Query on creating custom docker images

Hi, I have some questions regarding creating the custom docker images.

1. Is it possible to create the custom docker images not using the war room? In the docs, the docker images can be created via war room command, but I want to create docker image i

CSOAR Pre processing rule with scheduled jobs

How can we set the preprocess rule to drop any incidents created by schedule jobs?

For example: any incident category=job and some incident field like description contains "False". The playbook in schedule Job, will run some tasks and condition and

Securonix

Can someone help me? I have created an instance in the Securonix integration but I want to fetch incidents but I do not get the alerts from my SIEM SECURONIX. It should be noted that the user and everything is correct. But I would like to know if any

How to use dashboard filter query in Scripts

How to use, dashboard filter query in scripts?

Cortex XSOAR 

Query on Filtering Closed Incidents by Time Frame in XSOAR dashboard

I'm in the process of creating a widget and need help retrieving details of incidents that were closed within a specific week or time frame, irrespective of their creation date. Additionally, I would like to know if there's a method to achieve this w

Couldn't sort by date in bar graph widget in Dashboard

We couldn't sort by date in bar graph widget in custom dashboard. We are in XSOAR 8.7.

Please assist.

SQL results into layout

Hi ,

I’m running a playbook that generates multiple SQL results. What are the best practices for displaying these effectively in the incident layout? Should I use Markdown, custom sections, or widgets? Any tips for handling this?

Thanks!

Set Incident values from Integration

Hello all,

I have customized a ticketing integration to our image. The last part I'm struggling with is returning values from the integration to incident fields.

My usecase is that, SOC analyst will create a ticket inside our ServiceDesk application

Alert when XSOAR doesn't fetch incidents for a certain integration.

Is there a way to receive an alert when no incidents are fetched in XSOAR for a certain integration for by example 24 hours. Not related to integration issues but if the integration works but nothing is fetched? 

Would be beneficial to know if there i

Properly aligned and comprehensive report for XSOAR Incident

Hi all,

The current XSOAR incident report is unclear and poorly formatted. We need a properly aligned report to serve as the basis for our reporting.

Is there any way for this or any available template that we could use?

Thanks in advance.

XSOAR keeps firing the same incident

Hi All,

My XSOAR instance is a cloud hosted environment running on the latest version 8 build.

I have a playbook that sends a notification email to a user in response to a change in their account settings to confirm if recognized. The user is req

Issue with timestamp_range_start and timestamp_range_end Dates in XSOAR Elasticsearch Integration Command