Cortex XSOAR Discussions

Pulling updated hash values of unwanted softwares from unit 42.

Hi Everyone,

Is there any possibility within Cortex XSOAR to pull updated hash values of unwanted software from unit42?

Scenario: If we have a list of hash values of unwanted software (like Team viewer for eg) and we enrich the hash indicators us

...

How do I change my 2nd Factor Authentication method for XSOAR?

When setting up my account, I must have quickly clicked through my 2nd factor options and now I'm stuck using email for my 2nd factor. I'd like to switch to using an app such as Google Authenticator. How can I change it?

Is it possible to create a local user without email invite?

Hi team,

Is it possible to create a local user without email invite?

The customer is using XSOAR on-premise v6.12. They have a contractor (which does not have account in our AD) that we need to create a local user for, but I don't see the option

...

Resolved! Unable to read the file via remoteaccess with service account Cortex XSOAR ID: 4893410215349833399

Unable to read the file via remote access with service account Cortex XSOAR ID: 4893410215349833399 We created a service account with /usr/sbin/nologin in /etc/passwd but was unable to read the file in /home directory. However, we managed to read it

...

XSOAR Dashboards

Looking for a dashboard to pull bandwidth usage from PANOS into XSOAR.

Virus Total V3 Integration Issue

I am trying to integrate Virus total v3 in xsoar and have api key already. As you know in v3 version of virus total we cannot adjust server url so thats why I am getting issue please check and provide your useful answer

Verify that the server URL p

...

Resolved! Need to know how to check how many times a specific task within a playbook has run in a month.

Hi Team,

The customer has only Standard license I couldn't able to move to CS team. Your help will be appreciable.

The customer have a master playbook that is run on every single case raised on the platform. This master playbook contains many tasks

...

Transitioning Events/Incidents Across Analysts

Does anyone mind sharing any resources or practical examples of how they're using XSOAR to transition events/incidents across multiple analysts or shifts?

Resolved! Is there a way to launch a playbook from a button in an incident

I have a couple different use cases where I have several steps in a playbook that I would like to complete again after the playbook is complete. I basically have several steps in a playbook that I would like to have launched by a button. I am trying

...

Resolved! Playbooks repository

Does anyone know and can share if there are websites or communities like this where playbooks used in Cortex XSOAR are shared? I'm not talking about code, but flowcharts etc

Issue in health check playbook under system diagnostics and health check content pack

I have installed system diagnostics and health check content pack from marketplace(using xsoar version 6.12). I have followed the steps given in this article: https://xsoar.pan.dev/docs/reference/packs/system-diagnostics-and-health-check

The pack has

...

Extracting Domains Not from URL

Hello Live Comm,

I am working on a use-case that allows us to extract indicators from specific reports and then pushes them to monitoring systems.

We have seen that using the built-in Extract Indicator command causes domains to be extracted from URL

...

Unable to retrieve work_notes from Servicenow.

We have the Servicenow V2 integratoin enabled and we are able to retrieve "comments' but "work_notes" are not visible.

- No errors are observed (it's just empty)
- We are able to "add" work_notes from XSOAR.

- We verified the permissions of the accoun

...

Resolved! Create CSP account that does not have access to xSOAR portal

Hi team,

I have a customer, who have enabled SSO login for access to their xSOAR portal. They want to disable CSP login to the XSOAR portal but maintain the account to be used for logging support tickets in CSP. Any action plan or steps please let me

...

Resolved! Unable to fetch incident taks with Servicenow V2 integration.

Our company will use Servicenow "Incidents taks" to send a task to another team.

Currently it is only possible to fetch "sc_tasks" which are Service Catalog tasks, however these service catalog tasks are not being used in our company.

Use-case is th

...

Cortex XSOAR Discussions

Discussions

Pulling updated hash values of unwanted softwares from unit 42.

How do I change my 2nd Factor Authentication method for XSOAR?

Is it possible to create a local user without email invite?

Resolved! Unable to read the file via remoteaccess with service account Cortex XSOAR ID: 4893410215349833399

XSOAR Dashboards

Virus Total V3 Integration Issue

Resolved! Need to know how to check how many times a specific task within a playbook has run in a month.

Transitioning Events/Incidents Across Analysts

Resolved! Is there a way to launch a playbook from a button in an incident

Resolved! Playbooks repository

Issue in health check playbook under system diagnostics and health check content pack

Extracting Domains Not from URL

Unable to retrieve work_notes from Servicenow.

Resolved! Create CSP account that does not have access to xSOAR portal

Resolved! Unable to fetch incident taks with Servicenow V2 integration.

XSOAR 8 + Export Data to On-premise for Retention Compliance

How to include the initial Email as attachment OR how to reply on the same Email sent

Missing button scripts from content packs

Extrahop Reveal X Integration - Stop fetching of Hidden Detections possible?

Default Field Mapping in QRadar Content Pack 2.5.7 on XSOAR 6.12

Re: Missing button scripts from content packs

Fetching CrowdStrike Next-Gen SIEM Alerts into SOAR

Re: How to include the initial Email as attachment OR how to reply on the same Email sent

Automating SLA in XSOAR with Reminders and Reset on Updates

Re: How to include the initial Email as attachment OR how to reply on the same Email sent

Unlock your full community experience!

Cortex XSOAR Discussions

Resolved! Unable to read the file via remoteaccess with service account Cortex XSOAR ID: 4893410215349833399

Resolved! Need to know how to check how many times a specific task within a playbook has run in a month.

Resolved! Is there a way to launch a playbook from a button in an incident

Resolved! Playbooks repository

Resolved! Create CSP account that does not have access to xSOAR portal

Resolved! Unable to fetch incident taks with Servicenow V2 integration.