This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Query on creating custom docker images

Hi, I have some questions regarding creating the custom docker images.1. Is it possible to create the custom docker images not using the war room? In the docs, the docker images can be created via war room command, but I want to create docker image in the soar server using the ssh connection.Is it okay to create the custom docker image at the se...

PCSAE exam question

Which ones are true?I thought it is BD but some sources say it is CD Which two statements describe how timers are configured to start and stop automatically in a playbook? (Choose two.) A. Use a field of Number to count the number of seconds elapsed between two tasks B. After the playbook has run, calculate the total time taken and set the ti...

Too much data to present, content was truncated.

SOAR is currently displaying only 49 values and then showing the message: "Too much data to present, content was truncated." Do you have any suggestions on how we can store the entire output? I’ve already saved all the values as a PDF attachment. Is there a way to search for a specific keyword within the PDF? Does XSOAR provide a command for this?

Assistance with Cortex XSOAR and Firewall Integration

Hi guys, I have a question regarding the integration of Cortex XSOAR with a firewall. Could anyone guide me on how to set this up? Additionally, if there are any reference materials or documentation that could assist. I would greatly appreciate it if you could share them. Thanks in advance for your help!

Resolved! Default Field Mapping in QRadar Content Pack 2.5.7 on XSOAR 6.12

Hello everyone, I’m currently using Cortex XSOAR version 6.12 along with the IBM QRadar content pack version 2.5.7 (1602991). The pack includes two mappers for incoming incidents: QRadar - Generic Incoming Mapper QRadar - Incoming Mapper However, I’ve noticed that the default configuration of both mappers only maps a few fields from the incide...

How to Export JSON of a Specific QRadar Offense for XSOAR Use

Hi everyone, I’m working on a QRadar integration (v2.5.7) in Cortex XSOAR (v6.12) and need to generate a JSON file for a specific offense to use in several scenarios, such as configuring an incident classifier. For example, in the classifier editor, you can upload a JSON file to analyze the data structure and map the fields correctly. Here’s t...

Problem integrating EWS O365 application into XSOAR

Does anyone have knowledge of how to integrate the EWS O365 application, in its latest version and considering that O365 no longer supports Impersonation rights. Specifically, what permissions or roles were granted in Entra ID on the business application. I would appreciate any related information. https://xsoar.pan.dev/docs/reference/integrat...

S.Vilca by L0 Member
  • 778 Views
  • 0 replies
  • 0 Likes

Update Classifier from API

Hi,we have an issue regarding classifiers, and we would like to ask if it is possible to interact with them using an automation or from the API. Specifically, I am interested in understanding:- Whether XSOAR provides built-in capabilities or tools for automating classification based on incident data.- Whether it is possible to update the classif...

MViafora by L0 Member
  • 1531 Views
  • 3 replies
  • 0 Likes

Prod to dev

I want to change my production environment XSOAR to DEV environment, and after that i will create new production environment. I want to know how to move the production to dev including changing the IP

Cortex XSOAR report blank page

Hey, we conducted a final test of the phishing playbook, and everything appeared to be functioning properly. Once the playbook completes, it is supposed to generate a report as usual. However, the report is being generated as a blank page, which wasn’t the case previously. I suspect this might be related to timeout settings. I referred to some d...

Issue with Nutanix VM Creation for XSOAR v8.7 - "Boot Device Not Found"

Hello XSOAR Community, I’m encountering an issue when deploying Cortex XSOAR v8.7 on a Nutanix environment. Every time I create a VM using the provided OVA file, the VM fails to boot and displays the error: “Boot device not found. Please install an operating system, or play 2048.” I’ve double-checked the deployment steps and ensured the OVA file...

userLoginName_0-1734439349102.png

SQL results into layout

Hi 😀, I’m running a playbook that generates multiple SQL results. What are the best practices for displaying these effectively in the incident layout? Should I use Markdown, custom sections, or widgets? Any tips for handling this? Thanks!

XSOAR Feature Request

Hello all xsoar enthusiasts, There is a FR that helps us to make xsoar a better place for MS Defender integration. Please upvote this FR here: Add Microsoft Sentinel | Cortex XSOAR Customer Feature RequestFR Description:Palo Alto offers a range of Microsoft integrations such as: Microsoft 365 Defender, Microsoft Graph Security, Microsoft Senti...

  • 1302 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks