Splunk Add-on XSOAR Mapping
We fetch incident with Splunk Add-on. What should I do to enrich and map it? How can I run the mapper here? or do I need to proceed with setincident commands?
#SplunkAddon
Cortex XSOAR
We fetch incident with Splunk Add-on. What should I do to enrich and map it? How can I run the mapper here? or do I need to proceed with setincident commands?
#SplunkAddon
Cortex XSOAR
Hi!
We have a playbook which extracts indicators and adds it to a certain watchlist. In between, we allow user to select which indicators should be added by using Data Collection - Multi select / Array reply option. It is quite problematic slecting
...
Hello there,
I am going to have cortex XDR multi-tenancy on one XSOAR. however I cant switch between cortex XDRs on XSOAR. I would be grateful if you could help me in this field. And another problem is that, the configuration of Cortex XDR-IOC, I t
...
Json data in tables in xsoar does not show up when I try to export the table to a pdf report. I'm wondering if anyone else has had this issue or possibly has an alternative way to display this data in a report. (see attached screenshots)
Thanks!
Greetings!
Has anyone had any success ingesting Microsoft Defender for Office 365 alerts into XSOAR?
We're currently fetching MDE alerts using the Microsoft Defender for Endpoint integration. I'd think that, because they share a portal, MDO alert
...
Hi All,
i am new to XSOAR playbooks but i have managed to get a playbook operational that accepts data from a Microsoft form and then updates a crowdstrike endpoint's tag information (this end point is hard coded atm via its ID).
The automation (cs-upd
When should you use the "Delete context" script? Is it a good practice to use it at the beginning of the playbooks?
** Note: this is a question from our Customer Success Webinar: Playbook optimization in Cortex XSOAR
Cortex XSOAR
Hi Everyoen,
I have XSOAR integration with EWS V2, few days ago its working fine but now suddenly got an issue please see the screenshot and provide valueable answers.
Script failed to run: Docker code runner got
...
I want to assign incident to new owner in xsoar , how to reassign tasks(pending as well as completed) automatically to the new owner
Hello,
By using SLA/Timer on XSOAR, I want the playbook to wait until 08.00 the next day. how can I do that?
I can use the sleep function, but I want to do it in the most performant way. Do you have any other suggestions?
Thanks.
Hi, I am trying to create a custom widget that calculate follwing (Total Incident+ Total Command Execution) with date paramters adjusted by widget. I tried to implement this with JSON method and Automation Script but unable to get the solution. Can y
...
Greetings;
Does anyone know or have created a method or know if using the Palo Alto API I can extract SLRs or download firewall dumps from XSOAR?
thank you so much.
Hello Live Community,
I have a few questions regarding an NFR license that we currently have for an XSOAR Server. I want to create an HA configuration or use the existing license for a Dev server alongside the prod server. Does the license allow me
...
Hello Team,
We're experiencing an issue upon logging in to cortex where it will just loop the home page. Upon checking, the developer tools we find below error.
This server could not verify that you are authorized to access the docume
...
Hello,
we're trying to integrate Cortex XDR to our XSOAR, we already have the "Palo Alto Networks Cortex XDR - Investigation and Response" instance and we set the Starred incidents fetch window and the First fetch timestamp to 30 days (we even try to
...Subject | Likes |
---|---|
1 Like | |
1 Like | |
1 Like | |
1 Like | |
1 Like |
User | Likes Count |
---|---|
3 | |
1 | |
1 | |
1 |