Cortex XSOAR Discussions

How to get Task Duration

Hello.

I am interested in obtaining the execution time of automated tasks run on the Playbook. I understand that it is possible to refer to the individual execution times on the GUI. However, I do not know how to get the total execution time or the

...

Resolved! SlackAskV2 returning answers but did not provide a field in Context Data

Hello,

I am new to using XSOAR and wanted to develop a playbook that sends a confirmation whether the user clicked a phishing link or not. I tried to use SlackAskV2 which did its job by sending a message to either user or channel and returning the giv

...

SlackAskV2 Invalid Block Format

Hi folks,

i am new with XSOAR and i try to create an approval workflow with SlackAskV2.

Of course i prefer the default resonse type with buttons. And here's my problem. It does not work in the playbook editor.
I always get the following error, when

...

What is the limit on the number of playbooks per hour?

Hi Team,

What is the limit on the number of playbooks per hour?

Please assist.

XSOAR to analyze PDF and Office files

Hi everyone,
Does anyone use XSOAR to analyze PDF and Office files?

My idea is for users to send emails to a specific account. Cortex XSOAR would then receive these emails, extract the files, and analyze them using tools like OLETools. If any suspicio

...

Resolved! The command does not exist or it is disabled

Hello Team,

I am new to use Cortex Xsoar. While running script getting the below error. why it is?

IPReputation=${incident.details} returned an error

Hide reason

Reason

The command does not exist or it is disabled

enrichIndicators=${

...

Core REST API query: Want to know how we can restrict specific API endpoint from XSOAR UI

Hi Team,

I wanted to know if we can restrict specific endpoints for keys we generate on XSOAR UI (Setting > Integrations > Keys).

For example: I want to restrict particular API key to only access (POST /incidents/search) endpoint.

Any suggestion.

Resolved! Discussion: Send email to user with #xsoar link for them to upload files?

Is there a way to allow users to upload files to #xsoar incident via outlook email integration?

example. Malware incident triggered from user's endpoint. soar sends an email to user stating they have detected a malware on their device. please zip t

...

Use CPU% = 50 in XSOAR DEV

hi! i expermiented a rare problem in my xsoar dev, in there i have 0 jobs, 0 integration active, 0 incidents creation, 0 everything. But every 15 minutes, the cpu% increases to 50 for about 5 minutes, then to 0. The last change i've made is to config

...

Phishing ML Model Issue !DBotPredictOutOfTheBoxV2

Hi All, I'm using phishing playbook and in which there is ML part but it gives me error even package is installed on xsoar.Please check error description here

Command:

!DBotPredictOutOfTheBoxV2 emailSubject="We’re sorry, an email was sent by

...

Single Incident/Playbook is killing the whole platform

Hi,

I built a playbook to pull some nested data (~8 MB in total) which then is used in a looped subplaybook for additional data extraction.The subplaybook is relatively simple, uses for each input loop, starts with deletecontext (all=yes) and retur

...

Unique Files From File Object

Dear All,

I am currently optimizing the phishing playbook and have encountered some issues with the detonation and enrichment processes that handle file objects. I noticed that duplicate files are being passed to the sub-playbooks. I attempted to use

...

Resolved! How to download all playbooks from XSOAR

Hello,

I'd like to download all the playbooks from XSOAR, however the only way I know is going one by one.

How can all the playbooks be downloaded?

Cortex XSOAR - Community Edition Support

Post here for all of your Community Edition support questions and one of our product experts will get back to you soon!

Resolved! Integration Sentinel One <> XSOAR

Hi everyone! How are you? I have a problem with the integracion of Sentinel One from XSOAR: In Sentinel I have a few rules for some Incidents. One rule closes the incident as soon as it is discovered by the platform, that is, the incident is created

...

Discussions

How to get Task Duration

Resolved! SlackAskV2 returning answers but did not provide a field in Context Data

SlackAskV2 Invalid Block Format

What is the limit on the number of playbooks per hour?

XSOAR to analyze PDF and Office files

Resolved! The command does not exist or it is disabled

Core REST API query: Want to know how we can restrict specific API endpoint from XSOAR UI

Resolved! Discussion: Send email to user with #xsoar link for them to upload files?

Use CPU% = 50 in XSOAR DEV

Phishing ML Model Issue !DBotPredictOutOfTheBoxV2

Single Incident/Playbook is killing the whole platform

Unique Files From File Object

Resolved! How to download all playbooks from XSOAR

Cortex XSOAR - Community Edition Support

Resolved! Integration Sentinel One <> XSOAR

XSOAR Dev to Prod - Builtin content repository

Still waiting on XSOAR Community Edition + Cortex XDR lab access

Result empty after using json2html script

Do we have XQL query builder feature in XSOAR

Where is the XSAOR 8 CLI Reference?

Re: Creating a custom command for XSOAR marketplace integration

Re: XSOAR Dev to Prod - Builtin content repository

Re: War Room Table to Layout view

Re: delay in a playbook

Unlock your full community experience!

Resolved! SlackAskV2 returning answers but did not provide a field in Context Data

Resolved! The command does not exist or it is disabled

Resolved! Discussion: Send email to user with #xsoar link for them to upload files?

Resolved! How to download all playbooks from XSOAR

Resolved! Integration Sentinel One <> XSOAR