Cortex XSOAR Discussions

Import XSOAR incidents into MySQL DB

Hello all,

I have MySQL DB to collect data from different projects/products and using Metabase to create dashboards. I would like to import all incidents into MySQL DB from XSOAR. Is there any integration can do it directly or I have to write pytho

...

Cannot Impersonate user using the EWS O365 Integration in XSOAR

I'm trying to send mail from our service desk address and everytime DBOT produces an error "The user account which was used to submit this request does not have the right to send mail on behalf of the specified sending account., Cannot submit message

...

Resolved! Content package is not able to update

Hi Friends,

we are trying to update the content package and integrate it with any package into XSOAR it's showing the error:

Could not install pack: could not create content item from file 'Lists/list-PrivateIPs.json'. invalid content item type 'l

...

Resolved! Running XQL Query to XDR from an Automation Script : Receiving 500 Bad Synatax from valid query

Hello all,

I am attempting to run an XQL query from an automation script. The query is valid and can be run manually and this works well both on XSOAR and on the Query Editor section on XDR. Essentially we refer to the query under a variable and the

...

Send file via email to end user

Hi community,
is there a way to add pdf as an attachement to email and send it to a specifi user using EWS instance or any other plugin ?
thanks in advance.

Resolved! How to sync XSOAR to another XSOAR?

How to sync XSOAR to another XSOAR? I've been researching this but I couldn't find a good source or I overlooked it.

Enable and disable integration instance from playbook/automation

Hello,

We'd like to create a flux where an integration instance is enabled, then the function related to that instance is used, and finally the integration instance is disabled. How can this be done? No functions have been found.

Enable instance->U

...

Propagation labels problem

Hi everybody, I am really having a hard time syncing content with tenants because propagation labels aren't working properly for me. To give you an example, I create an xsoarcommunity tenant and set the propagation label to carbon_test so that I can'

...

Resolved! File upload from XSOAR war room to Sentinel watchlist

Hi,

Newbie to Xsoar and working on an automation when a csv file is uploaded to war room, it should upload the csv to Azure Sentinel watchlist. From what I understand, I can do this by grabbing the file entry id of the latest file uploaded and th

...

Access denied for Cortex XSOAR Customer success Webinar: Case management.

Getting above message while trying to view content from below mentioned url.

LIVEcommunity - Access Denied - LIVEcommunity (paloaltonetworks.com)

'Failed to parse JSON object from response' while integrating Microsoft Defender for Cloud Apps with XSOAR

Hi,

I encountered the error 'Failed to parse json object from response: b'\r\n\r\n<!-- Copyright (C) Microsoft Corporation. All rights reserved.' when trying to integrate 'Microsoft Defender for Cloud Apps' using client credentials authentication meth

...

Export indicators with custom indicator fields

Our detection engineering team wants to upload a list of IOCs to XSOAR and get the VirusTotal scores of them as a csv file.

Through an automation I am extracting and enriching all the indicators and running

!ExportIndicatorsToCSV query="investigati

...

Resolved! Error with Set Command context

Hi all the community,
i face a problem when using set Command, you find bellow the error:

===ERROR

DBot
February 15, 2023 12:09 PM
Scripts returned an error
#2: add Test key to context
Command:

!Set key="test" value="abc" stringify="false" extend-context="

...

Resolved! Widget to display Active Logged in XSOAR user (SOC Analyst)

Does anyone have a script or know a way to display the currently signed-in XSOAR users?

Basically, i'd like a dashboard widget with active users signed-in....

Let me know your thoughts -

Thanks again,

Boyd

Resolved! XSOAR Community edition trial only 30 days

Hello,

I'm trying to deploy XSOAR at home just to try out some ideas. However, a 30 day trial is not enough time to attempt it.

Is there a way to acquire a limited version of XSOAR but with no time restriction?

Attentively,

Josep

Discussions

Import XSOAR incidents into MySQL DB

Cannot Impersonate user using the EWS O365 Integration in XSOAR

Resolved! Content package is not able to update

Resolved! Running XQL Query to XDR from an Automation Script : Receiving 500 Bad Synatax from valid query

Send file via email to end user

Resolved! How to sync XSOAR to another XSOAR?

Enable and disable integration instance from playbook/automation

Propagation labels problem

Resolved! File upload from XSOAR war room to Sentinel watchlist

Access denied for Cortex XSOAR Customer success Webinar: Case management.

'Failed to parse JSON object from response' while integrating Microsoft Defender for Cloud Apps with XSOAR

Export indicators with custom indicator fields

Resolved! Error with Set Command context

Resolved! Widget to display Active Logged in XSOAR user (SOC Analyst)

Resolved! XSOAR Community edition trial only 30 days

XSAOR with HA using Open search Upgrade

EWS O365 Instance - Not allowed to access Non IPM folder. (85)

Json data in table does not display in PDF reports

Question from Playbook Optimization webinar: Delete context script

Engine For Hosting Web Forms For Data Collection Tasks

Re: XSAOR with HA using Open search Upgrade

Re: Palo Alto Cortex XSOAR - Community Edition

Re: GoQR.me QR Code Reader misbehaving

Re: EWS O365 Instance - Not allowed to access Non IPM folder. (85)

EWS O365 Instance - Not allowed to access Non IPM folder. (85)

Unlock your full community experience!

Resolved! Content package is not able to update

Resolved! Running XQL Query to XDR from an Automation Script : Receiving 500 Bad Synatax from valid query

Resolved! How to sync XSOAR to another XSOAR?

Resolved! File upload from XSOAR war room to Sentinel watchlist

Resolved! Error with Set Command context

Resolved! Widget to display Active Logged in XSOAR user (SOC Analyst)

Resolved! XSOAR Community edition trial only 30 days