This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! Looping A Sub-Playbook

Require some suggestions.

I am trying to loop a sub-playbook. 
If the exit condition is met, everything is okay. However, if max number of iterations are reached the playbook throws and error that waiting for manual input and fails. 

Anyone has any id

...

Resolved! Cortex XSOAR SSH Outbound Connection IP issue

Hello, I'm working on configuring SSH connections from Cortex XSOAR to our internal Azure-based system. To ensure secure and uninterrupted connectivity, I need to whitelist the IP address used by Cortex XSOAR for these outbound connections in our fir

...

Wassif by L1 Bithead
  • 1257 Views
  • 1 replies
  • 0 Likes

Reopen XSOAR Incidents Bulk in XSOAR

Hello all, 

I need to reopen a large amount of incidents on Xsoar. Can anyone suggest how I can do this? 

I have tried to run both the built-in command and the automation to reopen from the run command button with the bulk incidents selected but to n

...

Resolved! XSOAR - EmailAskUserResponse

Hi I am new to XSOAR. I am trying to configure sending email to user and capturing their response via email. I used the script named ‘EmailAskUser’ to send email and then I am trying to capture the response using ‘EmailAskUserResponse’. However, it s

...

Resolved! Help with feeds

Hello, I need your help. I need feeds for domain classification and another feed for phishing, to determine whether domains have been compromised or not. What do you recommend for Cortex XSOAR #

tlmarques by L4 Transporter
  • 1193 Views
  • 1 replies
  • 0 Likes

XSOAR CreateEmailHtmlBody Error

I am attempting to create an email from an HTML template but am receiving an error stating "Item not found (8) on list..." followed my the HTML contents of my saved list. I am sure it is looking for the key attribute that is required for the script,

...

Python Scripts


Hi community,

Can anyone provide python scripts that automate the most common 3-4 SOC use cases + any non security use case that could be automated

regish by L0 Member
  • 719 Views
  • 1 replies
  • 0 Likes

SplunkPy Integration

Hi everyone,
I get data from splunk with the "search index=notable" query using Splunkpy. I assign the incoming data to the type named Splunk Generic Notable by default. Here, when an incident occurs, there are fields such as event_code, process_name

...

  • 1206 Posts
  • 42 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks