This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

XSOAR Lot of big incidents-how to automate ?

Hi Team, I have a customer where there are lot of big incident, (>10mb). Is there any function that automate to delete the big incident? In system diagnostics, the big context and big incident, they want to delete them, automatically. Is it possible? I am waiting for prompt response. Thank you.

Integrations Not Visible

I need to update content pack of microsoft online exchange and thats why I updated content pack with dependcy and push it to production but when i did syn on other tenant the integration page seems empty please any info...Thank you Cortex XSOAR

Syedhkt by L2 Linker
  • 1677 Views
  • 2 replies
  • 0 Likes

Generic Webhook 1.0.28 896436 - Incident Mapping Issue

I am on Cortex XSOAR V8.5 using the Generic Webhook 1.0.28 896436 integration in conjunction with Microsoft Forms and Power Automate to automatically pull incidents and run playbooks. So far, I've been able to successfully pull incidents, classify them to an incident type, and automatically launch a playbook, but no matter what I do I cannot get...

XSOAR HTML images

Hello,I would like to create an HTML template inside XSOAR (using a list) and adding a html image to it. I would like to know, if there is any local resource in where i can save the image and then import it in XSOAR, or it has to be done in a public url. For the other side, I would also like to know if it is possible to render an HTML inside a l...

Resolved! EWS O365 Instance - Not allowed to access Non IPM folder. (85)

XSOAR stopped fetching incidents from our assigned email address on April 3rd. I opened the EWS O365 instance to investigate and did a "test" for troubleshooting and the test result shows: Error (April 9, 2024 11:14 AM) Not allowed to access Non IPM folder. (85) We did not make any settings changes to the instance. After doing some research...

Resolved! Select All in Data Collection multi select

Hi! We have a playbook which extracts indicators and adds it to a certain watchlist. In between, we allow user to select which indicators should be added by using Data Collection - Multi select / Array reply option. It is quite problematic slecting it manually when the selection is large, e.g. 100 entries. Is there a way to add a "Select all" ...

Antanas by L2 Linker
  • 3522 Views
  • 3 replies
  • 0 Likes

Cortex XDR multi-tenancy on XSOAR

Hello there, I am going to have cortex XDR multi-tenancy on one XSOAR. however I cant switch between cortex XDRs on XSOAR. I would be grateful if you could help me in this field. And another problem is that, the configuration of Cortex XDR-IOC, I took an error of unauthorized access, user doesnt have the required license type to run this API. ...

Fetching Microsoft Defender for Office 365 Alerts

Greetings! Has anyone had any success ingesting Microsoft Defender for Office 365 alerts into XSOAR? We're currently fetching MDE alerts using the Microsoft Defender for Endpoint integration. I'd think that, because they share a portal, MDO alerts would also be fetchable using this integration, but I haven't had any success. Microsoft's do...

XSOAR Playbook - Crowdstrike Endpoint Update

Hi All,i am new to XSOAR playbooks but i have managed to get a playbook operational that accepts data from a Microsoft form and then updates a crowdstrike endpoint's tag information (this end point is hard coded atm via its ID).The automation (cs-update-device-tags) will only accept the Crowdstrike ID. Its a unique 32 character value, which is o...

SHobbins by L1 Bithead
  • 2895 Views
  • 3 replies
  • 0 Likes

EWS V2 Integration Issue

Hi Everyoen, I have XSOAR integration with EWS V2, few days ago its working fine but now suddenly got an issue please see the screenshot and provide valueable answers. Error (March 27, 2024 3:42 PM) Script failed to run: Docker code runner got container error: [Docker code script is in inconsistent state, expected pong but didn't got any r...

Syedhkt by L2 Linker
  • 2252 Views
  • 1 replies
  • 0 Likes
  • 1298 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks