Where do I go to download the community edition of XSOAR?
Hi everyone All incidents from our cortex xsoar instance are missing or are not shown, but we don't have any filter. The info is still on the server because we can see all the .db files, we tried to re-index the database but this didn't solve the issue. any ideas what might be happening? thanks
Hi All, i have a playbook task that runs a XQL query against a dataset to take info from the alert context data, do a search against a specific dataset, then take the output of the '_broker_device_name' field and then this is written to my parentincidentcontext data.. this works. however, i am struggling with a simple task, and this is for a ...
Hi all, im new to xsoar dashboarding can anyone guide me how to create a widget to get playbook execution count with playbook name and playbook tag
Hello, Are there specific playbooks or automation features that have significantly improved SOC workflows?
I need to define a known user list as an Object List so that the playbook can automatically check it. If the username involved in the incident is found in this known list, the condition should pass and the incident should move forward toward automatic resolution. How do we properly define a list inside the playbook and configure the logic so t...
I found the issue after using script json2html table to convert json array to HTML table. it's return to empty vaule. Do you have any idea?
Hello Everyone, I wanted to create a custom command in additional to the existing commands present for one of the integrations we have configured in XSOAR from the marketplace. How can I achieve this? I checked the documentation, but it refers to script creation. Thanks in advance.
Hello, How can Cortex XSOAR be leveraged to map incident data, playbook actions, and adversary techniques to the MITRE ATT&CK Framework?
Hi, Is anyone able to guide me on how to achieve this perhaps? I want to ran a task in a playbook that will do a custom query in a dataset and pull information and add it to the alert context data.. is this possible and if so guidelines would be appreciated. thanks in adv
For Cortex XSOAR 6.X On-premises deployment, in server deployment / system requirements describes that IPv4 IP forwarding is required (System Requirements • Cortex XSOAR Administrator Guide • Palo Alto Networks documentation portal ). Security team is questioning if there is other possibility to deploy XSOAR by not enabling IPv4 IP Forwarding or...
Hello LiveComm, I am attempting to establish the Any.run integration on my XSOAR. I am using the latest version and have an issue with the instance properties. Firstly, there is no "Use system proxy settings" and the instance requires URL, User, Password API Key, API Key ID. Every value here is obligatory and it is not clear how to make this wor...
I am trying to create a playbook that uses the ms-teams-message to send it to my teams webhook. I want the playbook to trigger and run for all new alerts. I have the trigger set now to resolution status=new, but this is not triggering for all new alerts even the ones with that status. Any ideas how to trigger on all new alerts or a better way to...
I need to export a list of (filtered) Incidents on the XSOAR Incidents page/list. If I click the "Select All Rows" checkbox at the top-left of the list, and then use the Export button, I get an xlsx file, but it only has 50 rows (which is apparently the unchangable limit of how many rows it selects. However, if I click the "Select all x,xxx item...
Hello, I have a question regarding the Cortex Firewall. Does the Cortex Firewall component take control of the Windows Firewall? In other words, if the Windows Firewall is active on an endpoint, will Windows Defender show that it's being managed by Cortex? Thanks.
| Subject | Likes |
|---|---|
| 1 Like | |
| 1 Like | |
| 1 Like | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
