Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

High number of process in XSOAR Engine Server

Hi,

  1. What are the engine processes corresponding to engine shell installation on RHEL with Podman?

  2. Are the number of processes on the engine server expected to rise due to each integration made on it?

  3. What are the considerations for keeping the eng

...

DP696 by L2 Linker
  • 912 Views
  • 1 replies
  • 0 Likes

Resolved! XSOAR Sessions and Submissions option

Hi,

 

I came across this documentation regarding XSOAR

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-9/cortex-xsoar-threat-intel-management-guide/unit42-intel/unit42-sessions-and-submissions

 

The Sessions & Submissions tab enables you to u
...

Resolved! Insert logo when mail is sent from XSOAR

Hello,

A playbook is creating an email with data to deliver in html, however we can't find the way to introduce the logo of the company inside it. What path should we add to the tag "<img src="*****"> to obtain the logo in our local folders?

Josep by L4 Transporter
  • 1776 Views
  • 2 replies
  • 0 Likes

Retry "ScheduleCommand" when it fails

Hello team,

We're deploying a programmed automation which sometimes fails due to an external error. We'd like to retry in case the command fails. The command used is "ScheduleCommand". How can this "retry" be created?

Thanks.

 

Josep by L4 Transporter
  • 1289 Views
  • 4 replies
  • 0 Likes

Find playbooks and subplaybooks not being used

Hello,

 

Our XSOAR complexity has increased during the years, this means more playbooks and subplaybooks deployed.

However, some of them are not used anymore, many reasons about it.

 

How can these unnecessary playbooks and subplaybooks detected and

...

Josep by L4 Transporter
  • 988 Views
  • 2 replies
  • 0 Likes

XSOAR ON AZURE MARKETPLACE

Hello All,

 

Has anyone deployed XSOAR using Azure Marketplace?

 

I was able to deploy one for testing, but I couldn't logon to the GUI, I believe there should be a default admin password created when the VM was created just as documented when using

...

ORufai by L0 Member
  • 970 Views
  • 2 replies
  • 0 Likes

Resolved! Read Email Body

I am trying to write a playbook that will read the email body and understand what the email is related to base on keywords or patterns. Is there a script or integration that could do that? My best idea is to use Machine Learning for it, but I am not

...

axespera by L1 Bithead
  • 1332 Views
  • 2 replies
  • 0 Likes

Resolved! Resetting Qradar integration and keep mapped alerts.

Hello colleagues,

I'm using Qradar integration with all the alerts mapped and parameters configured. In order to solve a "fetch events" puntual problem is recommended to reset the integration with empty parameters and the use again the already workin

...

Josep by L4 Transporter
  • 1019 Views
  • 1 replies
  • 0 Likes
  • 956 Posts
  • 30 Subscriptions
Top Solution Authors
Top Liked Authors