Cortex XSOAR Discussions

Getting Started

Greetings--

I'm a data analyst who is adept at using tools like Tableau, R, MS Access, MySQL, and PowerBI to analyze both large and small datasets to find patterns, tell stories, visualize data, etc. A cousin who first got me on the path for administ

...

Function to get the date when "Common Scripts" were updated

Hello,

We'd like to to get the date when "Common Scripts" were updated. Is there any function to get it?

XSOAR platform video technical walkthrough video

Hi Team,

Looking for a technical walk-through video of the XSOAR platform, not marketing videos.

Can anyone help me by sharing the video link here?

Resolved! Task to check the size of a playbook

Hello,

I'd like to add a conditional inside a playbook to delete the context in case incident size is bigger than a value. What function could I use to check the size of an incident?

Getting output from splunk query as an attachment

Hi All,

I am running a splunk search query and I want the query's output in the form of an attachment to be used as input for the next task. How should I do that?
Please assist..

Thanks

Himangi

Problem with AppendindicatorFieldWrapper script

Hi!

When we run the appendIndicatorField task, the last IP address of an array never gets tagged. Please see the following examples for clarification:

Example 1: works fine

!appendIndicatorField indicatorsValues="134.122.135.178" field="tags" fie

...

Browserling integration

Dears,
we are trying to integrate with browserling which is not supported by default on XSOAR marketplace.
and to this integration we need to do the following:

1- First, we need to load browserling.js library.
2- Then we create a new Browserling object w

...

Resolved! Using Slack Block Builder renders "submit" button that is unwanted and not found in the JSON Blocks

Hello all,

I am developing a use-case in which a message is sent to a Slack channel containing a Slack block using Slack Block Builder. The message is sent and then received on the Slack Channel but there is a submit button which is appearing even th

...

Resolved! Slack Bot keeps sending messages to users

Occasionally, the bot sends the message in the screenshot below to our users in no particular order. We don't know why that is happening. One time a certain user reported that every time he gets a message from a coworker the bot sends this message to

...

need steps to create MITRE ATT&CK CoA - T1110 - Brute Force playbook in cortex XSOAR

Cortex XDR Crowdstrike Layouts

Hello, I have just onboarded the crowdstrike integration into Cortex XDR. I am looking to modify the incident layout of the incidents themselves and the option is not available. Instead, inside a Crowdstrike Incident I have to usually go to Crowdstri

...

Resolved! The "Disk Current Usage" widget from "Common Widgets" does not show the real value.

Hello,

The "Disk Current Usage" widget from "Common Widgets" does not show the real value. Is there any workaround to create our own widget to show the disk usage?

Getting error 404 issue does not exist in jira-create-issue

I have created a playbook and added a automation as jira-create-issue but every time I am getting error as 404 issue does not exist.

Please help what am I missing..

Resolved! Can run playbook in incident but not job

Currently creating a job to fetch and create an incident through an integration. The job works fine on the test server but doesn't work on production. Forcing the job to run doesn't output an error or even a record of the job attempting to run. But w

...

Position of pasting a task from another playbook

Hello,

When I'm pasting a task from another playbo0k, the task is pasted in a random place inside the playbook, not close to where I'm working.

Is there a way to choose exactly where to paste the task?

Discussions

Getting Started

Function to get the date when "Common Scripts" were updated

XSOAR platform video technical walkthrough video

Resolved! Task to check the size of a playbook

Getting output from splunk query as an attachment

Problem with AppendindicatorFieldWrapper script

Browserling integration

Resolved! Using Slack Block Builder renders "submit" button that is unwanted and not found in the JSON Blocks

Resolved! Slack Bot keeps sending messages to users

need steps to create MITRE ATT&CK CoA - T1110 - Brute Force playbook in cortex XSOAR

Cortex XDR Crowdstrike Layouts

Resolved! The "Disk Current Usage" widget from "Common Widgets" does not show the real value.

Getting error 404 issue does not exist in jira-create-issue

Resolved! Can run playbook in incident but not job

Position of pasting a task from another playbook

Assign incident to new owner

unable to push the content from dev to prod

JSON Sample Incident Generator

Rename table headers

XSOAR 8 Engine Upgrade Failure

Re: Dashboard Graph Display Incident Count Per Month

Dashboard Graph Display Incident Count Per Month

Re: Incident Parent-Child Relationship

Re: Missing context in indicator preview. I executed an NVD reputation command on CVE via a custom script.

Re: Rename table headers

Unlock your full community experience!

Resolved! Task to check the size of a playbook

Resolved! Using Slack Block Builder renders "submit" button that is unwanted and not found in the JSON Blocks

Resolved! Slack Bot keeps sending messages to users

Resolved! The "Disk Current Usage" widget from "Common Widgets" does not show the real value.

Resolved! Can run playbook in incident but not job