Hi, I'd like to install Rad Hat patches on the XSOAR server. Is it possible, or is there a risk? Many thanks, Paz
Hello all, I have recently come across a use case that requires me to hide incidents from the Tier 1 Team during escalation in order that it can be free to be assigned to a Tier 2 analyst. Is there a way to hide an incident based on an incident field being true, through a script or some kind of built - in function? I don't want to hide tabs or ...
We were recently having use case for a SIEM integration with cortex XSOAR. We have an on-premise LogRhythm SIEM server which we need to integrate with our Cortex XSOAR. I have gone through the official XSOAR documentation for the integration but it wasn't of much help. Has anyone done the integration and made any playbooks? Kindly share the ...
I am attempting to create an email from an HTML template but am receiving an error stating "Item not found (8) on list..." followed my the HTML contents of my saved list. I am sure it is looking for the key attribute that is required for the script, however I am not sure what it is asking for. Based on docs, the key argument is the "The context ...
Hi community, Can anyone provide python scripts that automate the most common 3-4 SOC use cases + any non security use case that could be automated
Hi Team, We planned to integrate the IOC push from Cortex XSOAR to other tools, for example, Palo Alto firewalls, other firewalls, SIEM tools, and XDR tools. Is this possible? If so, could you please share any documentation or guidance?
Hello everybody, I have a question regarding HTML fields in XSOAR. So I have a Python script to get data from a table but I'm wondering how do I configure an HTML field so that the data my script returns is displayed in an HTML format? I tried connecting the HTML field to the script but haven't had any luck getting the data to display. Thanks ...
Hi all!, I'm having issues trying to update the incident.Hostnames field. What I want to do: I'm receiving an alert which involve different hostnamed, for the sake of simplicity and to track easier the incidents we want to add the hostnames to the incidentHostnames field: As it is an array there shouldn't be any issue but when we perform....
**This question was asked during Part 1 of the webinar series: Indicator Management. You may review the recording here If we are using Bolt database and an indicator is expired and has a last seen date of September 1, 2023 - does that mean it exists in the September Bolt database file? If we call the indicator command and the last seen date i...
Estimados tengo implementado un playbook en Xsoar que usa varias fuentes de enriquecimiento y se ha identificado que Barracuda esta identificando como IP maliciosa, IPs de redes solciales como facebook, instagram, whatssap, etc y otras publicas de la empresa donde laboro que al realizar las revisiones manuales no veo estas IPs como maliciosa, en...
Hi All, It seems like I can't find anything about HA setup for the community version. I wanted to try out to do a HA setup (Active/Passive) in the community version before proceeding to the enterprise version. Appreciate all the help from all.
Cortex XSOAR Hi community, Can I get a few sample automation scripts in Python implementing any use cases or achieving any useful task via XSOAR. Any links to such a resource
#Cortex XSOAR Hi, Is there a way of creating parallel processing inside an automation in Python ? My goal is to execute the same function on multiple incidents (pausing and/or starting timers). The thing is, sometimes we have a lot of incidents and the current automation using a mere "for x in y" can timeout. Obviously we could increase the t...
Hi,I would like to ask for help on how to be able to implement within XSOAR the ability to determine which playbooks and automation can be executed or viewed by the user via the command line (by typing !) while still having the ability for the same user to be able to execute commands within an incident layout when an automation is associated wit...
How can I create a customised incident summary report with tables, merged cells etc我? And then populated with incident fields information?
| User | Likes Count |
|---|---|
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
