This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

XSOAR - Microsoft Integrations - Authentication - Office365 Mail not authenticating

Hi all! Thanks a lot in advanced for your help. We are trying to connect to a mail server using the newest release of the Microsoft Exchange Integration. We've followed the instructions detailed here: https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication#self-deployed-application Both, using the Cortex XSOAR...

MicrosoftTeams-image.png
Outlook.png

Resolved! Splunk Integration

Hi, I have been trying to integrate Splunk Enterprise with xsoar and I keep getting this error message with url: /services/auth/login (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1007)'))) ] (2604) (2603) how can I fix this and get the integration to work. pls I need help

Fetching fields in issuejson

I have added a custom field in Jira. I am trying to print the information in jira by fetching through XSOAR. I am using this command {"fields":{"customfield_11503":{"value":"${incident.techniqueid}"}}} where technique id is getting fetched in XSOAR, I can see in the input field after executing the task, but the same is not getting printed in Ji...

Himangi by L2 Linker
  • 1998 Views
  • 3 replies
  • 0 Likes

Resolved! Add a new field in Jira XSOAR

Hi All, I have integrated Jira in XSOAR, while editing a Jira issue I can see following fields: I want to update resolution field of Jira from XSOAR. I tried using {"fields":{"resolution":{"value": "SIEM - Benign Positive"}}} in issuejson under jira-edit-issue. Can anyone please assist how can I achieve this. Thank You.

Himangi_2-1693836453910.png
Himangi by L2 Linker
  • 3408 Views
  • 3 replies
  • 0 Likes

Add Assignee Name through XSOAR

Hi, I have integrated Jira in XSOAR, I am creating a jira ticket with XSOAR using jira-create-issue automation. I want to add assignee name through XSOAR, I tried various combinations like username of jira, email id, etc in assignee id and assignee field in XSOAR, but assignee field is not getting updated in Jira. I have tried using issuejson co...

Himangi_3-1694501315613.png
Himangi by L2 Linker
  • 1274 Views
  • 1 replies
  • 0 Likes

Proofpoint Threat Response XSOAR integration Block URL, Block Domain, Block IP lists?

Hello, we successfully have integrated Proofpoint Threat Response Logs into our XSOAR instance. One of the problems we noticed right away is that it seems like its only a one way API flow, as in we cannot send any commands from XSOAR back to Proofpoint Threat Response. For example, with the integration we created a layout with certain button scr...

QRadar API 19.0 and Incoming Mapper problem

Dear all, I am trying to deploy MT XSOAR on a customer and they are using QRadar 7.3.5 with API 19.0. I have noticed that some incidents do not get the same mapping, yet they use Qradar Generic Incoming Mapper and all incidents are set as QRadar generic. For instance, Type A incident gets incidents.label.start_time mapped as incidents.start...

timeout or authorization Issue with Mail Sender (New)

Hi, When testing send mail new integration on load balancing group in XSOAR getting "timeout while waiting for engine to answer. Wait time:1m0s. Note that command is supported from engine version 6.0 and above But we are running on 6.10 version".for this i added the below mentioned server setting but issue still persist: key: engine.test.command...

Resolved! How to get the process id from crowdstrike (CS) integration

https://xsoar.pan.dev/docs/reference/integrations/crowdstrike-falcon#30-cs-falcon-process-details https://xsoar.pan.dev/docs/reference/integrations/crowdstrike-falcon#51-cs-falcon-rtr-list-processes https://xsoar.pan.dev/docs/reference/integrations/crowdstrike-falcon#7-cs-falcon-run-command Hi Folks,In my context I do have the malware process p...

Screenshot 2023-08-30 at 5.26.10 pm.png
Screenshot 2023-08-30 at 5.37.55 pm.png
Screenshot 2023-08-30 at 5.36.10 pm.png

Not getting output in Jira

Hi All, I have added a custom field in jira (MITRE Tactic). I have mapped this field in XSOAR with 2 fields: Mitre Tech ID(short text type) and MITRE Technique ID(Multi select / Array). Below is the command I was using and the output I was getting: "customfield_11503": "${incident.mitretechid}"${incident.mitretechniqueid} "customfield_11503": ""...

Himangi_0-1693553691213.png
Himangi by L2 Linker
  • 1464 Views
  • 1 replies
  • 0 Likes

When editing and incident field to update/delete some values the "old" values appears back again.

Evertyime I run the playbook the old values appear again in the "Incident field" setting. I tried to :- Edit the field with the new values and save it.- Completely delete the field and create is again.- Deleted "field associated with the question" in the playbook and re-configured it again. Does anyone have an idea how to fix this?

Live Backup encountered the following error on this host: [master] Failed live back on remote server [401]. DR authorization header does not equal con

Hi, we've been having issues with Live Backup: Live Backup encountered the following error on this host: [master] Failed live back on remote server [401], [{"id":"unauthorized","status":401,"title":"Unauthorized","detail":"The request requires authorization","error":"DR authorization header does not equal configured key [XXXXXXXXXXXXXXXXXXXXXX...

RickyLam by L1 Bithead
  • 3015 Views
  • 4 replies
  • 0 Likes
  • 1300 Posts
  • 45 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks