Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
Our deploymentt is multi-tenant deployment. When i run "!Github-get-file-content" command, i get an error some tenants (Bucket not found) but other tenants it work.
What is cause of this error?
Cortex XSOAR
Hi,
I'm trying to build an advance hunting query in Microsoft 365 defender integration, but still giving me error.
!microsoft-365-defender-advanced-hunting limit=10 query="""AlertInfo | where alertId = fa85caf1c0-b9b9-bc29-f600-08db44a419b9"""
I've been trying the #RTIR integration, to create a new ticket indicating a text content, and the execution seems to work but no ticket is created (without indicating text, it works perfectly
Also try to create an empty ticket, and next update with t
...
Hello,
I registered for the XSOAR community edition a week ago and got a confirmation email. But haven't got anything else after that. Is there anything I need to do or how long should it take to get the instruction and download link?
Thanks.
Email notifications are working fine and I want to see the same notification on Slack too. On mentions in the war room, slack should send a notification to users dm. Even though I have notifications enabled for SlackV3 I am not receiving anything on
...
im working on a project with xsoar indicators, we want to add a extra field to the layout that describes what the analist have to look for when certain indicators are present, now that problem that im running into is im trying to make a dynamic secti
...
I have a job run every 5 mins and it will upload a file to AWS, after it runs it would create an incident which I don't want to keep, is there any out of box automation that can delete incident as well as the artifact the job created to save some spa
...
opsgenie-get-request is a polling command but when it is being run from an automation it results in an error. From CLI or through playbook tasks, the output returns to the war room once it finishes. That's doesn't seem to be the case in automations.
...
Hi community,
I've been making great use of custom scripts to extract reporting metrics that wouldn't have been possible with the built in widgets. But something I've noticed recently is that querying incidents seems to be causing huge spikes in C
...
I created an 'image' with the 'docker_image_create' command, containing the pymisp and pandas libraries. I'm having a problem now and I can't make sense of it, any ideas?
Error from Scripts is : Script failed to run: Container exit with error. contain
I know EWS and O365 are current options for the Delete messages playbook however does anyone know it the Graph API is going to be added as an option? Due to certain restrictions I am being forced down the Graph API route for the preferred integration
...
Currently using rasterize url to add screenshots to incidents, any way to do the same for indicators?
Thanks for any help
When we change the incident from Active state to Close state, we get "closeReason", "closingUserId", and "closeNotes" in the delta of "UpdateRemoteSystemArgs". But when the incident is changed from Pending state to Active state, we do not get anythin
...
We are testing XSOAR and integrations. We have some problems when we try to fetch incidents in BlueLiv integration.
This is the complete error:
Error: Script failed to run:
Error: [Traceback (most recent call last):
File "<string>", line 5...
Hi all,
I want to manually extract the 'IOC alarm' coming from XDR. But the incoming IP addresses come in 2 ways as 'action_local_ip' and 'action_remote_ip'. If I extract according to action_local_ip or action_remote_ip, some IOCs get an error (wrong
| User | Likes Count |
|---|---|
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
