XSOAR - domain_name and domain_id not mapped - Even not reflecting in past incidents

I get the hard time to mapped the domain_id under the Label section coming from Qradar data. 

The mentioned fields not parsed at the first place, luckily the domain_id is found in the Qradar_instance and mapped by creating the new incident field. 

Query on creating custom docker images

Hi, I have some questions regarding creating the custom docker images.

1. Is it possible to create the custom docker images not using the war room? In the docs, the docker images can be created via war room command, but I want to create docker image i

PCSAE exam question

Which ones are true?I thought it is BD but some sources say it is CD

Which two statements describe how timers are configured to start and stop automatically in a playbook? (Choose two.)

• A. Use a field of Number to count the number of seconds elapse

Too much data to present, content was truncated.

SOAR is currently displaying only 49 values and then showing the message: "Too much data to present, content was truncated." Do you have any suggestions on how we can store the entire output? I’ve already saved all the values as a PDF attachment. Is

Assistance with Cortex XSOAR and Firewall Integration

Redhat9 with Docker Issue

Hello,

I have a Redhat OS Ver9, we installed the .sh xsoar on top of that, after the installation we found the below:

However, the CLI service status show:

How can we fix that?

How to Export JSON of a Specific QRadar Offense for XSOAR Use

Hi everyone,

I’m working on a QRadar integration (v2.5.7) in Cortex XSOAR (v6.12) and need to generate a JSON file for a specific offense to use in several scenarios, such as configuring an incident classifier. For example, in the classifier edit

Cortex XSOAR community edition for a university student

Hello All,

As the title implies, I would like to get the community edition free trial for a project. Would it be possible to get community access for 30 days as a university student?

Any help would be appreciated. 

Problem integrating EWS O365 application into XSOAR

Does anyone have knowledge of how to integrate the EWS O365 application, in its latest version and considering that O365 no longer supports Impersonation rights. Specifically, what permissions or roles were granted in Entra ID on the business applica

Update Classifier from API

Hi,
we have an issue regarding classifiers, and we would like to ask if it is possible to interact with them using an automation or from the API.

Specifically, I am interested in understanding:
- Whether XSOAR provides built-in capabilities or tools fo

Prod to dev

I want to change my production environment XSOAR to DEV environment, and after that i will create new production environment.

I want to know how to move the production to dev including changing the IP  

Cortex XSOAR report blank page

Hey, we conducted a final test of the phishing playbook, and everything appeared to be functioning properly. Once the playbook completes, it is supposed to generate a report as usual. However, the report is being generated as a blank page, which wasn

Issue with Nutanix VM Creation for XSOAR v8.7 - "Boot Device Not Found"

Hello XSOAR Community,

I’m encountering an issue when deploying Cortex XSOAR v8.7 on a Nutanix environment. Every time I create a VM using the provided OVA file, the VM fails to boot and displays the error:

“Boot device not found. Please install an o

SQL results into layout

Hi ,

I’m running a playbook that generates multiple SQL results. What are the best practices for displaying these effectively in the incident layout? Should I use Markdown, custom sections, or widgets? Any tips for handling this?

Thanks!