Cortex XSOAR Discussions

Get Specific List from /lists Endpoint (XSOAR API)

Hello,

When Im sending GET request to https://myxsoar/lists.

Im getting list of all XSOAR lists, there is anyway to get Specific list?

I tried:

https://myxsoar/lists/test_list

but it doesn't work.

I didn't find on the documentations anything about th

...

Resolved! XSOAR - EmailAskUserResponse

Hi I am new to XSOAR. I am trying to configure sending email to user and capturing their response via email. I used the script named ‘EmailAskUser’ to send email and then I am trying to capture the response using ‘EmailAskUserResponse’. However, it s

...

Resolved! Help with feeds

Hello, I need your help. I need feeds for domain classification and another feed for phishing, to determine whether domains have been compromised or not. What do you recommend for Cortex XSOAR #

Is it possible to perform server configurations via ssh in XSOAR?

Server configurations such as additional headers are required. Is it possible to configure directly in a configuration file through the console?

We are having an error in the ForwardAuditLogsToSplunkHEC: Reason: Failed to execute BaseScript. Error: string indices must be integers

We are having an error in the ForwardAuditLogsToSplunkHEC: Reason: Failed to execute BaseScript. Error: string indices must be integers.

We have a job sending the logs from XSOAR to Splunk, and suddenly has stopped working. As the script is part of

...

Resolved! How to send via HTTP to the XSOAR data to be injected in a playbook?

I have a playbook that needs feedback from outside. To set some context, let's say that the playbook generates a UUID a5de4f06-2941-4e26-975e-5e6cb316916d and informs a user that they need to go to https://example.com/a5de4f06-2941-4e26-975e-5e6cb316

...

Install Red Hat patches on XSOAR server

Hi,

I'd like to install Rad Hat patches on the XSOAR server.

Is it possible, or is there a risk?

Many thanks,

Paz

Hiding Incident Types from Specific Role

Hello all,

I have recently come across a use case that requires me to hide incidents from the Tier 1 Team during escalation in order that it can be free to be assigned to a Tier 2 analyst. Is there a way to hide an incident based on an incident fiel

...

Cortex XSOAR integration with Logrhythm SIEM

We were recently having use case for a SIEM integration with cortex XSOAR. We have an on-premise LogRhythm SIEM server which we need to integrate with our Cortex XSOAR.

I have gone through the official XSOAR documentation for the integration but it

...

XSOAR CreateEmailHtmlBody Error

I am attempting to create an email from an HTML template but am receiving an error stating "Item not found (8) on list..." followed my the HTML contents of my saved list. I am sure it is looking for the key attribute that is required for the script,

...

Python Scripts

Hi community,

Can anyone provide python scripts that automate the most common 3-4 SOC use cases + any non security use case that could be automated

Cortex XSOAR queries

Hi Team,

We planned to integrate the IOC push from Cortex XSOAR to other tools, for example, Palo Alto firewalls, other firewalls, SIEM tools, and XDR tools. Is this possible? If so, could you please share any documentation or guidance?

HTML field

Hello everybody,

I have a question regarding HTML fields in XSOAR. So I have a Python script to get data from a table but I'm wondering how do I configure an HTML field so that the data my script returns is displayed in an HTML format? I tried conn

...

Resolved! Can't Append strings into incident.Hostnames

Hi all!,

I'm having issues trying to update the incident.Hostnames field.

What I want to do:

I'm receiving an alert which involve different hostnamed, for the sake of simplicity and to track easier the incidents we want to add the hostnames to th

...