Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Resolved! How XDR Sync command working in XSOAR

Hello,

how the !xdr-iocs-sync firstTime="True" command working in XSOAR, It will deleted IOC list in XDR IOC rules.

 

If i need to run the sync command any proper format to run before those.

 

I want to upload or sync 100 no's of IP's or Domain names

...

cV V by L2 Linker
  • 1135 Views
  • 2 replies
  • 0 Likes

Resolved! Integration/Content Packs Update Issue

Hi All,

I have some integrations/Content Packs and they need to be updated but when ever I tried to update from update button on market place, it gives me error "Unavailable docker image...." how to tackle this issue and what are possible best ways t

...

Syedhkt by L2 Linker
  • 997 Views
  • 1 replies
  • 0 Likes

Non Enterprise Security Splunk users

Hi

Please share some info on how you are running your setup.

 

We are currently using the TA-Demisto splunk app to push the alerts to the XSOAR but having issues with excessive incidents in XSOAR being created when we use the |table in our searches a

...

Playbook to upload IOCs to Cortex XDR

Hello,

We are working in an integration between XSOAR and XDR.
We want to upload IOCs from a given file to XDR, we have seen that Cortex XDR - IOC integration allows a synchronization of IOCs but what we want is a manual push of new IOCs to XDR, not to

...

XSOAR 6.11 Content Bundle Update via API

Hello 

We have build a CICD Pipeline to manage Lists in a external Git-Repository. The reason for that is we want to have the option to let our analyst create message templates and config files in a versioned way. Also we don't want that our analyst h

...

JBoehm_0-1719908025087.png
JBoehm by L1 Bithead
  • 907 Views
  • 2 replies
  • 0 Likes

Fetch Indicator Integration

Hello 

 

i plan to implement a custom integration which fetches IP Indicators. So far so good i was able to create the indicators with no issue. However i would like to update some fields eg. Hostname and also some custom fields like a Gridfield of V

...

JBoehm by L1 Bithead
  • 943 Views
  • 2 replies
  • 0 Likes

XSOAR Qradar Offense Ingestion Doubt

Hello all,

 

 

We've a situation that we would like to clarify if it's a misconfiguration or if it is an expected behaviour.

#Qradar integration is only fetching ofenses that includes specific rule ids but qradar how it works associates new events and

...

DSilva8 by L0 Member
  • 808 Views
  • 1 replies
  • 0 Likes

Resolved! Remove file types from the context data

We have been building a playbook to decrypt all encrypted attachments and detonate in a wildfire and Mimecast sanbox using their integrations. I am struggling currently to remove jpegs and pngs from the context data so they are not being sent to the

...

  • 1216 Posts
  • 42 Subscriptions
Top Solution Authors