This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! XSAOR with HA using Open search Upgrade

Hi Team, The customer uses the XSOAR in High Availability using OpenSearch. and the number of app servers is 2. So is it possible to upgrade the XSOAR not stopping the server? For ex) Stop the App server 1 and upgrade the App server 1 first, an start the App server 1 with the upgraded version, and second stop the App server 2. and upgrade th...

XSOAR Multi-Engine Deployment on CentOS7

I just had our instance migrated to 8.5. during testing we figure out that we could not update our engine using the shell program and need to do a zip deployment. The basic instructions for ZIP does not support multple engines on the same host. Here is our solution If see problems please comment xsoar create zip archive "d1_ENGINENAME".zi...

kreeves by L1 Bithead
  • 1333 Views
  • 1 replies
  • 0 Likes

Marketplace Content Not Available

Recently I was trying to install Oletools pack and got an error:Could not install pack: Get "https://marketplace.xsoar.paloaltonetworks.com/content/packs/Oletools/1.0.5/Oletools.zip": x509: certificate signed by unknown authorityTrying other packs, same error.I never changed or updated default PA certificate.Cortex XSOAR

MMagdic by L2 Linker
  • 1778 Views
  • 3 replies
  • 0 Likes

XSOAR Lot of big incidents-how to automate ?

Hi Team, I have a customer where there are lot of big incident, (>10mb). Is there any function that automate to delete the big incident? In system diagnostics, the big context and big incident, they want to delete them, automatically. Is it possible? I am waiting for prompt response. Thank you.

Integrations Not Visible

I need to update content pack of microsoft online exchange and thats why I updated content pack with dependcy and push it to production but when i did syn on other tenant the integration page seems empty please any info...Thank you Cortex XSOAR

Syedhkt by L2 Linker
  • 1768 Views
  • 2 replies
  • 0 Likes

Generic Webhook 1.0.28 896436 - Incident Mapping Issue

I am on Cortex XSOAR V8.5 using the Generic Webhook 1.0.28 896436 integration in conjunction with Microsoft Forms and Power Automate to automatically pull incidents and run playbooks. So far, I've been able to successfully pull incidents, classify them to an incident type, and automatically launch a playbook, but no matter what I do I cannot get...

XSOAR HTML images

Hello,I would like to create an HTML template inside XSOAR (using a list) and adding a html image to it. I would like to know, if there is any local resource in where i can save the image and then import it in XSOAR, or it has to be done in a public url. For the other side, I would also like to know if it is possible to render an HTML inside a l...

Resolved! EWS O365 Instance - Not allowed to access Non IPM folder. (85)

XSOAR stopped fetching incidents from our assigned email address on April 3rd. I opened the EWS O365 instance to investigate and did a "test" for troubleshooting and the test result shows: Error (April 9, 2024 11:14 AM) Not allowed to access Non IPM folder. (85) We did not make any settings changes to the instance. After doing some research...

Resolved! Select All in Data Collection multi select

Hi! We have a playbook which extracts indicators and adds it to a certain watchlist. In between, we allow user to select which indicators should be added by using Data Collection - Multi select / Array reply option. It is quite problematic slecting it manually when the selection is large, e.g. 100 entries. Is there a way to add a "Select all" ...

Antanas by L2 Linker
  • 3669 Views
  • 3 replies
  • 0 Likes

Cortex XDR multi-tenancy on XSOAR

Hello there, I am going to have cortex XDR multi-tenancy on one XSOAR. however I cant switch between cortex XDRs on XSOAR. I would be grateful if you could help me in this field. And another problem is that, the configuration of Cortex XDR-IOC, I took an error of unauthorized access, user doesnt have the required license type to run this API. ...

Fetching Microsoft Defender for Office 365 Alerts

Greetings! Has anyone had any success ingesting Microsoft Defender for Office 365 alerts into XSOAR? We're currently fetching MDE alerts using the Microsoft Defender for Endpoint integration. I'd think that, because they share a portal, MDO alerts would also be fetchable using this integration, but I haven't had any success. Microsoft's do...

  • 1302 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks