another attachment to that ServiceNow incident, the attachment panel does not reflect the newly added attachment. The mirroring is happening and I got the File entry in the War Room. Is t...

MParmar2 by L0 Member
  • 1852 Views
  • 2 replies
  • 0 Likes

Issue with Retrieving Entry ID for Files Attached to ServiceNow Tickets in Cortex XSOAR

We encountered a persistent issue in Cortex XSOAR when trying to retrieve the entry ID for files attached to incidents imported from a ServiceNow instance. Our objective was to access and process an Excel file attached to a ServiceNow ticket within XSOAR. Despite various attempts and methods, we were unable to successfully access the file due to...

Wassif by L1 Bithead
  • 2305 Views
  • 3 replies
  • 0 Likes

How to Send a Test Notification Email in Cortex XSOAR and Identify Available Variables?

Hi everyone, I’m trying to test the email notifications configured in Cortex XSOAR to ensure they include the correct variables (like incident severity, name, and ID). Specifically, I want to verify the notification sent to an analyst when they are assigned an incident. Here are my main questions: Is there a built-in way to send test notifica...

Welcome to the Cortex XSOAR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 593 Views
  • 0 replies
  • 0 Likes

playground query question for servicenow

Hi All, a broad question i know... but is there a way to do a query to list/output all available tables in a specific integration within the playground? and possibly even the fields with each table? this is specific to servicenow v2 ie servicenow-query-table table_name=* thanks in adv

PA_nts by L4 Transporter
  • 653 Views
  • 0 replies
  • 1 Likes

Xsoar Starting your server... Error

I am using Xsoar child tenant. However, I manually selected more than one incident and ran another playbook with the setplaybook command and suddenly Xsoar broke. When I want to reconnect through the browser, I get Starting your server error. I waited for about 3 hours, unfortunately it did not recover. When I checked the system via vmcenter, I ...

2.PNG

Looking for OTP support solution for cortex xsoar system

Hi Guys, I would like to express my interest in implementing a One-Time Password (OTP) authentication mechanism for the Cortex XSOAR login process to enhance security.My specific requirements are:- The OTP solution must be deployed on-premise to ensure full control over authentication.- It should have an application that integrates seamlessly wi...

Duxgbk by L1 Bithead
  • 1895 Views
  • 4 replies
  • 0 Likes

Updating Cortex XDR EDL from XSOAR

Hello LiveComm, I am building a use-case in which we want to update and manage the Cortex XDR EDL from the XSOAR. We do not want just to create new IOC's but rather we want to interact with the EDL so that Firewalls can access it correctly. From what I have read on the various documentation the Cortex XDR EDL is not available for API access (M...

XSOAR - domain_name and domain_id not mapped - Even not reflecting in past incidents

I get the hard time to mapped the domain_id under the Label section coming from Qradar data. The mentioned fields not parsed at the first place, luckily the domain_id is found in the Qradar_instance and mapped by creating the new incident field. Issue: The new incident field for domain_id not being updated in the past incident, need suppor...

Query on creating custom docker images

Hi, I have some questions regarding creating the custom docker images.1. Is it possible to create the custom docker images not using the war room? In the docs, the docker images can be created via war room command, but I want to create docker image in the soar server using the ssh connection.Is it okay to create the custom docker image at the se...

PCSAE exam question

Which ones are true?I thought it is BD but some sources say it is CD Which two statements describe how timers are configured to start and stop automatically in a playbook? (Choose two.) A. Use a field of Number to count the number of seconds elapsed between two tasks B. After the playbook has run, calculate the total time taken and set the ti...

Too much data to present, content was truncated.

SOAR is currently displaying only 49 values and then showing the message: "Too much data to present, content was truncated." Do you have any suggestions on how we can store the entire output? I’ve already saved all the values as a PDF attachment. Is there a way to search for a specific keyword within the PDF? Does XSOAR provide a command for this?

Assistance with Cortex XSOAR and Firewall Integration

Hi guys, I have a question regarding the integration of Cortex XSOAR with a firewall. Could anyone guide me on how to set this up? Additionally, if there are any reference materials or documentation that could assist. I would greatly appreciate it if you could share them. Thanks in advance for your help!

  • 1298 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks