Cortex XSOAR Discussions

Symantec similar command for FireEye HX v2 commands

Hi,

Can anyone help for this-

Which FireEye HX v2 automation command will give the equal output for below-mentioned Symantec command:

1. sep-endpoint-info( to Get Computer Info using IP & using Hostname)
2. sep-scan-endpoint(for Full Scan on Endpo

...

Resolved! Getting output in [] brackets

Creating a Playbook to Upload Indicators to Various XDR Tenants

Hello all,

I am currently building a playbook that can pull indicators from an external MISP system and then publish them to various tenants of Cortex XDR. I have seen that there was a similar post in the past yet the solution suggested in 2022 does

...

Is there a way to check on which drive the demisto application is installed on

Resolved! Add additional fields in Jira edit issue task

Hi All,

"Jira-edit-Issue" task has some default Arguments as Inputs (eg: IssueID, priority,status, summary, description etc.,). Now I need to add new field as Inputs to Jira edit issue from XSOAR, fields like resolution, etc.

I tried editing the s

...

SlackAskV2 Invalid Block Format

Hi folks,

i am new with XSOAR and i try to create an approval workflow with SlackAskV2.

Of course i prefer the default resonse type with buttons. And here's my problem. It does not work in the playbook editor.
I always get the following error, when

...

Resolved! Playbook runs in Playbooks page but not with incident

Hello all,

I have a playbook, the one from XSOAr Engineer you tube course actually, video #8, sub-playbooks. This runs flawlessly in the playbook page but when I run it from an incident it ends up trying to reset the password for every AD user even

...

Resolved! Grid Field Setup In XSOAR

Dear All

I am trying to setup a new Grid Field in XSOAR.

I have added few column header with the field names that I require however, in the layout, not all columns are shown.

There are certain fields which are missing in the display.

Share internal list XSOAR with url

Hello,

We created an internal list in XSOAR called "urls". We'd like to create an url to share a link with the data of the list. How can be this done?

Uploading report via demisto api post request

Hello everyone,

I am trying to upload json file to create report. Despite I tried tons of way I couldn't send the body properly. demisto-api-post request need multipart/form-data content type. Is there any way to send raw json properly?

Here is m

...

Paint markdown table cells or rows

Hello,

We use markdown tables to show the analysts' incident data. We use them for manual tasks in details as in layouts. We'd like to paint those cells where the data shown is critical. For example, on a markdown table where some hashes are detonate

...

XSOAR Threat intel IOC Ingestion to Splunk

Hi,

We have created EDL query to ingest IOC to the SPLUNK from XSOAR Threat intel management Platform.

We have to know that Refresh List will work and how to get all IOC via EDL query from XSAOR

Kindly share any best practice any one implement

...

Resolved! Create widget for bioc and ioc rule numbers

Hello everyone,

I am trying to get numbers of bioc and ioc rules from our xdr integration. I want to create a widget to see that how many ioc and bioc rules added week by week. Do anyone have idea for this?

Thanks in advance.

Cortex XDR Cortex

...

query(group) indicators by domain name

If I have a tenant/account that has incidents.

some of those incidents have indicators / entities tied to abc.com or xyz.com

Is there a way to query for, show me all the incidents that have hostnames or account names that end in abc.com?

Wasn't having l

...

Resolved! Generating reports through automation

Hi everyone,

In our environment, we are supposed to generate reports through playbooks since we want to be able to customize the template according to the incident type. Executing the report is simple but downloading is not that simple.

I am foll

...

Discussions

Symantec similar command for FireEye HX v2 commands

Resolved! Getting output in [] brackets

Creating a Playbook to Upload Indicators to Various XDR Tenants

Is there a way to check on which drive the demisto application is installed on

Resolved! Add additional fields in Jira edit issue task

SlackAskV2 Invalid Block Format

Resolved! Playbook runs in Playbooks page but not with incident

Resolved! Grid Field Setup In XSOAR

Share internal list XSOAR with url

Uploading report via demisto api post request

Paint markdown table cells or rows

XSOAR Threat intel IOC Ingestion to Splunk

Resolved! Create widget for bioc and ioc rule numbers

query(group) indicators by domain name

Resolved! Generating reports through automation

XSAOR with HA using Open search Upgrade

EWS O365 Instance - Not allowed to access Non IPM folder. (85)

Json data in table does not display in PDF reports

Question from Playbook Optimization webinar: Delete context script

Engine For Hosting Web Forms For Data Collection Tasks

Re: XSAOR with HA using Open search Upgrade

Re: Palo Alto Cortex XSOAR - Community Edition

Re: GoQR.me QR Code Reader misbehaving

Re: EWS O365 Instance - Not allowed to access Non IPM folder. (85)

EWS O365 Instance - Not allowed to access Non IPM folder. (85)

Unlock your full community experience!

Resolved! Getting output in [] brackets

Resolved! Add additional fields in Jira edit issue task

Resolved! Playbook runs in Playbooks page but not with incident

Resolved! Grid Field Setup In XSOAR

Resolved! Create widget for bioc and ioc rule numbers

Resolved! Generating reports through automation