Sleep task bugged when XSOAR is restarted

Hello,

We are using long sleeps in playbooks, when the XSOAR is restarted these sleeps get stucked and never finish. We have to go by one by one finishing the tasks manually. How can this be avoid? 

XSOAR muti-site (DC,DR) design best practice

Dears All,

Kindly we need your support to provide us with best practices for muti-site high availability architecture (DC, DR)

Incident Layout dynamic section as input

Hello!
I would like to ask you how to implement a way to define the input values on the Incident Layout.

For example, I would need it in a case where I have a sub playbook and I want to give a value to one of its mandatory arguments without having to

A doubt with ElasticSearch Integration and EQL searches (es-eql-search)

Hi everyone,

I'm currently working on how to make some EQL queries to my Elastic Instance from Cortex XSOAR. I'm using ElasticSearch integration, specifically the command "es-eql-search" which purposoe, I guess, is to make a EQL query to ElasticSea

AWS Market place Prisma Cloud (PAYG with 15-Day Free Trial)

From the Welcome mail I receive Palo Alto network Support expected is Hub right?

Mapping fields to XSOAR IOCs

I'd appreicate guidance on how to update IOC fields with information extracted from an excuted playbook task. 

My use case centers around updating File Hash IOCs to include file signature metadata information to enable easier cleaning up of IOCs as

Some simple task taking long time to complete, dont know why

Hi Everyone

I have multiple simple playbooks tasks taking over a mins to complete, such as closing ticket, condition select etc, 

We checked the CPU and Memory usage it seems normal,

Any suggestion where I can change why ti taking so long?

Ch

Rasterized content on Incident Layout

Hello!
I have a question. How can I make it so that I would like to rasterize email/url. The image that appears in the war room (which is the result of running the command) i would like to display on one layout field.

I guess I should use dynamic secti

Playbook to update IOCs on Microsoft Advanced Threat Protection (APT)

I want to achieve below steps. is there any exiting playbook or have to customized playbook?

Step 1: Checking Existing IOCs in Microsoft APT

In this first step, we will fetch the list of existing IOCs from Microsoft APT and compare them with the IOCs

Create Incident layout fields from Context Data

Hello!

During incident investigations, it would be useful if certain Context Data fields (if they have a value) are written to the incident layout and you don't have to search for the value in the Context.

My question would be, how can I make it so t

How to read file from the pandas FileExcel?

I need to create some report and I am using pandas module for that but unable to read the file from my local rdp desktop. Note: I am using xsoar from web Interface. I try to use with "\\" to avoid escape sequence mistake. It is unable to read the fil