Multiple Instances fetching VS. One instance and then claasify and post a new incident

Hi,

We've got an scenario where we are fetching mails from a mail server. When an email is received in the mail server, it applies some ruling and send it to a folder, then with XSOAR we've got N instances, one per folder and this is how we are cla

Download the previous version of XSOAR dockerimages file

How can I download the dockerimage file of the previous version of XSOAR? For example, the dockerimage file of version 6.11.

If I use command “wget https://download.demisto.com/download-params?token=xxxxxxx&email=user@paloaltonetworks.com&downloadNam

Installation of cortex SOAR offline

Dear All,

i was trying to install COrtext SOAR in an Airgap (offline)Enviorment with no internet where i was refering cortex offline installation guide, and i i could not complte the installation and stuck in uploading docker dependaci file  to which

Error Integration with Cisco ESA

Hi , 

Is there anyone else who gets this Error ? how do I solve it ?

Its updated to the latest version , The server URL , username and password are correct.

Bulk Changing Incident Status from Pending to Active

I have created an integration that produces many alerts and I have a few thousand incidents that are currently in the Pending state. The plabyook has yet to run etc. What I would like to is select the incidents from the "Incident" page and change the

Why is the severity became "unknown"?

Hello All,

I have a question, i have mapped an incident from qradar with the playbook i've created.

At first it's worked, the incident severity was "high". but later until now, the severity become "unknown".

What is the main cause of this issue?

Tha

Getting data from multiple incident contexts?

Hi!

I want to extract specific key data from context of multiple incidents. The context key I'm looking for is not under "incident". Specifically, I have many incidents of type "Phishing" and want to output the contents of "Recipient Selection.Answ

Cortex XSOAR

Morning everyone,

I hope that you are doing well

I have a little problem. We have implemented the XSOAR in our customer environment and configure th EWS O365 content pack for phishing attacks but since we do not have a case, we cannot show to the

Ingest Taxii feed into XSOAR 6.12

Hi,

I am trying to ingest our taxii feed into XSOAR 6.12 with following steps:

• installed XSOAR 6.12 on ubuntu 22.0.4 LTS
• launched the web portal, and installed TAXII Feed (1.x) pack from marketplace
• Ingest feed using "Integration Instance Settings"
  
  • T

Alternate Layouts based on IF statement

Is there a way to select alternate layouts in a case based on an if-statement?

new host does not appear in the ACCOUNT MANAGEMENT

Hi!
I'm installing XSOAR multi tenant environment. Currently its a Community edition for POC.
Installed main host and tenant host as per documentation. Both Ubuntu 22.04
I am unable to connect tenant host to main host.
Settings - account management - new