Cortex XSOAR Discussions

No remote "Content Repository" tab despite ui.version.control.show.remote = true

Hi,

I am trying to setup remote repositories, in a first step only the dev environment.

In About -> Troubleshooting I have set "ui.version.control.show.remote" to "true" (copy-pasting it from the documentation [1] and checking multiple times for ty

...

incidents pulling time

Hi ,
in my Qradar integration I don't have this parameter ,

I have enabled the "Long Running Instance" and still it takes too long for the incidents to be fetched.

Is there a way to manually configure the Incident Fetch Interval.
I'm using IBM QRad

...

Hi, I am trying to create a custom widget that calculate follwing (Total Incident+ Total Command Execution) with date paramters adjusted by widget. I tried to implement this with JSON method and Automation Script but unable to get the solution. Can y

...

Resolved! Mapping labels "message" to Incident Context without Regex

Kind of similar to the below link:

LIVEcommunity - Cortex XSOAR Context Issue - LIVEcommunity - 437729 (paloaltonetworks.com)

I've tried mapping content from the Abnormal Security integration and from the Syslog v2 integration. The Abnormal Securit

...

Create Slack Channel from XSOAR

I am attempting to create a Slack channel from XSOAR using the slack-create-channel command. After a few minutes, I get the following error:
"Reason

Error from SlackV3 is : Script failed to run: Timeout Error: Docker code script failed due to timeo

...

Bug in native playbook 'QRadarFullSearch'

Hello,

XSOAR's native playbook named 'QRadarFullSearch' has a task called 'Get QRadar search results'. Everytime we run this task, it fails with the following error log:

Failed to execute qradar-get-search-results command.
Error:
Traceback (most recent c

...

Using "GetFailedTasks" with a relative time range of 7 or 30 days lookback

Hello all,

I am working with the task 'GetFailedTasks' withing the Integrations & Incidents Health Check playbook. When running this task within this system playbook I am only getting failed tasks from the beginning of the year and this is likely due

...

Drop and Update but NOT Create (Pre-Processing)

Hi,

I am trying to write some preprocessing rules to report on and update BitSight incidents. I only want to create incidents that have a grade of 'BAD' or 'WARN'. I do want to capture, however, when a given incident's grade is updated within BitSi

...

bitsight-company-findings-get automation

Hello,

I am attempting to use the 'bitsight-company-findings-get' command within my automation script, but I am getting an error after I run my script in the playground war room saying I'm using the invalid character '{' even though I copied the co

...

Resolved! Storing Incident Notes in Context Data

Hello all,

I am working on a use-case in which I need to store text based comments (Including MD) to context data for report generation. I have tried to create a script for this yet I have not succeeded. Is there a way to access the comment section i

...

Resolved! Working with lists

Hi ,

In the settings section i created a new list

The list contains for example:

TEST,Mon Oct 30 2023,Teva.com/\teva.co.il/\test@gmail.com,user1,
BBLTD,Mon Oct 30 2023,10.0.0.14/\DASD.com/\sdasdas.co.il,user1,
BBMA,Mon Oct 30 2023,10.0.0.14/\DASD.c

...

Resolved! "Request-URI Too Large"

Leveraging a "service desk plus" integration. I can take the same request and send it via postman successfully, but XSOAR is choking on it with a URI too large error:

===Server Log====
Command being called is service-desk-plus-request-create

Failed t

...

Deselect by default the objects to be synchronized between tentants

Hello,

When we want to sync a new object into production between tenants, we should first deselect all the objects in all tabs with the option "None" and then select only the objects we would like to sync. This action is critical, since if "None" is

...

Resolved! How can I retrieve the integration instance configurations through the api?

Hi Team,

I need assistance in retrieving configurations for a specific integration instance to create an incident link. When I use the endpoint /settings/integration/search, it provides a comprehensive list of all integrations along with their source

...

Resolved! Upload a File to the "Attachments" Section of an Incident

Hello all!

I have an automation in which I'm trying to upload a file to the "Attachments" section of the current incident.

I can upload the file to the war room, but I would also like to move the file to the attachments section of the incident so

...

Cortex XSOAR Discussions

Discussions

No remote "Content Repository" tab despite ui.version.control.show.remote = true

incidents pulling time

Resolved! Custom Widget Xsoar

Resolved! Mapping labels "message" to Incident Context without Regex

Create Slack Channel from XSOAR

Bug in native playbook 'QRadarFullSearch'

Using "GetFailedTasks" with a relative time range of 7 or 30 days lookback

Drop and Update but NOT Create (Pre-Processing)

bitsight-company-findings-get automation

Resolved! Storing Incident Notes in Context Data

Resolved! Working with lists

Resolved! "Request-URI Too Large"

Deselect by default the objects to be synchronized between tentants

Resolved! How can I retrieve the integration instance configurations through the api?

Resolved! Upload a File to the "Attachments" Section of an Incident

Extrahop Reveal X Integration - Stop fetching of Hidden Detections possible?

Default Field Mapping in QRadar Content Pack 2.5.7 on XSOAR 6.12

Field Change Script To System Fields

How to Copy Incident Files from Linked Incidents

Can XSOAR disk space vary automatically?

Missing button scripts from content packs

Re: Editing custom content via XSOAR UI and local PC

Is there a way to obtain Cortex XSOAR community edition

Re: Missing button scripts from content packs

Re: Extracting fields from Context/JSON in Playbook

Unlock your full community experience!

Cortex XSOAR Discussions

Resolved! Custom Widget Xsoar

Resolved! Mapping labels "message" to Incident Context without Regex

Resolved! Storing Incident Notes in Context Data

Resolved! Working with lists

Resolved! "Request-URI Too Large"

Resolved! How can I retrieve the integration instance configurations through the api?

Resolved! Upload a File to the "Attachments" Section of an Incident