DT Query, special characters in key:value pair

I'm trying to create a "dt" filter for use with the GenericPolling playbook. (https://xsoar.pan.dev/docs/playbooks/generic-polling)

The key I need to check for the existence of is

MsGraph.Alert.Evidence.[1].@odata\.type

(XSOAR automatically adds the "

setPlaybook + Post-Processing

Hi everyone,

I have a Post-Processing script that uses the setPlaybook command to switch the incident to a playbook called test1.

The problem is that when I close the incident, the script doesn’t run just once - it keeps setting the same playbook

How do we join the Slack DFIR community?

Hi Everyone!

I’m hoping you can aim me in the right direction.

I’m trying to join the PAN DFIR slack community via this url:https://start.paloaltonetworks.com/join-our-slack-community

But the register button doesn’t seem to work for me, despite m

an issue with Forcepoint web Security with Cortex XSOAR Integration

Hello Dears,

I have an issue with Forcepoint web Security with Cortex XSOAR Integration.

kindly find the logs:
2024-03-26 10:36:37.6939 error Unable to do Http req to url : https://                 :15873/api/web/v1/categories/start [error 'Post "h

XSOAR EWS 2022 Integration

As you know, the current EWS integration is limited to Exchange 2019. Could you please confirm if there are any plans to extend support for Exchange 2022? Additionally, are there any recommended workaround solutions for implementing inbox monitoring

Conditional saying Any conditon is true

Is there a xsoar conditional that can say if any condition is true, continue on the path for that true condition?

[Cortex XSOAR] Integration TIM to SIEM Elastic

Hello Team,

I have a case that must integrate indicator from TIM Cortex XSOAR to SIEM 3rd Party like Elastic. Is there any documentation about how to integrate indicator from TIM for Elastic? Because when I search in documentation from Cortex XSOAR

XSOAR - Execute Commands in Transformer

Hello I was doing a transformer automation and I wanted to execute a command inside it and it works perfectly when I run it on the playground, however when I use it as a transformer it gives me the error Missing invoking entry (7) does anyone know ho

Update XSOAR Incident via API - version issues

I am trying to update XSOAR Incidents via API, but am having issues with the Optimistic lock and incident versions etc.

I can create incidents via API call and can also get the information from incidents via API. 

When I create a new incident in our

Looking for 2FA/MFA/OTP Solution to Support Authentication for Cortex XSOAR v8 (On-Prem)

Hi everyone,

I'm currently exploring ways to enhance the security of our Cortex XSOAR v8 environment (deployed on-premise) by implementing an OTP / 2FA / MFA authentication mechanism for the login process.

Here are the key requirements:

• The solution

Export Playbook and Import

Hi,

Iam trying to figure out how to perform the following:

Export a playbook, overwrite some of its tasks (send-mail Exchange) and upload the playbook back to XSOAR.

I found in Docu an API for playbook import as yaml but no export API.

If Anyone co

XSOAR 6.x compatible with Vsphere 8

Hi Team,

I have a customer who wants to know whether the xsoar 6.x version is compatible to vsphere version 8.

Please assist.