Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Problem with AppendindicatorFieldWrapper script

Hi!

 

When we run the appendIndicatorField task, the last IP address of an array never gets tagged. Please see the following examples for clarification:

 

Example 1: works fine

!appendIndicatorField indicatorsValues="134.122.135.178" field="tags" fie

...

adocasar by L1 Bithead
  • 220 Views
  • 3 replies
  • 0 Likes

Demisto Service Failed

Hi Everyone ,

 

We are running XSOAR instance with NFR license. 

 

Recently for unknown reasons, the demisto service stopped and is never coming up when we try to start. 

 

 

 

[root@localhost ~]# systemctl status demisto.service
● demisto.service -

...

Pavendhan_K_0-1684316963694.png

Browserling integration

Dears,
we are trying to integrate with browserling which is not supported by default on XSOAR marketplace.
and to this integration we need to do the following:

1- First, we need to load browserling.js library.
2- Then we create a new Browserling object w

...

how to re-pull QRadar case

Our client leverages QRadar as their SIEM.

will pull in all cases and then have a pre-processing rule that drops any case that does not have "MSSP" in the name.

This works 99% of the time, but there are certain times when MSSP cases get dropped and we

...

JoshBoyd by L2 Linker
  • 162 Views
  • 1 replies
  • 0 Likes

Resolved! Slack Bot keeps sending messages to users

Occasionally, the bot sends the message in the screenshot below to our users in no particular order. We don't know why that is happening. One time a certain user reported that every time he gets a message from a coworker the bot sends this message to

...

EnesOzdemir_0-1683792595677.png

Cortex XDR Crowdstrike Layouts

Hello, I have just onboarded the crowdstrike integration into Cortex XDR. I am looking to modify the incident layout of the incidents themselves and the option is not available. Instead, inside a Crowdstrike Incident I have to usually go to Crowdstri

...

Resolved! Can run playbook in incident but not job

Currently creating a job to fetch and create an incident through an integration. The job works fine on the test server but doesn't work on production. Forcing the job to run doesn't output an error or even a record of the job attempting to run. But w

...

Bucket not found

Our deploymentt is multi-tenant deployment. When i run "!Github-get-file-content" command, i get an error some tenants (Bucket not found) but other tenants it work.

What is cause of this error?

 

 

 

Cortex XSOAR 

YilmazDincer_0-1683537421281.png
Top Liked Authors