Cortex XSOAR Discussions
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
We are conducting regularly scheduled maintenance over the weekend, which could cause some downtime on LIVEcommunity. We apologize for any inconvenience.
Cortex XSOAR Discussions

Discussions

Start playbook from API with own inputs

Hi all,

 

I have problem and I would like please you for help.

My target is, from API (via postman) run some playbook with own data. For example, call playbook, where I added into playbook Inputs property "Left".

 

How I tried set $Input.Left from my API,

...

Resolved! how to use demisto-api-download in a Automation

I am trying to use the built in demisto-api-download autmation to download a file from our hosted xsoar instance 

I am struggling to figure out how to format my command in the automation. From the documentation these are the inputs :
 

Arguments Descrip

...

kbratt by L1 Bithead
  • 311 Views
  • 5 replies
  • 0 Likes

Auto-categorize Outlook Phishing Email

Hello guys,

I'm currently trying to create a Playbook that auto-categorize already analyzed phishing email, let me explain :

Here is the current process :

1. An analyst tags an email as Phishing using Outlook categories in the main Email box

2. Thanks to

...

benzer by L0 Member
  • 243 Views
  • 3 replies
  • 0 Likes

Delete List using automation/command?

Hi All,

 

I wanted to delete a list using a playbook tasks, but I dont find any automation that can achieve it. It only have createList, and remove data from List

 

May I know any workaround for it?

 

Regards,

Jia Kai

JOng39 by L1 Bithead
  • 141 Views
  • 1 replies
  • 0 Likes

Resolved! SLA best practices

Hi,

 I want to set sla times per severity type but it seems xsoar bind sla's to incident type, so i think i need to start each sla per severity in playbook by testing severity it is nearly clear for me. But i am confused what type of SLA should i crea

...

Resolved! Different response page server

Hi, 

 

In a multitenant deployment i want to place the response page somewhere else from the "Host-tenant" machine  lets say customer environment. And configure   "External Host Name" to this new server which is accessible from customer local area.

 

Reg

...

Playbook construction

I would like to ask the community if perhaps someone has created a playbook that takes in Snort/Suricata alert data. I am looking a creating a automated block process that will compare an IDS alert with a Threat notification from the PAN. If the src_

...

jpadro by L0 Member
  • 252 Views
  • 1 replies
  • 0 Likes

Resolved! javascript return context key from variable

Hi!

 

I have modified a simple Javascript automation, however i can't seem to put an input value as a context key. In the below sample i declare  var Key = args.parent; and in the return statement i try to use this variable as context entry.

In reality,

...

Antanas by L1 Bithead
  • 352 Views
  • 5 replies
  • 0 Likes