Cortex XSOAR Discussions

Setting up a counter in XSOAR

Hello,

So we have a playbook that is meant to send alerts via email in strikes. In each strike there is a link to a survey that has only YES/NO answers and based on the answers given be the recipients of those emails we want the playbook to follow a

...

Resolved! API Validation Issue with System Diagnostics and Health Check

Hi all,

Has anyone come across this error below when trying to run the System Diagnostics and Health Check playbook from the Marketplace.

DBot

December 7, 2023 10:56

Scripts returned an error

#36: Validate API Integration

Command:

!HealthCheckAPI

...

How to dynamic list in email template?

Hello,

I want to get a list data of unknown lenght into html body(list).
But I don't know how to do this.
For example, I am pulling a data. in one of them, data1 and data2 come. in the next one, data1, data2 and data3 come. how can I print them dynam

...

How to add and remove IP from destination group using ZScalar integration in XSOAR?

Hello, Is there any command in XSOAR that can be used to add or remove IP's from ZScalar destination group?

Resolved! Dashboard Widget

Hi ,
I have a Button that creates a note in the qradar , is there a way to mark this note as note so it will be showed in the layout in the note section.
Also I can get as a solution not to mark as note but to just to show the result in the layout.

Demisto Service Failed

Hi Everyone ,

We are running XSOAR instance with NFR license.

Recently for unknown reasons, the demisto service stopped and is never coming up when we try to start.

[root@localhost ~]# systemctl status demisto.service
● demisto.service -

...

Playbook Conditions : How to Combine Multiple Conditions in One Task

Hi, I am new to XSOAR and I was wondering if there was a conventional way of arranging similar conditions. For example, I am getting a ticket in task 1 and I want the following task (task 2) to give a value to a field called ticket.status. conceptual

...

Resolved! Custom Automation issue

Hi ,
I created a custom automation in python and in one point I need to retrieve a value from the incident the automation was running on.
For example , in a playbook there is an automation set to status=[ERROR,SUCCESS,ERROR,ERROR] and after that there

...

Extract some fields from csv file

Hi,

I have exported a output of splunk query in csv format using exporttocsv automation in a playbook. Now I wanted to use a column of this csv output to be a input for other task. Any one can please suggest if this is possible.

Resolved! AWS - IAM Identity Center Integration

Hi All,

Thank you in advance.

I am facing an issue currently in integrating the AWS - IAM Identity Center Community Contribution. I am not able to find the relevant information for the integration such as Role Session Name, and Role Session durat

...

Netskope API v2 error in XSOAR

XSOAR does not parse properly the ids from Netskope. It changes the last two digits with zeros. These errors are in the official XSOAR documentation. Example:

"incident_id": 1478029261577663500

"app_session_id": 4359394467077842400

"browser_session_i

...

Auto Incidnet closure

Dear Community,

I'm looking for a way to daily automatically close all incidents with specific criteria.

I'm trying to archive that using jobs , I'm trying to create a playbook the query incidents (with specific criteria) and whatever the query o

...

Disable/Enable Integration via API/Playbook/Automation

Hi Guys,

I have list of integration instances that i need to disable/enable in one click.

I didn't see any function or command in the system that can do it.

There is any other way to do that?

Issue with talos integration

Dear Community,

I'm getting the following issue in Talos integration.

Error

(November 26, 2023 1:29 PM)

Error in Talos Feed Integration. Verify that the server URL parameter is correct and that you have access to the server from your host. (85)

...

Resolved! Is it possible to convert from Single server to Multi-tenant?

Hi all,

Can I install single server fist and then convert it to multi tenant? I don't want to lose any data during conversion. As far as I understand, there is only 'export content' operation. But I want to convert it directly to multi-tenant witho

...

Discussions

Setting up a counter in XSOAR

Resolved! API Validation Issue with System Diagnostics and Health Check

How to dynamic list in email template?

How to add and remove IP from destination group using ZScalar integration in XSOAR?

Resolved! Dashboard Widget

Demisto Service Failed

Playbook Conditions : How to Combine Multiple Conditions in One Task

Resolved! Custom Automation issue

Extract some fields from csv file

Resolved! AWS - IAM Identity Center Integration

Netskope API v2 error in XSOAR

Auto Incidnet closure

Disable/Enable Integration via API/Playbook/Automation

Issue with talos integration

Resolved! Is it possible to convert from Single server to Multi-tenant?

Do we have XQL query builder feature in XSOAR

Where is the XSAOR 8 CLI Reference?

Pre Processing Rules Logs

XSOAR CMDB - SQL issue

Cortex XSOAR - Best Practice Optimize Threat Intelligence Management (TIM)

Re: DT Query, special characters in key:value pair

Re: Do we have XQL query builder feature in XSOAR

Re: Azure Active Directory users - Incorrect padding

Re: No communication method found for form

Re: Adding a list of IPs and Domains to Exclusion list from File in Json Format

Unlock your full community experience!

Resolved! API Validation Issue with System Diagnostics and Health Check

Resolved! Dashboard Widget

Resolved! Custom Automation issue

Resolved! AWS - IAM Identity Center Integration

Resolved! Is it possible to convert from Single server to Multi-tenant?