Currently using rasterize url to add screenshots to incidents, any way to do the same for indicators?
Thanks for any help
When we change the incident from Active state to Close state, we get "closeReason", "closingUserId", and "closeNotes" in the delta of "UpdateRemoteSystemArgs". But when the incident is changed from Pending state to Active state, we do not get anythin
...
We are testing XSOAR and integrations. We have some problems when we try to fetch incidents in BlueLiv integration.
This is the complete error:
Error: Script failed to run:
Error: [Traceback (most recent call last):
File "<string>", line 5...
Hi all,
I want to manually extract the 'IOC alarm' coming from XDR. But the incoming IP addresses come in 2 ways as 'action_local_ip' and 'action_remote_ip'. If I extract according to action_local_ip or action_remote_ip, some IOCs get an error (wrong
Hi,
Created own self-signed certificate, and replaced with the certificate and key in the designated path '/usr/local/demisto/d1.cert.pem & /usr/local/demisto/d1.key.pem' (on XSOAR engine) and given the required permission and ownership to the files.
Hi
I have a doubt regarding incident fetch -if we reset the timestamp in any integration in xsoar and set the first fetch as 24 hours. Will it fetch only the new incidents or will it fetch incidents from past 24 hours
(note - this is for integrat
...
Hi Everyone,
We have integrated SMAX as the ticketing solution on XSOAR for one of the clients.
After configuring, it is giving an unexpected error. I don't think its a network issue or issue with the credentials.
Some assistance on the error wou
...
Hello,
I am attempting to use the integration provided by EDR-Integrations by Martin Ohl.
When performing the test I receive the error "Error response from daemon: pull access denied for mohlcyber/dxl, repository does not exist or may require 'docke
...
hi everyone,
I need some help with microsoft graph integrations with multi tenancy
I configured an instance of Microsoft Graph Mail Single User integration in the master and want to sync to all the tenants. Simply syncing won't work because the i
...
Hello,
We're looking to move all our cases from one tenant to another one.
Looking at the XSOAR Mirroring integration to move all cases. We would like to retrieve all content inside every case.
The default settings of the integration (below) doesn't
Hello,
I'm creating Json lists introducing data in them. I'm using "addToList" automation. The data introduced example:
listData:
{"key1":{
"subkey1: ${dataInput1},
"subkey2: ${dataInput2},
"subkey3: ${dataInput3},
"subkey4: ${dataInput4}
}
Is ther
...
When the get-remote-data is being called, I am getting below errors when returning entries to the GetRemoteDataResonse. The command is executes successfully, but I do not get entries in the XSOAR incident which I have passed to the GetRemoteDataRespo
...
I wanted to block ips via using xsoar, on Pan-os panorama. We have integrated xsoar and panoroma but non of the automations provide us a blocking on panorama. In addition to that I tried to give inputs to Block IP Generic v3 playbook(which is provide
...
Hello,
i am trying to close duplicated tickets on XSOAR and Splunk automatically using pre processing rules (for closing on XSOAR) and post processing rule (for closing on Splunk) which i wrote a script for
However i cannot test the post processing
...
Hi,
When testing Cisco ISE OOTB integration in XSOAR getting ' Wait time:1m0s. Note that command is supported from engine version 6.0 and above' error. But we are running on 6.9 version. Can someone help me with this please.
Thanks,
