This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! Using Dev/Prod Configuration as a test environment for noisy integrations

Hello all, I am working with XSOAR 8 Hosted and configuring a Dev/Prod environment. I have two critical questions regarding this. Can the dev environment be used to test noisy integrations that produce many alerts in a controlled way without impacting the prod environment ? Secondly, the main intention for us with the dev/prod configuration is...

urlscan.io alternatives?

Hi all, I'm looking for urlscan.io alternatives that are available in the marketplace. Ideally, something that'll allow "browsing" from a different location, like GeoPeeker. Thanks!

Upgrade XSOAR Offline

Our environment cannot connect to the internet. We have installed XSOAR 6.11 offline before, and now we want to upgrade to version 6.12. So I would like to ask, can I upgrade offline? I have read the official documentation of XSOAR and there is no mention of offline upgrade method.

Resolved! AzureAD/MS Graph User Expire Password

Anyone familiar with MS Graph User integration and using it to expire a password for a user, much like Active Directory Query V2 "!ad-expire-password"? It appears the method with PowerShell is using Connect-AzureAD and updating the passwordProfile attribute. But haven't had a successful test with !msgraph-user-update when trying to update tha...

Resolved! xsoar change incident owner

Hi , is there a way to put a listener on every incident , and every time an incident owner is changing - it will run a playbook or a script.The incident owner can be changed at any time during the playbook of the incident is running.

Issue with Microsoft Graph Mail Single User Integration

I am attempting to integrate Microsoft Graph Mail Single User into our XSOAR platform for Custom. However, I encountered some issues during the process. Errors Encountered: When providing the key, I received the following error: "Please use !msgraph-mail-test instead (85)" [Error timestamp: July 20, 2023 3:40 PM] When I removed the key, I recei...

vhebri by L1 Bithead
  • 5525 Views
  • 8 replies
  • 0 Likes

Palo Alto Support Portal

I am new to xsoar and was wondering if there is an API to connect to the PA support portal. My goal is to connect, register a device and input the host name, address etc... so I can pull down the licenses. Thanks for all the help. Michael

Custom Integration Based on Cert Authentication Giving Error "Got status code 500 with body x509: certificate signed by unknown authority with header"

Hi Team, I have developed a custom integration on XSOAR as the integration is not supported by PA natively hence to authenticate with the API i'm using Certificate based authentication hence when i'm testing the integration it is showing me the below error. "Got status code 500 with body x509: certificate signed by unknown authority with heade...

XSOAR app integration with Microsoft 365 Defender

Hi, PAN has published an Azure AD app for both integration of Microsoft Defender for Endpoint (MDE) and Microsoft 365 Defender (M365D). The instructions to use the app are very clear and it works well for MDE but I had no luck for M365D. PAN reference a different app ID in the documentation specific to M365D but there's no instruction on how ...

Integration with LDAP Authentication

Hi, I am trying to integrate XSOAR with LDAP authentication, in order to allow users to authenticate using AD credentials. But when i test the integration i am getting the below error. Also let me know, that whether i can import users into XSOAR from my AD after successful integration with LDAP authentication. And whether the user must have...

nithink_0-1697455918444.png
nithin.k by L1 Bithead
  • 1395 Views
  • 1 replies
  • 0 Likes

Facing issue when using !ParseCSV command

Hi guys, I am facing an issue when running !ParseCSV command as it is removing specific characters in a field value that is being displayed in the table output.For example, my parsed CSV contains the following: C:\Users\username_1\AppData\Roaming\Microsoft\Windows\Network Shortcuts\~$testing.xls However, after running the command, it shows up in...

Resolved! XSOAR - Simple Dev to Prod Job

Was looking at running a backup job for our custom content with the below playbook. https://cortex.marketplace.pan.dev/marketplace/details/XSOARSimpleDevToProd/ The issue with this is it checks for Demisto REST API to see if the instance Demisto Dev had been created. The Demisto Rest API has been depreciated, so the call !IsDemistoRestAPIInsta...

  • 1302 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks