Cortex XSOAR Discussions

Does XSOAR support multithreading/multiprocessing?

I’m currently working with Cortex XSOAR and need some guidance on optimizing the execution of a large number of tasks. Specifically, I have a scenario where I need to close out 50+ child tickets that are linked to a parent ticket. These tasks are currently being handled by a post-processing script, but the script is slow due to the sequential na...

Query on V8

Hi Team, A standard customer has some query on (cluster V8 on-prem) structure. Please find it below: 1. If we don't setup VIP in cluster configuration, we could access the Web GUI by access to any IP of the nodes ? If the node is down, is it need to manually access to another IP ?2. As per my understanding, cluster also embedded with load-bala...

Skip Docker Validation

Hello, What is the meaning of this Screenshot, and how we can fix it:

Need to know the fixed latest docker image version of CVE-2023-52426

Hi Team, The Prisma cloud scans the CVE-2023-52426 in the docker image demisto/pandas:1.0.0.86039 and the package version is 2.5.0-r2 and is fixed in 2.6.0-r0. The customer wants to know in what version of the docker images, the CVE is resolved. So we need to know what tag version the CVE-2023-52426 is resolved?

Using custom machine learning models in XSOAR

Hello everyone, I am a machine learning scientist exploring ways to integrate ML algorithms with XSOAR. While I am familiar with XSOAR's AutoML features, my focus is on implementing custom models (e.g., TensorFlow or PyTorch models) within XSOAR workflows. I haven't found a straightforward method to directly integrate these models into a playb...

In the ServiceNow V2 integration, mirrored attachments are not visible on the layout.

I am using the ServiceNow V2 integration. XSOAR fetches the attachments related to an incident from ServiceNow when creating an XSOAR incident. But, when I add another attachment to that ServiceNow incident, the attachment panel does not reflect the newly added attachment. The mirroring is happening and I got the File entry in the War Room. Is t...

Issue with Retrieving Entry ID for Files Attached to ServiceNow Tickets in Cortex XSOAR

We encountered a persistent issue in Cortex XSOAR when trying to retrieve the entry ID for files attached to incidents imported from a ServiceNow instance. Our objective was to access and process an Excel file attached to a ServiceNow ticket within XSOAR. Despite various attempts and methods, we were unable to successfully access the file due to...

How to Send a Test Notification Email in Cortex XSOAR and Identify Available Variables?

Hi everyone, I’m trying to test the email notifications configured in Cortex XSOAR to ensure they include the correct variables (like incident severity, name, and ID). Specifically, I want to verify the notification sent to an analyst when they are assigned an incident. Here are my main questions: Is there a built-in way to send test notifica...

Welcome to the Cortex XSOAR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

playground query question for servicenow

Hi All, a broad question i know... but is there a way to do a query to list/output all available tables in a specific integration within the playground? and possibly even the fields with each table? this is specific to servicenow v2 ie servicenow-query-table table_name=* thanks in adv

Xsoar Starting your server... Error

I am using Xsoar child tenant. However, I manually selected more than one incident and ran another playbook with the setplaybook command and suddenly Xsoar broke. When I want to reconnect through the browser, I get Starting your server error. I waited for about 3 hours, unfortunately it did not recover. When I checked the system via vmcenter, I ...

Unavailable Docker Image while trying to update a content pack?

Hello, I tried to update Virus total however facing the below: using the command: podman pull demisto/pack but still newer packs are appeared!

Looking for OTP support solution for cortex xsoar system

Hi Guys, I would like to express my interest in implementing a One-Time Password (OTP) authentication mechanism for the Cortex XSOAR login process to enhance security.My specific requirements are:- The OTP solution must be deployed on-premise to ensure full control over authentication.- It should have an application that integrates seamlessly wi...

Updating Cortex XDR EDL from XSOAR

Hello LiveComm, I am building a use-case in which we want to update and manage the Cortex XDR EDL from the XSOAR. We do not want just to create new IOC's but rather we want to interact with the EDL so that Firewalls can access it correctly. From what I have read on the various documentation the Cortex XDR EDL is not available for API access (M...

XSOAR - domain_name and domain_id not mapped - Even not reflecting in past incidents

I get the hard time to mapped the domain_id under the Label section coming from Qradar data. The mentioned fields not parsed at the first place, luckily the domain_id is found in the Qradar_instance and mapped by creating the new incident field. Issue: The new incident field for domain_id not being updated in the past incident, need suppor...

Discussions