Hi everyone,
I get data from splunk with the "search index=notable" query using Splunkpy. I assign the incoming data to the type named Splunk Generic Notable by default. Here, when an incident occurs, there are fields such as event_code, process_name
Hi Team,
We planned to integrate the IOC push from Cortex XSOAR to other tools, for example, Palo Alto firewalls, other firewalls, SIEM tools, and XDR tools. Is this possible? If so, could you please share any documentation or guidance?
Hello everybody,
I have a question regarding HTML fields in XSOAR. So I have a Python script to get data from a table but I'm wondering how do I configure an HTML field so that the data my script returns is displayed in an HTML format? I tried conn
...
Hi all!,
I'm having issues trying to update the incident.Hostnames field.
I'm receiving an alert which involve different hostnamed, for the sake of simplicity and to track easier the incidents we want to add the hostnames to th
...
**This question was asked during Part 1 of the webinar series: Indicator Management. You may review the recording here
If we are using Bolt database and an indicator is expired and has a last seen date of September 1, 2023 - does that mean it exis
...
Estimados tengo implementado un playbook en Xsoar que usa varias fuentes de enriquecimiento y se ha identificado que Barracuda esta identificando como IP maliciosa, IPs de redes solciales como facebook, instagram, whatssap, etc y otras publicas de la
...
Hi All,
It seems like I can't find anything about HA setup for the community version.
I wanted to try out to do a HA setup (Active/Passive) in the community version before proceeding to the enterprise version.
Appreciate all the help from all.
Hi Everyone,
I am creating a automation which shows a dynamic drop down list as input to user using List options of arguments but I am not able to find any way to do this.
Anything I give in highlighted text box is static to user but I want to list d
...
Cortex XSOAR
Hi community,
Can I get a few sample automation scripts in Python implementing any use cases or achieving any useful task via XSOAR. Any links to such a resource
#Cortex XSOAR
Hi,
Is there a way of creating parallel processing inside an automation in Python ?
My goal is to execute the same function on multiple incidents (pausing and/or starting timers).
The thing is, sometimes we have a lot of incidents an
...
Hi,
I would like to ask for help on how to be able to implement within XSOAR the ability to determine which playbooks and automation can be executed or viewed by the user via the command line (by typing !) while still having the ability for the same u
We encountered a persistent issue in Cortex XSOAR when trying to retrieve the entry ID for files attached to incidents imported from a ServiceNow instance. Our objective was to access and process an Excel file attached to a ServiceNow ticket within X
...
How can I create a customised incident summary report with tables, merged cells etc我? And then populated with incident fields information?
Hi All,
We were reviewing the prerequisites document for Cortex XSOAR installation from the below link
https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.11/Cortex-XSOAR-Administrator-Guide/System-Requirements
We couldn't find whether XSOAR is
There are many ways to trigger an automation, by field display actions, field change actions, a task of playbook or CLI. I want to know how my automation is being triggered. Is there any way to grab that info when an automation is triggered?
