A question from the Phishing V3 webinar: V2 vs. V3
Could you please indicate which parts are changed from v2 to v3 as you go through the new playbook?
Note: This question was asked during our Customer Success Webinar: Phishing V3
Discussions
Propagation labels problem
Hi everybody, I am really having a hard time syncing content with tenants because propagation labels aren't working properly for me. To give you an example, I create an xsoarcommunity tenant and set the propagation label to carbon_test so that I can'
...
Sending only one email for an Ask Task
Hello, I am attempting to configure an Ask Task to send one email only with no retries and an end by SLA condition. I have implemented the settings to no retries (default) and to end the task upon SLA Breach 6 hours. Once saving the playbook I see th
...Cortex XSOAR - Community Edition Support
Post here for all of your Community Edition support questions and one of our product experts will get back to you soon!
Unable to retrieve output value while using extended context
Hello team,
I'm trying to use the extended context feature to keep only the data I'm interrested in and put them where I need them to be.
The automation I'm using is infoblox-get-ip from Infoblox integration.
Here is the output of the automation:
I'm
...
Resolved! How to prevent IOCs and Incident Cases from being created when running playbooks
Hi,
I was making 2 playbooks.
In the first playbook, after creating the same I scheduled it as a job. Each time the job runs, it creates a incident case. How do I prevent the incident case from being created when the job runs?
In the second playbook,
...Playbook to upload IOCs to Cortex XDR
Hello,
We are working in an integration between XSOAR and XDR.
We want to upload IOCs from a given file to XDR, we have seen that Cortex XDR - IOC integration allows a synchronization of IOCs but what we want is a manual push of new IOCs to XDR, not to
Resolved! Playbook to search AD expired accounts and delete them
Hi,
I am trying to create a playbook that
1) Searches for expired accounts in AD
2) Retrieves the sAMAccountName, Display name and expired date
3) Delete the accounts
4) Sent an email notification with the details of the accounts deleted.
I created the l
...Resolved! How to make indicators part of a TAXII server collection?
Hi, I configured TAXII Server v1 on Cortex XSOAR. I am trying to get understand the idea of collections. I wish to create a multiple collections within XSOAR so that when a taxii client polls for the list of collections, it can see the list and selec
...Tanium Threat Response "tanium-tr-alert-update-state" command update all alert status rather than specified alert
We are experiencing the weird behavior, where the "tanium-tr-alert-update-state" command update all alert status.
The full command used is as below
!tanium-tr-alert-update-state alert_ids=2267 state=resolved
I have updated the Tanium Threat Response V2
...Resolved! Filenames with slashes not updating
Greetings,
So I have been pulling rasterized images with the names of the URLs attached into XSOAR and attempting to pipe them into some ServiceNow tickets, but character restrictions are giving the system issues on what files to call during the uploa
Start playbook from API with own inputs
Hi all,
I have problem and I would like please you for help.
My target is, from API (via postman) run some playbook with own data. For example, call playbook, where I added into playbook Inputs property "Left".
How I tried set $Input.Left from my API,
...Resolved! Assign owner to "current user" in playbook tasks
Hi,
There is a playbook task at one of the early steps which asks analyst to start investigation or not. The below command let me change owner to command executer himself but i need this execution inside the playbook. When an analyst click "Yes" to p
...Resolved! how to use demisto-api-download in a Automation
I am trying to use the built in demisto-api-download autmation to download a file from our hosted xsoar instance
I am struggling to figure out how to format my command in the automation. From the documentation these are the inputs :
Arguments Descrip
...Resolved! Email Pre-Process not dropping email replies
I am attempting to use the Email Communication type to create email threads instead of new incidents when a reply is received. From what I understand you set a Proccessing-Rule based on type and then set "Run a script" to Pre-process email script. I
...
Copyright 2007 - 2022 - Palo Alto Networks