IPs en lista Barracuda Reputation Block List (BRBL)

Estimados tengo implementado un playbook en Xsoar que usa varias fuentes de enriquecimiento y se ha identificado que Barracuda esta identificando como IP maliciosa, IPs de redes solciales como facebook, instagram, whatssap, etc y otras publicas de la

HA Setup for community version

Hi All,

It seems like I can't find anything about HA setup for the community version.

I wanted to try out to do a HA setup (Active/Passive) in the community version before proceeding to the enterprise version.

Appreciate all the help from all.

How to use a list as input argument in List options in automation?

Hi Everyone,

I am creating a automation which shows a dynamic drop down list as input to user using List options of arguments but I am not able to find any way to do this.

Anything I give in highlighted text box is static to user but I want to list d

Automation in Python using parallel processing

#Cortex XSOAR 

Hi,

Is there a way of creating parallel processing inside an automation in Python ?

My goal is to execute the same function on multiple incidents (pausing and/or starting timers).

The thing is, sometimes we have a lot of incidents an

Cortex XSOAR Playbook and Automation permission

Hi,
I would like to ask for help on how to be able to implement within XSOAR the ability to determine which playbooks and automation can be executed or viewed by the user via the command line (by typing !) while still having the ability for the same u

Creating a custom incident summary report

How can I create a customised incident summary report with tables, merged cells etc我? And then populated with incident fields information?

Cortex XSOAR support for RHEL 8.9 version

Hi All, 

We were reviewing the prerequisites document for Cortex XSOAR installation from the below link

https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.11/Cortex-XSOAR-Administrator-Guide/System-Requirements 

We couldn't find whether XSOAR is

How to get the execution context of an automation

There are many ways to trigger an automation, by field display actions, field change actions, a task of playbook or CLI. I want to know how my automation is being triggered. Is there any way to grab that info when an automation is triggered?

GetIndicatorsByQuery command

Hi all,

Does anyone knows how to retrieve the firstSeen/creation date of an indicator using the GetIndicatorsByQuery command?

These are the only fields I know that can be returned so far but none of them is the firstSeen/creationDate of the indic

XSOAR + Threat Intelligence

Hi, All!

I am working on integrating more threat intelligence into our XSOAR platform. Our latest efforts have been integrating other free sources of IOCs (AlienVault, Abuse.ch, etc...) and then we are going to work that into playbooks to create lo

User Restriction and permission

Hi,

using XSOAR I came across some issues related to user permissions and audit logs to have an account of the various activities performed on the platform:

- Is it possible to restrict user permission to execute scripts/commands only via field chang

XSOAR - Error in XDR Automation

Hi,

When i am trying to execute the automation xdr-get-incident-extra-data (Cortex XDR - IR) in playbook, i am getting an error as shown in the screenshot below. What could be the reason? Kindly help,

Thanks,

Nithin

Pulling Calendar Invites from Inbox - EWS O365 Integration

We are using the EWS O365 integration to monitor an Exchange Online inbox. Any emails that hit the inbox get an incident created, and a Playbook handles things from there. This is working just fine but the problem I'm having is that it is ignoring ca