This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! ML Content Pack Issue - Phishing Email

I'm currently developing a phishing email playbook that includes the ML module DBotPredictOutOfTheBoxV2, which is causing issues. Upon investigation, I found that the Machine Learning content pack is installed, but the Demisto image demisto/ml is not available. If you have any insights or solutions, I would greatly appreciate your help. I got th...

Syedhkt_0-1727335022455.png
Syedhkt by L2 Linker
  • 1747 Views
  • 2 replies
  • 0 Likes

xsoar license

I currently have 5 SOAR licenses contracted. However, I have a question: Does the Admin user consume a license? It should be noted that this user has been assigned the administrator role.

jcajam by L0 Member
  • 949 Views
  • 1 replies
  • 0 Likes

XSOAR hosting docker container problem (exit status 125)

Hey, I have a xsoar instance hosted by PA (saas access) and today none of my containers seems to work. Any script run gives the following message Error from Scripts is : Script failed to run: "docker images demisto/python3:3.10.13.86272" with error "exit status 125" and output "Error: cannot re-exec process to join the existing user namespace H...

Cortex XSOAR Hosts File

Hello, Since we use XSOAR 8.6.0 OVA and the SSH user (Viewer) does not have authority to use sudo to alter the hosts file on the OVA, I need to add local domains to the Cortex XSOAR hosts file. Is there another SSH user with the highest privileges that you know of that could utilize it?

mnassar by L0 Member
  • 839 Views
  • 1 replies
  • 0 Likes

How to stop a playbook task until ALL previous tasks are done?

Hi all, I'm developing a playbook for Cortex XSOAR that sends a number of queries to our SIEM in parallel and uploads the results as files to an incident. I want to introduce subsequent steps that all depend on the files existing, however I cannot figure out a good to make a "gate" task that stops the playbook from executing until all previous...

XSOAR MISP - sync

Hi,Does anyone have a #Cortex XSOAR sync with a MISP server (bidirectional sync)? I have two objectives: I have several indicators on my XSOAR, and my goal is to upload these indicators to MISP (including adding the "XSOAR" tag). XSOAR should query MISP and update local indicators based on matches found in MISP. Does anyone know if this is pos...

tlmarques by L4 Transporter
  • 1995 Views
  • 1 replies
  • 0 Likes

XSOAR Engine Integration issue

Hi, I installed engine using Shell following instructions on https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/8/Cortex-XSOAR-Administrator-Guide/Install-an-Engine. Then when trying to configure Syslog v2 integration I got multiple errors. First one was related to inability to create /home/demisto folder which was solved by me manually ...

anmark by L0 Member
  • 1250 Views
  • 1 replies
  • 0 Likes

XSOAR incident in Qradar

Hi Team, We are encountering a connection timeout issue when attempting to create incidents in Cortex XSOAR using a custom QRadar integration. Based on our observations, we suspect this issue is due to low IOPS on XSOAR, as low as 100, despite the IOPS being allocated as unlimited from the VM Console. We believe the low IOPS are causing delays...

First time create custom docker image for Cortex XSoar

We are trying to create a docker image for our in-house python dependency project that will be used in our Cortex XSOAR integration. I saw the doc said we should use demisto/dokerfiles to create the image. I followed the README file in the GitHub repo to create a new docker image, but could only create an empty image. Could anyone please hel...

BSun8 by L0 Member
  • 1425 Views
  • 1 replies
  • 0 Likes

How add "description" message for Custom Indicators via playground commands

Hello Team, Am creating the custom indicators via playground command we need to add the "Description" message for particular IOC IP address. i.e; IOC 158.x.192.10 Description= "Honeypot Malicious IP Address" I could manually able to add description in Xsoar console > Indicators Tab > Edit Indicators Page. (Screenshot attached for you...

cV V by L2 Linker
  • 957 Views
  • 1 replies
  • 0 Likes

Script failed to run Error

While integrating the QRADAR Instance am getting below mentioned error. Script failed to run: Error: [Traceback (most recent call last): File "<string>", line 352, in <module> File "/usr/local/lib/python3.10/base64.py", line 11, in <module> import binascii ImportError: Error loading shared library libz.so.1: Exec format error...

cV V by L2 Linker
  • 1748 Views
  • 2 replies
  • 0 Likes
  • 1302 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks