Usecase for IP block

Hi Team,

I am new to this Xsoar platform. Trying to create custom playbook, just want help on parsing an email from external source.

Our customer will sent an email with IOC attachment in excel format to our SOC operation team to block the IOC in

XSOAR Exchange Integration Search Limit - It Does Not Return More Than 100 Result

Hello,

I have EWS2 integration on my XSOAR. When I try to delete phishing mail, for try to determine itemIds of mail will be deleted, I use ews-search-mailboxes command with +500 mail addresses. Syntax is correct but it give me only 100 results. I ch

Phishing PlayBook Issue

Hi everyone,

I'm currently developing a phishing playbook that is already available in XSOAR. I'm curious why the IOCs are not being extracted from the email body, while it seems that IOC extraction only occurs from attachments in the .eml or .msg fi

Bot XSOAR in Slack > bad performance

Hi everyone! I have a question about the XSOAR Bot in Slack. If you send anything to the bot, it responds with a message like this:

Multiple XDR integrations in XSOAR

Hi team

Where we have multiple XDR tenants integrated into XSOAR, how can a playbook determine which tenant they are working with? For e.g. by running "!xdr-update-incident", the incident identifier is the XDR incident ID ("incident_id") which the

Filter away weekend cases from XSOAR Dashboard "Duration" / "Number" Widget

Would appreciate some guidance here, thank you in advance!

Running a Task on Multiple Instances of an Integration - Playbook Optimization

Hello,
we are working on a playbook that needs to run a single task on 10 different instances of the same integration. Currently, the only way we know to handle this is by creating a separate sub-playbook for each instance, with the task configured to

xsoar license

I currently have 5 SOAR licenses contracted. However, I have a question: Does the Admin user consume a license? It should be noted that this user has been assigned the administrator role.

Block multiple IP's using panorama

Hi,
I have been looking for a solution to block multiple IP's at the same time using pan-os integration. Is there any way where multiple IP's are given as input to block from firewall.

XSOAR hosting docker container problem (exit status 125)

Hey,

I have a xsoar instance hosted by PA (saas access) and today none of my containers seems to work. Any script run gives the following message

Cortex XSOAR Hosts File

Hello,

Since we use XSOAR 8.6.0 OVA and the SSH user (Viewer) does not have authority to use sudo to alter the hosts file on the OVA, I need to add local domains to the Cortex XSOAR hosts file. Is there another SSH user with the highest privileges