Trying to install community edition on ubuntu ec2 instance via wget but getting 401 unauthorized error. Any assistance on this ?
Hello, Do I have to select everything individually when syncing content from main tenant to child tenants?For example,I will sync the playbook, I cannot see the indicent fields used in the playbook. I have to select them one by one.How can I make it sync the dependencies in the playbook while syncing the just playbook instead?
After the XSOAR 8.5 update, our playbook data collection tasks are having data entry issues via the keyboard. The user can enter the first character, but each successive characters needs to be "double-striked" (hit twice) to be recognized. This is across the board in all playbooks. Are other having this issue with XSOAR 8.5 SaaS ?
Hi all, I am not sure if this is a bug in ThreatConnect pack since its reputation commands does not return correct results when it could not find the indicator. The correct behavior should be https://xsoar.pan.dev/docs/integrations/dbot#unknown. Since it does not return correct results in those cases, we have no idea if the command has ever ru...
Hello all, I wanted to share the following procedure I worked through to use the existing XSOAR ServiceNow V2 Integration with the Customer Service Management plugin for ServiceNow. This topic came up during a customer engagement and I was able to work up the below steps to use the create/update/get/delete record commands in the existing integ...
I have a custom layout containing an Linked Incidents table panel. I've edited this layout/table to present specific incident fields (columns) in a defined order. First, I've noticed this does not always show changes to these columns when editing the layout. For example, adding the Action field, and moving it up between two other values - this d...
Hi, I was asked to display a dropdown with each element representing a script. A button next to the dropdown would execute the selected script. Each script requires different user input. Is there a way to ask the user for input based on what element they have selected? I can't create a button per script as the list will be dynamic. Thanks in...
I was wondering how to create a playbook so when a user reports an email as phishing, to somehow have it automatically upload to the CrowdStrike Falcon Sandbox for further analysis - Basically anytime a phishing email with an attachment is submitted to our company report phishing email inbox, to pull it from Abnormal Email Security, then send it...
I'm seeking assistance on securely establishing an SSH connection from Cortex XSOAR to Panorama as part of the integration Prisma Access with XSOAR. This integration aims to execute CLI commands on Panorama, which is hosted within Azure (internally). To ensure security and avoid exposing Panorama to the internet, I'm looking for best practices o...
What is the difference between delete incidents permission and incidents table action "delete"? What are the cases where you enable one and disable the other?
Require some suggestions. I am trying to loop a sub-playbook. If the exit condition is met, everything is okay. However, if max number of iterations are reached the playbook throws and error that waiting for manual input and fails. Anyone has any idea if I am missing something #loopaplaybook
Hello, I'm working on configuring SSH connections from Cortex XSOAR to our internal Azure-based system. To ensure secure and uninterrupted connectivity, I need to whitelist the IP address used by Cortex XSOAR for these outbound connections in our firewalls. Could you provide the IP ranges or specific IP addresses used by Cortex XSOAR for outboun...
Hello all, I need to reopen a large amount of incidents on Xsoar. Can anyone suggest how I can do this? I have tried to run both the built-in command and the automation to reopen from the run command button with the bulk incidents selected but to no avail. Many thanks, MR Cortex XSOAR
Hello, When Im sending GET request to https://myxsoar/lists. Im getting list of all XSOAR lists, there is anyway to get Specific list? I tried: https://myxsoar/lists/test_list but it doesn't work. I didn't find on the documentations anything about this endpoint. Any idea how or if I can do it? (Can run over the response list and search for spe...
Hi I am new to XSOAR. I am trying to configure sending email to user and capturing their response via email. I used the script named ‘EmailAskUser’ to send email and then I am trying to capture the response using ‘EmailAskUserResponse’. However, it says item not found. The ‘responsentryid’ is mentioned of Task EmailAskUser. Share suggestions ...
