Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Resolved! Problem with setIncident command

I am working on a new automation which gets triggered dynamically from layout where in I need to check a custom attribute has changed in my remote machine, then update it on the xsoar incident. The custom attribute is a list/array. This is what I am

...

sudhesub by L1 Bithead
  • 508 Views
  • 2 replies
  • 0 Likes

Test sample in the playbook

Hi,

 

Is it possible to influence the sample data that is shown in playbook edit mode, when using Test to validate the data in any task? I find that in some playbooks it can give me to select the latest incident of that type, but on others - it only

...

Antanas by L2 Linker
  • 429 Views
  • 1 replies
  • 0 Likes

Appending Incident field from a script

Dears, 

 

I am blocking urls on a security control then save the value of URL in incident field name (blocked urls) using setIncident command, 

But every time I block new url the incident field is not appending the new url to the old url. It replace

...

Resolved! HTTPS with a Signed Certificate

Hi,

As per the below link, XSOAR on-perm services by default use self-signed certificates for secure HTTP connections. It would be great if you confirmed this would be applicable for the hosted service as well. 

 

https://docs.paloaltonetworks.com/co

...

DP696 by L2 Linker
  • 799 Views
  • 2 replies
  • 0 Likes

Free Cortex XSOAR training!

Hello to all on the youtube channel for the live community there is a 6 hour free training. You can also test the free community edition for the Cortex XSOAR and schedule a workshop if want to play with the tool a little more:

 

https://www.youtube.c

...

How to remove Integration "cache" completely

Hi,

 

We are facing an issue where the integration ran into an error trying to pull an investigation from Secureworks, where an asset was not found, and the integration kept giving the same error continuously and would not pull the next investigation

...