This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! Problem with Slack Notifications

Email notifications are working fine and I want to see the same notification on Slack too. On mentions in the war room, slack should send a notification to users dm. Even though I have notifications enabled for SlackV3 I am not receiving anything on

...

EnesOzdemir_1-1683280310326.png
EnesOzdemir_0-1683280130237.png

Resolved! indicator extract data

im working on a project with xsoar indicators, we want to add a extra field to the layout that describes what the analist have to look for when certain indicators are present, now that problem that im running into is im trying to make a dynamic secti

...

rune.man by L0 Member
  • 1079 Views
  • 2 replies
  • 0 Likes

Resolved! running polling commands from automations

opsgenie-get-request is a polling command but when it is being run from an automation it results in an error. From CLI or through playbook tasks, the output returns to the war room once it finishes. That's doesn't seem to be the case in automations.

...

XSOAR getIncidents command

Hi community, 

 

I've been making great use of custom scripts to extract reporting metrics that wouldn't have been possible with the built in widgets. But something I've noticed recently is that querying incidents seems to be causing huge spikes in C

...

Resolved! Docker Image [exit status 120]

I created an 'image' with the 'docker_image_create' command, containing the pymisp and pandas libraries. I'm having a problem now and I can't make sense of it, any ideas?


Error from Scripts is : Script failed to run: Container exit with error. contain

...

Resolved! XSOAR Delete Messages using Graph API

I know EWS and O365 are current options for the Delete messages playbook however does anyone know it the Graph API is going to be added as an option? Due to certain restrictions I am being forced down the Graph API route for the preferred integration

...

DennisO by L1 Bithead
  • 1841 Views
  • 7 replies
  • 0 Likes

Blueliv API integration error

We are testing XSOAR and integrations. We have some problems when we try to fetch incidents in BlueLiv integration. 

 

This is the complete error:

Error: Script failed to run: Error: [Traceback (most recent call last): File "<string>", line 5...

socser by L0 Member
  • 1051 Views
  • 2 replies
  • 0 Likes

Extract Indicator in XSOAR

Hi all,

I want to manually extract the 'IOC alarm' coming from XDR. But the incoming IP addresses come in 2 ways as 'action_local_ip' and 'action_remote_ip'. If I extract according to action_local_ip or action_remote_ip, some IOCs get an error (wrong

...

Resolved! Incident fetch reset timestamp

Hi 

I have a doubt regarding incident fetch -if we reset the timestamp in any integration in xsoar and set the first fetch as 24 hours. Will it fetch only the new incidents or will it fetch incidents from past 24 hours 

 

(note - this is for integrat

...

SMAX Integration Error

Hi Everyone,

 

We have integrated SMAX as the ticketing solution on XSOAR for one of the clients.

After configuring, it is giving an unexpected error. I don't think its a network issue or issue with the credentials.

 

Some assistance on the error wou

...

Dwai by L0 Member
  • 904 Views
  • 1 replies
  • 0 Likes

Resolved! McAfee Mvision Integration Missing Image

Hello,

I am attempting to use the integration provided by EDR-Integrations by Martin Ohl. 

When performing the test I receive the error "Error response from daemon: pull access denied for mohlcyber/dxl, repository does not exist or may require 'docke

...

  • 942 Posts
  • 30 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks