Recurring automation on active tickets

I'm trying to run an automation every hour which checks for Warroom entries and executes certain code in the automation. This automation should only run and check on the active tickets. The automation itself works, but I still need to execute it with

Cortex XSOAR and Cortex XDR Integration - Fetch Incident

Hello,

I want to automatically import incidents that occur in XDR as incidents into XSOAR.

The integration is successful, but I cannot view the occurring incidents in xsoar and I get the following error.

Error: Script failed to run:
Error: [Traceb

Global Protect VPN logs from Panorama to Cortex XSOAR

Hello, was reviewing Globalprotect VPN Logs in Panorama and am currently stumped on how to even create an alert or find the logs in which to send to XSOAR. I reviewed the PAN-OS integration, and I can link it to Panorama, but it will collect logs bas

Where to Download XSOAR Single Server Installer Setup File

Hello Team,

Kindly help where to download the xsoar server installer setup file (single server installer file i.e standalone server mode)

planning to deploy xsoar test setup environment.

I followed the guide single server installation steps and

"<-demisto-hyper->" appears at the beginning and end of a markdown field, which makes it impossible to read the markdown during a jsontotable.

Hello,

"<-demisto-hyper->" appears at the beginning and end of a markdown field, which makes it impossible to read the markdown during a jsontotable.

Please assist.

6.12 on RH 7.9 - Web server won't start

Hello. We tried in many ways but web server wont start. I see the server working and doing outbound connection, but it's not listening on 443.

There is nothing strange in the log as I can see.

I don't know what I can look at to fix that.

Thanks

Non Enterprise Security Splunk users

Hi

Please share some info on how you are running your setup.

We are currently using the TA-Demisto splunk app to push the alerts to the XSOAR but having issues with excessive incidents in XSOAR being created when we use the |table in our searches a

Extracting Incident Files from the Server Side or Through API

I have a functionality question regarding Incident Files, for example, images. I have uploaded images as both "Files" and "Media" on the XSOAR incident through the war room. Can these files be accessed from the DB or Linux side? Take note that this i

Playbook to upload IOCs to Cortex XDR

Hello,

We are working in an integration between XSOAR and XDR.
We want to upload IOCs from a given file to XDR, we have seen that Cortex XDR - IOC integration allows a synchronization of IOCs but what we want is a manual push of new IOCs to XDR, not to

Creating a Playbook to Upload Indicators to Various XDR Tenants

Hello all, 

I am currently building a playbook that can pull indicators from an external MISP system and then publish them to various tenants of Cortex XDR. I have seen that there was a similar post in the past yet the solution suggested in 2022 does