Cortex XSOAR Discussions

Live Backup encountered the following error on this host: [master] Failed live back on remote server [401]. DR authorization header does not equal con

Hi,

we've been having issues with Live Backup:

Live Backup encountered the following error on this host: [master] Failed live back on remote server [401], [{"id":"unauthorized","status":401,"title":"Unauthorized","detail":"The request requires auth

...

Symantec similar command for FireEye HX v2 commands

Hi,

Can anyone help for this-

Which FireEye HX v2 automation command will give the equal output for below-mentioned Symantec command:

1. sep-endpoint-info( to Get Computer Info using IP & using Hostname)
2. sep-scan-endpoint(for Full Scan on Endpo

...

Resolved! Getting output in [] brackets

Is there a way to check on which drive the demisto application is installed on

Resolved! Add additional fields in Jira edit issue task

Hi All,

"Jira-edit-Issue" task has some default Arguments as Inputs (eg: IssueID, priority,status, summary, description etc.,). Now I need to add new field as Inputs to Jira edit issue from XSOAR, fields like resolution, etc.

I tried editing the s

...

Resolved! Playbook runs in Playbooks page but not with incident

Hello all,

I have a playbook, the one from XSOAr Engineer you tube course actually, video #8, sub-playbooks. This runs flawlessly in the playbook page but when I run it from an incident it ends up trying to reset the password for every AD user even

...

Resolved! Grid Field Setup In XSOAR

Dear All

I am trying to setup a new Grid Field in XSOAR.

I have added few column header with the field names that I require however, in the layout, not all columns are shown.

There are certain fields which are missing in the display.

Share internal list XSOAR with url

Hello,

We created an internal list in XSOAR called "urls". We'd like to create an url to share a link with the data of the list. How can be this done?

Uploading report via demisto api post request

Hello everyone,

I am trying to upload json file to create report. Despite I tried tons of way I couldn't send the body properly. demisto-api-post request need multipart/form-data content type. Is there any way to send raw json properly?

Here is m

...

Paint markdown table cells or rows

Hello,

We use markdown tables to show the analysts' incident data. We use them for manual tasks in details as in layouts. We'd like to paint those cells where the data shown is critical. For example, on a markdown table where some hashes are detonate

...

XSOAR Threat intel IOC Ingestion to Splunk

Hi,

We have created EDL query to ingest IOC to the SPLUNK from XSOAR Threat intel management Platform.

We have to know that Refresh List will work and how to get all IOC via EDL query from XSAOR

Kindly share any best practice any one implement

...

Resolved! Create widget for bioc and ioc rule numbers

Hello everyone,

I am trying to get numbers of bioc and ioc rules from our xdr integration. I want to create a widget to see that how many ioc and bioc rules added week by week. Do anyone have idea for this?

Thanks in advance.

Cortex XDR Cortex

...

query(group) indicators by domain name

If I have a tenant/account that has incidents.

some of those incidents have indicators / entities tied to abc.com or xyz.com

Is there a way to query for, show me all the incidents that have hostnames or account names that end in abc.com?

Wasn't having l

...

Resolved! Generating reports through automation

Hi everyone,

In our environment, we are supposed to generate reports through playbooks since we want to be able to customize the template according to the incident type. Executing the report is simple but downloading is not that simple.

I am foll

...

Move War Room Entries section

Hi all!
I want to move this section to a different tab in the layout. How do I do that?

I've tried using the War Room Entries section to the tab where I wanted it to be, but the filter 'URL Enrichment' is not listed. Any tips?

Thanks!

Discussions

Live Backup encountered the following error on this host: [master] Failed live back on remote server [401]. DR authorization header does not equal con

Symantec similar command for FireEye HX v2 commands

Resolved! Getting output in [] brackets

Is there a way to check on which drive the demisto application is installed on

Resolved! Add additional fields in Jira edit issue task

Resolved! Playbook runs in Playbooks page but not with incident

Resolved! Grid Field Setup In XSOAR

Share internal list XSOAR with url

Uploading report via demisto api post request

Paint markdown table cells or rows

XSOAR Threat intel IOC Ingestion to Splunk

Resolved! Create widget for bioc and ioc rule numbers

query(group) indicators by domain name

Resolved! Generating reports through automation

Move War Room Entries section

Do we have XQL query builder feature in XSOAR

Where is the XSAOR 8 CLI Reference?

Pre Processing Rules Logs

XSOAR CMDB - SQL issue

Cortex XSOAR - Best Practice Optimize Threat Intelligence Management (TIM)

Re: Cortex XSOAR intergration with Terraform Cloud?

Splunk integration - Mirroring not working

Unlock your full community experience!

Resolved! Getting output in [] brackets

Resolved! Add additional fields in Jira edit issue task

Resolved! Playbook runs in Playbooks page but not with incident

Resolved! Grid Field Setup In XSOAR

Resolved! Create widget for bioc and ioc rule numbers

Resolved! Generating reports through automation