Hi,I have been looking for a solution to block multiple IP's at the same time using pan-os integration. Is there any way where multiple IP's are given as input to block from firewall.
Hey, I have a xsoar instance hosted by PA (saas access) and today none of my containers seems to work. Any script run gives the following message Error from Scripts is : Script failed to run: "docker images demisto/python3:3.10.13.86272" with error "exit status 125" and output "Error: cannot re-exec process to join the existing user namespace H...
Hello, Since we use XSOAR 8.6.0 OVA and the SSH user (Viewer) does not have authority to use sudo to alter the hosts file on the OVA, I need to add local domains to the Cortex XSOAR hosts file. Is there another SSH user with the highest privileges that you know of that could utilize it?
Hi all, I'm developing a playbook for Cortex XSOAR that sends a number of queries to our SIEM in parallel and uploads the results as files to an incident. I want to introduce subsequent steps that all depend on the files existing, however I cannot figure out a good to make a "gate" task that stops the playbook from executing until all previous...
Hi,Does anyone have a #Cortex XSOAR sync with a MISP server (bidirectional sync)? I have two objectives: I have several indicators on my XSOAR, and my goal is to upload these indicators to MISP (including adding the "XSOAR" tag). XSOAR should query MISP and update local indicators based on matches found in MISP. Does anyone know if this is pos...
Hi, I installed engine using Shell following instructions on https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/8/Cortex-XSOAR-Administrator-Guide/Install-an-Engine. Then when trying to configure Syslog v2 integration I got multiple errors. First one was related to inability to create /home/demisto folder which was solved by me manually ...
Hi Team, We are encountering a connection timeout issue when attempting to create incidents in Cortex XSOAR using a custom QRadar integration. Based on our observations, we suspect this issue is due to low IOPS on XSOAR, as low as 100, despite the IOPS being allocated as unlimited from the VM Console. We believe the low IOPS are causing delays...
We are trying to create a docker image for our in-house python dependency project that will be used in our Cortex XSOAR integration. I saw the doc said we should use demisto/dokerfiles to create the image. I followed the README file in the GitHub repo to create a new docker image, but could only create an empty image. Could anyone please hel...
Hello Team, Am creating the custom indicators via playground command we need to add the "Description" message for particular IOC IP address. i.e; IOC 158.x.192.10 Description= "Honeypot Malicious IP Address" I could manually able to add description in Xsoar console > Indicators Tab > Edit Indicators Page. (Screenshot attached for you...
Hello all,How to obtain the XSOAR community edition for free?
Hi brothers,it's been two weeks ,I never received the link to download the Cortex XSOAR #community edition? key or instructions? Please can someone help me with this. any one knows how to get it. (email: support@kingskeyy.com )
Hello all. I need to use a non-existent package (jsonpath_ng.ext) in my automation. What is the correct way to install it and make it available to my automation?
While integrating the QRADAR Instance am getting below mentioned error. Script failed to run: Error: [Traceback (most recent call last): File "<string>", line 352, in <module> File "/usr/local/lib/python3.10/base64.py", line 11, in <module> import binascii ImportError: Error loading shared library libz.so.1: Exec format error...
Hello Team, I am perform XDR-IOCS-Push Command even the indicators was list in indicators Tab. I am getting below error and attached the screenshot Expiration time 1725520943000 is invalid; expiration date cannot be in the past.
Hello all, We're writing a custom playbook in Cortex XSOAR that queries Splunk and returns data. The data we receive back from Splunk (via a self-written XSOAR automation, in Python) gets returned as an XML field containing a string that represents a flat CSV file. The \n character sequence (newline) gets added by Splunk to delimit each new li...
