This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! "Request-URI Too Large"

Leveraging a "service desk plus" integration. I can take the same request and send it via postman successfully, but XSOAR is choking on it with a URI too large error: ===Server Log====Command being called is service-desk-plus-request-create Failed to execute service-desk-plus-request-create command. Error: Error in API call [414] - Request-URI ...

JoshBoyd by L2 Linker
  • 2207 Views
  • 2 replies
  • 0 Likes

Deselect by default the objects to be synchronized between tentants

Hello, When we want to sync a new object into production between tenants, we should first deselect all the objects in all tabs with the option "None" and then select only the objects we would like to sync. This action is critical, since if "None" is not selected it updates everything. How can we deselect all objects by default? The image is a...

SyncMasked.png
SanDev by L2 Linker
  • 1057 Views
  • 1 replies
  • 0 Likes

Resolved! How can I retrieve the integration instance configurations through the api?

Hi Team, I need assistance in retrieving configurations for a specific integration instance to create an incident link. When I use the endpoint /settings/integration/search, it provides a comprehensive list of all integrations along with their source code. However, the response is extensive, and I'm looking to filter the results based on the ins...

Resolved! Upload a File to the "Attachments" Section of an Incident

Hello all! I have an automation in which I'm trying to upload a file to the "Attachments" section of the current incident. I can upload the file to the war room, but I would also like to move the file to the attachments section of the incident so that user's can easily access it. My Current Implementation: log_content = log_buffer.getvalue...

BowenAguero_0-1702310406529.png

Setting up a counter in XSOAR

Hello, So we have a playbook that is meant to send alerts via email in strikes. In each strike there is a link to a survey that has only YES/NO answers and based on the answers given be the recipients of those emails we want the playbook to follow a path. We thought that we might need a counter and timer for this specific task, for example, reg...

Resolved! API Validation Issue with System Diagnostics and Health Check

Hi all, Has anyone come across this error below when trying to run the System Diagnostics and Health Check playbook from the Marketplace. DBot December 7, 2023 10:56 Scripts returned an error #36: Validate API Integration Command: !HealthCheckAPIvalidation (Scripts) Reason Demisto REST API Validation failed due to: Too many API integrations w...

YashenR by L0 Member
  • 3136 Views
  • 2 replies
  • 0 Likes

How to dynamic list in email template?

Hello, I want to get a list data of unknown lenght into html body(list).But I don't know how to do this.For example, I am pulling a data. in one of them, data1 and data2 come. in the next one, data1, data2 and data3 come. how can I print them dynamically in the mail template?

Resolved! Dashboard Widget

Hi , I have a Button that creates a note in the qradar , is there a way to mark this note as note so it will be showed in the layout in the note section. Also I can get as a solution not to mark as note but to just to show the result in the layout.

Demisto Service Failed

Hi Everyone , We are running XSOAR instance with NFR license. Recently for unknown reasons, the demisto service stopped and is never coming up when we try to start. [root@localhost ~]# systemctl status demisto.service● demisto.service - Demisto Server ServiceLoaded: loaded (/etc/systemd/system/demisto.service; enabled; vendor preset...

Pavendhan_K_0-1684316963694.png

Playbook Conditions : How to Combine Multiple Conditions in One Task

Hi, I am new to XSOAR and I was wondering if there was a conventional way of arranging similar conditions. For example, I am getting a ticket in task 1 and I want the following task (task 2) to give a value to a field called ticket.status. conceptually, the condition would look like this: IF ticket.severity == 'Critical' then ticket.status = 1 O...

Resolved! Custom Automation issue

Hi , I created a custom automation in python and in one point I need to retrieve a value from the incident the automation was running on.For example , in a playbook there is an automation set to status=[ERROR,SUCCESS,ERROR,ERROR] and after that there is my automation that needs to use this value from the context data.So how do I get this value i...

Extract some fields from csv file

Hi, I have exported a output of splunk query in csv format using exporttocsv automation in a playbook. Now I wanted to use a column of this csv output to be a input for other task. Any one can please suggest if this is possible.

Himangi by L2 Linker
  • 1307 Views
  • 1 replies
  • 0 Likes

Resolved! AWS - IAM Identity Center Integration

Hi All, Thank you in advance. I am facing an issue currently in integrating the AWS - IAM Identity Center Community Contribution. I am not able to find the relevant information for the integration such as Role Session Name, and Role Session duration. Can you assist me in understanding this requirement more so that I can find the relevant i...

Netskope API v2 error in XSOAR

XSOAR does not parse properly the ids from Netskope. It changes the last two digits with zeros. These errors are in the official XSOAR documentation. Example: "incident_id": 1478029261577663500 "app_session_id": 4359394467077842400 "browser_session_id": 2893692091617575400 "connection_id": 8981978357397935000 "request_id": 2605900362175087600 ...

SanDev by L2 Linker
  • 1592 Views
  • 2 replies
  • 0 Likes
  • 1298 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks