This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Cortex XSOAR Hosts File

Hello, Since we use XSOAR 8.6.0 OVA and the SSH user (Viewer) does not have authority to use sudo to alter the hosts file on the OVA, I need to add local domains to the Cortex XSOAR hosts file. Is there another SSH user with the highest privileges that you know of that could utilize it?

mnassar by L0 Member
  • 785 Views
  • 1 replies
  • 0 Likes

How to stop a playbook task until ALL previous tasks are done?

Hi all, I'm developing a playbook for Cortex XSOAR that sends a number of queries to our SIEM in parallel and uploads the results as files to an incident. I want to introduce subsequent steps that all depend on the files existing, however I cannot figure out a good to make a "gate" task that stops the playbook from executing until all previous...

XSOAR MISP - sync

Hi,Does anyone have a #Cortex XSOAR sync with a MISP server (bidirectional sync)? I have two objectives: I have several indicators on my XSOAR, and my goal is to upload these indicators to MISP (including adding the "XSOAR" tag). XSOAR should query MISP and update local indicators based on matches found in MISP. Does anyone know if this is pos...

tlmarques by L4 Transporter
  • 1879 Views
  • 1 replies
  • 0 Likes

XSOAR Engine Integration issue

Hi, I installed engine using Shell following instructions on https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/8/Cortex-XSOAR-Administrator-Guide/Install-an-Engine. Then when trying to configure Syslog v2 integration I got multiple errors. First one was related to inability to create /home/demisto folder which was solved by me manually ...

anmark by L0 Member
  • 1153 Views
  • 1 replies
  • 0 Likes

XSOAR incident in Qradar

Hi Team, We are encountering a connection timeout issue when attempting to create incidents in Cortex XSOAR using a custom QRadar integration. Based on our observations, we suspect this issue is due to low IOPS on XSOAR, as low as 100, despite the IOPS being allocated as unlimited from the VM Console. We believe the low IOPS are causing delays...

First time create custom docker image for Cortex XSoar

We are trying to create a docker image for our in-house python dependency project that will be used in our Cortex XSOAR integration. I saw the doc said we should use demisto/dokerfiles to create the image. I followed the README file in the GitHub repo to create a new docker image, but could only create an empty image. Could anyone please hel...

BSun8 by L0 Member
  • 1301 Views
  • 1 replies
  • 0 Likes

How add "description" message for Custom Indicators via playground commands

Hello Team, Am creating the custom indicators via playground command we need to add the "Description" message for particular IOC IP address. i.e; IOC 158.x.192.10 Description= "Honeypot Malicious IP Address" I could manually able to add description in Xsoar console > Indicators Tab > Edit Indicators Page. (Screenshot attached for you...

cV V by L2 Linker
  • 895 Views
  • 1 replies
  • 0 Likes

Script failed to run Error

While integrating the QRADAR Instance am getting below mentioned error. Script failed to run: Error: [Traceback (most recent call last): File "<string>", line 352, in <module> File "/usr/local/lib/python3.10/base64.py", line 11, in <module> import binascii ImportError: Error loading shared library libz.so.1: Exec format error...

cV V by L2 Linker
  • 1633 Views
  • 2 replies
  • 0 Likes

Resolved! How to upload CSV string containing \n to XSOAR?

Hello all, We're writing a custom playbook in Cortex XSOAR that queries Splunk and returns data. The data we receive back from Splunk (via a self-written XSOAR automation, in Python) gets returned as an XML field containing a string that represents a flat CSV file. The \n character sequence (newline) gets added by Splunk to delimit each new li...

Screenshot 2024-09-18 at 16.46.55.png

Cortex Community Edition

Hi i have signed up for the community edition multiple time and recieve the initial conformation email each time but have so far never recieved the download link. I see the licence under our accounts on the hub and I use my company email addrress. Please may I have the download link Regards John

How to get Task Duration

Hello. I am interested in obtaining the execution time of automated tasks run on the Playbook. I understand that it is possible to refer to the individual execution times on the GUI. However, I do not know how to get the total execution time or the individual execution times using commands or other methods. Is there a good way to do this?

MEiunyo1 by L1 Bithead
  • 1277 Views
  • 2 replies
  • 0 Likes
  • 1298 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks