Cortex XSOAR
Hi community,
Can I get a few sample automation scripts in Python implementing any use cases or achieving any useful task via XSOAR. Any links to such a resource
#Cortex XSOAR
Hi,
Is there a way of creating parallel processing inside an automation in Python ?
My goal is to execute the same function on multiple incidents (pausing and/or starting timers).
The thing is, sometimes we have a lot of incidents an
...
Hi,
I would like to ask for help on how to be able to implement within XSOAR the ability to determine which playbooks and automation can be executed or viewed by the user via the command line (by typing !) while still having the ability for the same u
How can I create a customised incident summary report with tables, merged cells etc我? And then populated with incident fields information?
Hi All,
We were reviewing the prerequisites document for Cortex XSOAR installation from the below link
https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.11/Cortex-XSOAR-Administrator-Guide/System-Requirements
We couldn't find whether XSOAR is
There are many ways to trigger an automation, by field display actions, field change actions, a task of playbook or CLI. I want to know how my automation is being triggered. Is there any way to grab that info when an automation is triggered?
Hi,
TLDR: How can i write an automation that returns the incident team of multiple investigation ids (1,2,[...]) without needing to run the automation manually in each investigation.
I want to create an automation to send an E-Mail to all users in
...
Hi all,
Does anyone knows how to retrieve the firstSeen/creation date of an indicator using the GetIndicatorsByQuery command?
These are the only fields I know that can be returned so far but none of them is the firstSeen/creationDate of the indic
...
Hi, All!
I am working on integrating more threat intelligence into our XSOAR platform. Our latest efforts have been integrating other free sources of IOCs (AlienVault, Abuse.ch, etc...) and then we are going to work that into playbooks to create lo
...
Hi,
using XSOAR I came across some issues related to user permissions and audit logs to have an account of the various activities performed on the platform:
- Is it possible to restrict user permission to execute scripts/commands only via field chang
...
Hi,
When i am trying to execute the automation xdr-get-incident-extra-data (Cortex XDR - IR) in playbook, i am getting an error as shown in the screenshot below. What could be the reason? Kindly help,
Thanks,
Nithin
We are using the EWS O365 integration to monitor an Exchange Online inbox. Any emails that hit the inbox get an incident created, and a Playbook handles things from there. This is working just fine but the problem I'm having is that it is ignoring ca
...
Hi all,I have two tenants. One of them is called A and one is called B. I have Mail integration on tenant B. How can I run "!send-mail to= example[@]example[.]com subject=Hello body=Hello body" from tenant A to tenant B? Is it done with demisto.inter
...
Hello everyone,
I have a script that need to get incidents from server.
Hi ,
Is there a way to automate the process of mapping every incident to its MITRE Technique ,
or it should be manual for every incident ?
