Hello, I have a Redhat OS Ver9, we installed the .sh xsoar on top of that, after the installation we found the below: However, the CLI service status show: How can we fix that?
Hello everyone, I’m currently using Cortex XSOAR version 6.12 along with the IBM QRadar content pack version 2.5.7 (1602991). The pack includes two mappers for incoming incidents: QRadar - Generic Incoming Mapper QRadar - Incoming Mapper However, I’ve noticed that the default configuration of both mappers only maps a few fields from the incide...
Hi everyone, I’m working on a QRadar integration (v2.5.7) in Cortex XSOAR (v6.12) and need to generate a JSON file for a specific offense to use in several scenarios, such as configuring an incident classifier. For example, in the classifier editor, you can upload a JSON file to analyze the data structure and map the fields correctly. Here’s t...
Hello All, As the title implies, I would like to get the community edition free trial for a project. Would it be possible to get community access for 30 days as a university student? Any help would be appreciated.
Does anyone have knowledge of how to integrate the EWS O365 application, in its latest version and considering that O365 no longer supports Impersonation rights. Specifically, what permissions or roles were granted in Entra ID on the business application. I would appreciate any related information. https://xsoar.pan.dev/docs/reference/integrat...
Hi,we have an issue regarding classifiers, and we would like to ask if it is possible to interact with them using an automation or from the API. Specifically, I am interested in understanding:- Whether XSOAR provides built-in capabilities or tools for automating classification based on incident data.- Whether it is possible to update the classif...
I want to change my production environment XSOAR to DEV environment, and after that i will create new production environment. I want to know how to move the production to dev including changing the IP
Hey, we conducted a final test of the phishing playbook, and everything appeared to be functioning properly. Once the playbook completes, it is supposed to generate a report as usual. However, the report is being generated as a blank page, which wasn’t the case previously. I suspect this might be related to timeout settings. I referred to some d...
Hello XSOAR Community, I’m encountering an issue when deploying Cortex XSOAR v8.7 on a Nutanix environment. Every time I create a VM using the provided OVA file, the VM fails to boot and displays the error: “Boot device not found. Please install an operating system, or play 2048.” I’ve double-checked the deployment steps and ensured the OVA file...
Hi 😀, I’m running a playbook that generates multiple SQL results. What are the best practices for displaying these effectively in the incident layout? Should I use Markdown, custom sections, or widgets? Any tips for handling this? Thanks!
Hello all xsoar enthusiasts, There is a FR that helps us to make xsoar a better place for MS Defender integration. Please upvote this FR here: Add Microsoft Sentinel | Cortex XSOAR Customer Feature RequestFR Description:Palo Alto offers a range of Microsoft integrations such as: Microsoft 365 Defender, Microsoft Graph Security, Microsoft Senti...
Hello all, I am a ServiceNow developer that is assisting a user that is using the XSOAR integration. The user is using the XSOAR application to run queries on my SN instance, but is not getting any results. I have checked his API account and it works fine in Postman. I shared the Postman information with my customer and it worked fine ...
Hello! I need to mark some child incident entries as notes and evidence in the parent incident. I have found ways in which you can pass the entries to the parent and then mark them as note/evidence in the parent. However, I would like to have an automation in the child incident playbook which would automatically mark the entries as note/evidence...
Hello, I'm trying to build a transformer that given a IP gives back the reverse dns. However, it seems that using commands in transformers is not allowed. Am I wrong?
Hello Live Community, I am working on a use-case that requires me to copy incident files of any kind from within linked incidents and copy them to the main incident to be saved as evidence. I have tried the getentries command but an entryID does not suffice as the physical file is not copied t my incident. Does anyone have an idea on how to do t...
| User | Likes Count |
|---|---|
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
