Hi all,
How can i fetch the alert generated by CrowdStrike Next-Gen SIEM to SOAR? Here, are the alerts generated by queries created or like Email, Cloud category.
#XSOAR #CrowdStrike #Next-GenSIEM
Hi,
I have created a playbook that extracts IOC from a csv in a mail.
I want to ask the analyst if they want to manually review or auto block the IOCs.
If the analyst marks Manual review I want it to loop over every IOC and the analyst should mark to b
I configured my playbook to execute EmailAskUser script but I don't know what is happening in the background causing the completion of the next task. Can somebody explain this behavior to me? The script isn't well documented and I was wondering the d
...
Hi Team,
I want to get the events between the dates I give from Microsoft 356 Defender. In the ‘microsoft-365-defender-incidents-list’ command, the limit is set to maximum 100. What should I do to make the limit unlimited?
The command:
test_data ={’...
Hi All,
I tried to send an attachment using the attachment ID in Exchange Web Services (EWS) for Office 365, and I was also able to see the entry ID of the file in context object. However, the structure of the entry ID is different from the standard
...
Who is impacted?
Users of Docker Engine v19.03.x and later versions who rely on authorization plugins to make access control decisions.
Who is not impacted?
Users of Docker Engine v19.03.x and later versions who do not rely on authorization plugins to
We are getting below error in Redhat while loading the images.
Error: payload does not match any of the supported image formats: * oci: open test21.tar/index.json: not a directory * oci-archive: loading index: open /var/tmp/container_images_oci303933
...
Hi everyone,
Does anyone know if it's possible to paste evidence (screenshots) into an Incident using CTRL+V? I've tested it and sometimes it works, but sometimes it doesn't...
Does anyone know if it's possible to create a button that allows uploading
Hi all,
I want to assign all incidents that are Linkedincident to a single owner. What should I do for this?
I tried to assign with top-user,machine-learning parameters. But that didn't work.
We want to monitor server performance in real time for that we are using default dashboard named "System Health". But in that we are not able to monitor disk.
Our server is on Prem and its version of xsoar is 6.12.
Please assist quickly.
I'm currently using the free edition of Cortex XSOAR and have encountered a couple of issues related to reports:
Missing "Add New Report" Button: According to the documentation and tutorials I've followed, there should be an "Add Report" button in t
Hi team,
I wanted to see if there is any way to troubleshoot or view debug output/logs in XSOAR 8 on-prem?
I have not had much luck getting the OVA version fo deploy successfully, let alone completing the install and accessing a functional UI. I am p
Say DEV > PROD is enabled, and I need to add a user to UGBAC in PROD. Would that be possible directly in XSOAR?
*This question was asked during our XSOAR CS webinar: Cortex XSOAR Customer Success Webinar: On-Prem v6 Migration to v8 SaaS
Do we need additional proxy rules for MS Teams integration?
*This question was asked during our XSOAR CS webinar: Cortex XSOAR Customer Success Webinar: On-Prem v6 Migration to v8 SaaS
Hi Team,
I'm trying to zip a file using ZipFile Automation as a task in the playbook and after it has been zipped use the ZIP file EntryID to be sent attached in an email, I'm getting this error:
'Unable to read file with id b4841215-d627-4c36-9c
...
