Cortex XSOAR Discussions

Resolved! Reruning playbook and preventing communication tasks from being rerun

Hello All,

I have been working on the XSOAR Platform for a long time and there is something which I haven't been able to find a solution for.

I would like to rerun a playbook for multiple incidents and I use the !setPlaybook to do this. I do this af

...

Alternate Layouts based on IF statement

Is there a way to select alternate layouts in a case based on an if-statement?

new host does not appear in the ACCOUNT MANAGEMENT

Hi!
I'm installing XSOAR multi tenant environment. Currently its a Community edition for POC.
Installed main host and tenant host as per documentation. Both Ubuntu 22.04
I am unable to connect tenant host to main host.
Settings - account management - new

...

XSOAR remain open when an incident has been closed

Why does the browser window in XSOAR remain open when an incident has been closed? Is there a way to automatically go back to all incidents? e.g. to https://xsoar.dev/#/incidents

Did not get the expected value from test (85) issue with Remedy Integration

-

Hi,

While doing the customized Remedy integration test, getting-"Did not get the expected value from test (85)" but able to fetch the incident status via "remedy-incident-get incidentID", OAuth test successful via "remedy-auth-test" in playground t

...

Resolved! Dynamic Section using Context

I was wondering how we can add splunk results into Incident layout. Possibly a CSV file or markdown.

We use splunk to search our email logs to see other recipients who got phishing email. Wanted to display that in the Incident layout.

Any advise

...

Getting null in output

Hi,

I am using a splunk search automation and passing a query in input and I am getting appropriate result without any null value. So I have added a new task after that to convert the output in csv, I am using Exporttocsv automation, but here the i

...

Qradar Integration

Hi ,
Is there a way to make the the system pull incidents more often ,
now it takes about 3 min since the offense first appears in the Qradar until it appears in the Demisto.

Share indicators from one tenant to all

Hi, everyone:

I'm trying to use one of our tenants for Threat Intelligence and we want to share all the indicators obtained to the other tenants. Is there any way?

Resolved! Set task cost for DBOT

Hi community,

is there a way to establish a cost for a task or a playbook to improve this DBOT widget?

Resolved! Using Dev/Prod Configuration as a test environment for noisy integrations

Hello all,

I am working with XSOAR 8 Hosted and configuring a Dev/Prod environment. I have two critical questions regarding this.

Can the dev environment be used to test noisy integrations that produce many alerts in a controlled way without impact

...

urlscan.io alternatives?

Hi all,

I'm looking for urlscan.io alternatives that are available in the marketplace. Ideally, something that'll allow "browsing" from a different location, like GeoPeeker.

Thanks!

Upgrade XSOAR Offline

Our environment cannot connect to the internet.

We have installed XSOAR 6.11 offline before, and now we want to upgrade to version 6.12.

So I would like to ask, can I upgrade offline?

I have read the official documentation of XSOAR and there is no me

...

cortex xsoar image

Hi

does anyone has xsoar image file?

Resolved! AzureAD/MS Graph User Expire Password

Anyone familiar with MS Graph User integration and using it to expire a password for a user, much like Active Directory Query V2 "!ad-expire-password"?

It appears the method with PowerShell is using Connect-AzureAD and updating the passwordProfile

...

Discussions

Resolved! Reruning playbook and preventing communication tasks from being rerun

Alternate Layouts based on IF statement

new host does not appear in the ACCOUNT MANAGEMENT

XSOAR remain open when an incident has been closed

Did not get the expected value from test (85) issue with Remedy Integration

Resolved! Dynamic Section using Context

Getting null in output

Qradar Integration

Share indicators from one tenant to all

Resolved! Set task cost for DBOT

Resolved! Using Dev/Prod Configuration as a test environment for noisy integrations

urlscan.io alternatives?

Upgrade XSOAR Offline

cortex xsoar image

Resolved! AzureAD/MS Graph User Expire Password

A Few Quick Questions About the Community Edition

How to work on File Content collected from Azure blob in Playbook

Powershell Modules in Xsoar Cloud

Azure Active Directory users - Incorrect padding

XSOAR 8 + Export Data to On-premise for Retention Compliance

Re: Access a list from an integration

Re: buttons to allow specific continuation of workplan

Re: setting multiple values in subkeys

Unlock your full community experience!

Resolved! Reruning playbook and preventing communication tasks from being rerun

Resolved! Dynamic Section using Context

Resolved! Set task cost for DBOT

Resolved! Using Dev/Prod Configuration as a test environment for noisy integrations

Resolved! AzureAD/MS Graph User Expire Password