This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Missing context in indicator preview. I executed an NVD reputation command on CVE via a custom script.

Hi Team, The standard customer, where there is missing context in indicator preview. I executed an NVD reputation command on CVE via a custom script (CV Reputation).The results are in the attached playground data, but they're not reflected in the indicator sample. Please refer the screenshot. What has been done: Non- working:Integration: Nis...

Creating usecase with addEntitlement

Hello everyone, I'm try to make a usecase where it will be possible to send email to the XSOAR and instead of creating new incident the email content will be delivered to already open incident based on Incident id or UID with addEntitlement.after creating an entitlement I send email to the XSOAR (I got ews V2 setup and working) with the entitle...

A.Levy by L0 Member
  • 1183 Views
  • 2 replies
  • 0 Likes

Creation of flows and pause by weekday schedules

I would like your kind support in telling me if there is a procedure to pause task flows by schedules. For example, I want a playbooks to have 2 flows: The first flow I want to be activated from Monday to Friday and the second flow I want to be activated only on Saturdays and Sundays.

mgamarra by L0 Member
  • 1443 Views
  • 1 replies
  • 0 Likes

Need to Know when the incident was modified first time

I created "firstmodificationdate" field in short text type to apply all the incidents. the purpose of that, I want to store the when the incident was modified at first time. first medication of each incident date will be stored in the "firstmodificationdate" field for all type of incidents. Is there any possible to do that in xsoar?

Can we migration xsoar from standalone to multi tenant

Is it possible to migration xsoar from standalone to multi tenant ? I have try to migration from xsoar standalone to multi tenant used method "Migrate Data to Another Server for Multi-Tenant" ref. https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.8/Cortex-XSOAR-Administrator-Guide/Migrate-Data-to-Another-Server-for-Multi-TenantBut found ...

Siwawut by L0 Member
  • 1136 Views
  • 1 replies
  • 0 Likes

Resolved! Query on deleting incidents

Hi Team, The standard customer has a query regarding deleting an incident on XSOAR. 1. In terms of performance usage when delete an incident or multiple selected incidents on the XSOAR console (Incidents page) and when delete an incident or multiple selected incidents through API call on endpoint POST /incident/batchDelete. The question is, wh...

Resolved! Rename table headers

Hi all 😀 I have a table of data in Cortex XSOAR (e.g., a list of dictionaries with results from a query), and I need to rename one of the column headers before processing it further in my playbook. For example, I want to rename the column oldName to newName. How can I achieve this either within a script, automation, or as part of a playbook...

Extract data in value

To extract the specified highlighted dictionary value from the context data mentioned below, which script command and transformer should be utilized....? [{'type': 'events_fetched', 'value': '1'}, {'type': 'rules', 'value': '[{"id":112363,"name":112363,"type":"CRE_RULE"}]'}, {'type': 'event_count', 'value': '1'}, {'type': 'magnitude', 'value': ...

Unable to Control Column Width in Markdown Tables in XSOAR

I am trying to create a table using Markdown in Cortex XSOAR, but I can't control the width of the columns. I need to make one column wider than the others. However, Markdown in XSOAR seems to automatically adjust the width based on the content, and I can't find a way to set fixed column widths. What I've Tried: Standard Markdown table formatti...

SanDev by L2 Linker
  • 2262 Views
  • 3 replies
  • 1 Likes

Cisco ESA (Cisco IronPort) and XSOAR Integration

Hi all, I'm facing an issue with my integration between Cisco ESA and XSOAR. When I search for specific emails that contain attachments or subjects in Arabic, the SOAR can fetch and display them without any problem. However, when I try to search specifically using an Arabic subject line, the SOAR fails to perform the search. Has anyone encou...

Resolved! XSOAR 8 Engine Upgrade Failure

Did anyone recently observed that the engines are failing to connect with a reason saying "update required"? It should be get updated automatically since those are shell based. Cortex XSOAR

SlackASKV2 Response Stuck

Hi All, Yesterday I dont know why slackaskv2 suddenly gave me error because of block key format. I fixed it but slack send message to channel using button and when user click on button no response come back. Idk whats wrong with this annoying stuff. Any useful suggestion pls Cortex XSOAR

TSOARSupport_0-1724385873638.png
  • 1302 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks