Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Resolved! XSOAR Delete Messages using Graph API

I know EWS and O365 are current options for the Delete messages playbook however does anyone know it the Graph API is going to be added as an option? Due to certain restrictions I am being forced down the Graph API route for the preferred integration

...

DennisO by L1 Bithead
  • 1663 Views
  • 7 replies
  • 0 Likes

Blueliv API integration error

We are testing XSOAR and integrations. We have some problems when we try to fetch incidents in BlueLiv integration. 

 

This is the complete error:

Error: Script failed to run: Error: [Traceback (most recent call last): File "<string>", line 5...

socser by L0 Member
  • 1003 Views
  • 2 replies
  • 0 Likes

Extract Indicator in XSOAR

Hi all,

I want to manually extract the 'IOC alarm' coming from XDR. But the incoming IP addresses come in 2 ways as 'action_local_ip' and 'action_remote_ip'. If I extract according to action_local_ip or action_remote_ip, some IOCs get an error (wrong

...

Resolved! Incident fetch reset timestamp

Hi 

I have a doubt regarding incident fetch -if we reset the timestamp in any integration in xsoar and set the first fetch as 24 hours. Will it fetch only the new incidents or will it fetch incidents from past 24 hours 

 

(note - this is for integrat

...

SMAX Integration Error

Hi Everyone,

 

We have integrated SMAX as the ticketing solution on XSOAR for one of the clients.

After configuring, it is giving an unexpected error. I don't think its a network issue or issue with the credentials.

 

Some assistance on the error wou

...

Dwai by L0 Member
  • 837 Views
  • 1 replies
  • 0 Likes

Resolved! McAfee Mvision Integration Missing Image

Hello,

I am attempting to use the integration provided by EDR-Integrations by Martin Ohl. 

When performing the test I receive the error "Error response from daemon: pull access denied for mohlcyber/dxl, repository does not exist or may require 'docke

...

Run a command on all tenants from master

hi everyone,

 

I need some help with microsoft graph integrations with multi tenancy

 

I configured an instance of Microsoft Graph Mail Single User integration in the master and want to sync to all the tenants. Simply syncing won't work because the i

...

Apply transformers directly on variables

Hello,

I'm creating Json lists introducing data in them. I'm using "addToList" automation. The data introduced example:

listData:

{"key1":{

"subkey1: ${dataInput1},

"subkey2: ${dataInput2},

"subkey3: ${dataInput3},

"subkey4: ${dataInput4}

}

 

Is ther

...

Josep by L4 Transporter
  • 799 Views
  • 1 replies
  • 0 Likes

Even though get-remote-data command executes successfully, the entries returned in the GetRemoteDataResponse object is not being added to the incident

When the get-remote-data is being called, I am getting below errors when returning entries to the GetRemoteDataResonse. The command is executes successfully, but I do not get entries in the XSOAR incident which I have passed to the GetRemoteDataRespo

...

HarshPanchal_0-1674821669351.png
HarshPanchal_2-1674821769217.png

Panoroma IP Blocking Issue

I wanted to block ips via using xsoar, on Pan-os panorama. We have integrated xsoar and panoroma but non of the automations provide us a blocking on panorama. In addition to that I tried to give inputs to Block IP Generic v3 playbook(which is provide

...

UmutAK by L1 Bithead
  • 689 Views
  • 1 replies
  • 0 Likes
  • 895 Posts
  • 30 Subscriptions