This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! Integration Sentinel One <> XSOAR

Hi everyone! How are you? I have a problem with the integracion of Sentinel One from XSOAR: In Sentinel I have a few rules for some Incidents. One rule closes the incident as soon as it is discovered by the platform, that is, the incident is created on the platform and the rule that closes it is automatically executed. I can summarize the proble...

Screenshot 2024-08-22 102854.png

Resolved! Cortex XSOAR V8.7 Back Up

I'm unable to find any backup options for the cloud-based Cortex XSOAR V8.7 platform. Could you please provide any guidelines or resources on how to create a backup? My license is going to expire soon, so I need to ensure I have a proper backup in place. Cortex XSOAR #backup

Resolved! Command Line syntax question

How do I combine commands on the #XSOAR command line? If one command wants a list, I would like to call a list, not enumerate it on the command line. For example, the RandomElementFromList works like this: !RandomElementFromList count=1 value="banana, orange, potato" may randomly respond with "orange". Easy Peazy. getList works like this:...

BRowe_23 by L1 Bithead
  • 2321 Views
  • 3 replies
  • 0 Likes

Help with Cortex XSOAR API

Hi everyone, I'm currently working with XSOAR API, and I'd like to get some help in this way. I gotta gather all the data from a specific dashboard. I know that there is one API endpoint that I can use for it but, the documentation does not explain properly how to use each endpoint in XSOAR, and I can't do any request correctly. For example,...

SergioPalacios_0-1724228708500.png

JavaScript vs Python scripts

Hi everyone, Lately, I was wondering about Python and JavaScript performance in terms of computational speed and XSOAR resource use. I'd like to work as efficient as possible and that's the reason I'd like to ask for the XSOAR community thoughts. I'm currently working with Python 3.11.9 (main, Aug 2 2024, 14:46:25) [GCC 13.2.1 20240309] (I d...

Cortex XSOAR DNS resolving issue

Hi all, I am trying to integrate Cortex XDR with Cortex XSOAR. I have configured api key and other settings . But sometimes this integration works, sometimes do not, because of DNS resolving issue. I dont think it is our DNS servers problem, because when i nslookup same domain from command line (where xsoar is installed) resolution is success...

Resolved! How to configure proxy certificate in XSOAR server

What is the configuration path to update proxy certificate in XSOAR server? Is it the same as "Apply the Certificate to Cortex XSOAR" explained in the link below? https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.11/Cortex-XSOAR-Administrator-Guide/Install-or-Renew-a-Custom-Certificate#:~:text=Apply%20the%20Certificate%20to,sudo%20servi...

gnakhede by L1 Bithead
  • 1444 Views
  • 1 replies
  • 0 Likes

MT out of sync issue

Hi Team, One of my customer accounts in multi-tenant setup appear to be out-of-sync despite successfully syncing. I have synced accounts from the Main Account UI using both the 'Sync all accounts' and 'Sync' individually selected accounts . The content appears to have propagated, however, when clicking 'Sync' subsequent times, there are many it...

XSOAR removes roles from a user - Licensing issues?

Hi team, I currently have 6 users configured in XSOAR (including the admin user). However, we only have 5 licenses contracted. The "admin" user has the admin role.The remaining users are assigned the analyst role.Incident: I have noticed that, from time to time, XSOAR removes the role of an analyst user for no apparent reason. Questions: Is it p...

jcajam by L0 Member
  • 915 Views
  • 1 replies
  • 0 Likes

Questions regarding the operation of Cortex Xsoar

Hi Team, I have some questions regarding the operation of Cortex Xsoar and need assistance 1. I bought a license for 5 users. Does that mean you can only create 5 users or only 5 users can be active at the same time? 2. How to classify incident ingress from ibm qradar 3. Can I use 2 nested DT query sessions? ${subplaybook-${CurrentPlayBookID...

Log bundle extraction issue with System Diagnostics and Health Check

Hi All, Is there anyone faced below issues with the content pack "System Diagnostics and Health Check" (#System Diagnostics and Health Check | Cortex XSOAR (pan.dev)) while running the main playbook 'Health Check &gt; Health Check - Collect Log Bundle'. 1. The main playbook 'Health Check' successfully invokes sub-playbook 'Health Check - Collect...

Arpan_C by L1 Bithead
  • 3699 Views
  • 6 replies
  • 0 Likes

XSOAR Login error when using aws load balancer

Hello This is AWS environment.I installed XSOAR 6.12 on Private EC2.Since it is not accessible from the outside, I created a Public Subnet, connected a Load Balancer, and specified the Private EC2 where XSOAR is installed in the target group. The Load Balancer DNS address uses the default value.(ex. ***-*****-**-1*********.ap-northeast-2.elb.ama...

CrowdStrike Next-Gen SIEM

Hi all, How can i fetch the alert generated by CrowdStrike Next-Gen SIEM to SOAR? Here, are the alerts generated by queries created or like Email, Cloud category. #XSOAR #CrowdStrike #Next-GenSIEM

  • 1300 Posts
  • 45 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks