Is there a tool to compare the changes in a visual / context specific manner for playbooks etc? Comparing YAML changes can sometimes be difficult for a review.
**Note: this is a question from our CS Webinar: Dev to Prod Configuration and Best Pra
...
Has there been any consideration into restructuring and creating directories for the various content items vs the current strategy of everything going into a flat list? When you get to a point where there is a lot of content it becomes very burdensom
...
Can ansible used for deployment of SOAR ?
**Note: this is a question from our CS Webinar: Dev to Prod Configuration and Best Practices in Cortex XSOAR
Will Export Custom Content export a change to a system field (Like setting "Owner" to mandatory? This has not been my experience.
**Note: this is a question from our CS Webinar: Dev to Prod Configuration and Best Practices in Cortex XSOAR
Has anyone tried integrating Palo Alto XSOAR or leveraged any other API integration with any of the following next-gen firewalls: Checkpoint Smart Log, Fortinet, and Cisco firewalls for running automated searches for IOCs such as IP addresses, URLs f
...
Does anyone know with QRadar Integration: "qradar-assets-list"
The above asset (1278) has vulnerabilities and 2 products installed, but it only provides me with a vulnerability count and product IDs.
1. How do I que
Hey there. I have what I believe to be a python syntax question. We have a playbook with two automations. The first downloads a file, which is successful. The first automation has an output of the EntryID.
The second automation needs to use the entry
...
I successfully configured and integrated xdr into Xsoar
but in xsoar incidents page it gets all common incidents from XDR but i need to get only my own endpoint user incident
there is a filter option in the xdr incident to use and check your own end us
...
Hi, I want to poll for Status that is nested under Results. See below example :
I have this output when running the command tn-get-question-result
Tanium.QuestionResult
{
"QuestionID": "455036",
"Results": [
{
"ComputerName": "WIN-KBR5CNLJK52.icdc-caas.loca
Hey all,
I am having trouble getting the SN integration to pull the rasterized images into a SN ticket with the 'servicenow-upload-file' automation. I've tried to just upload all .png which seems to skip the rasterized images. Also trying to pull
...
Hi,
I have a multitenant deployment holding 30+ accounts, in my main account dashboard page it is unable to populate statistics such as incident count etc. It just keeps loading with no error. Any idea how can i sort this.
Regards.
Hi all,
the integration with Sumo Logic failed to work and now I get the error:
2022-04-22 12:41:51.3031 error Could not fetch incidents from SumoLogic instance : SumoLogic_instance_1 [error 'Script failed to run: Status: 403
ID: WOXBU-A2PLF-BUHRT
Code
Hi,
Is there any way to add a specific event field into "incident info" page to visualize in the "Incident Summary" section. Let's say a request url is not included in incident info but in event info we have the url information..
Regards.
Hi!
we are testing XSOAR on a local VM. We have created several incidents via an integration with our Threat intel solution.
When we are going to close an incident.. it doesn't close!
We get no error from the UI. If we go to the VM console, from /var/l
...
Hi,
In our environment we have a list to hold ip addresses with comma seperated format, how can we provide data retention for each ip addresses within the list.
Regards.
