XSOAR Pre-process Rule for forwarded Phishing Campaign

I need to drop any email under pre-process rule in XSOAR for any forwarded phishing campaigns. These forwarded emails are being sent by the user to our shared mailbox and will then create an incident in XSOAR which became an added items to our false

SAML connection error with PingID

Been fighting an integration issue for awhile now.  Was hoping someone had seen this error before.

Could not init SAML instance, IDPSSOURL: 'https://pid-dev.domain.com/site/SignOn.saml' is not available.

I was told by the tech who working on Ping

How to set a timeout for a sub playbook task ?

Dear Members , 

Hoe you are all doing well.

What is the best option to set a timeout for a sub playbook task, so if that playbook run exceed x amount of time it continues to the next task in the playbook.

Thanks.

Is there a way to mass rename closed XSOAR cases?

Hi, I know that we can mass rename active cases but what about mass renaming closed cases? I can rename closed cases one at a time manually but it is super tedious to do so as we have thousands of existing cases. Any suggestions? Thanks.

Cortex XSOAR Starter Edition vs Cortex TIM Edition - Funtionality Difference

Hi, 

I am looking for functionality differences between the two licenses of XSOAR i.e. Cortex XSOAR Starter Edition and Cortex TIM Edition.

As per the Admin Guide, it seems the broad differences are in number of Automated Tasks and feeds...but noth

Disable/Enable Integration Instance via API

Can anyone provide an example of the API request they're utilizing to disable or enable an instance for an Integration via the CORE API?

Everything I've tried results in 400 error with this message:
"id": "errOptimisticLock",
"status": 400,
"title": "

Get raw log with IBM Qradar integrations for Corex XSOAR

Hi all, we are bulding a playbook on our XSOAR integration that, after pulling an offense from a QRadar istance, send a mail related to it and enrich the message with some html code and other customizations.

Our SOC asked us to include, in the mail s

Threat intell feed integration with a python script.

I have been facing an issue with my script that downloads feeds from the provided URLs. The script was previously working fine without any changes, but recently I have been unable to download any feeds using the script. The issue has persisted for th

Azure Log Analytics integration suddenly started throwing error Error: Key or Certificate Thumbprint and Private Key must be provided

Suddenly Azure Log Analytics integration in XSOAR started throwing the error for Key or Certificate Thumbprint and Private Key must be provided prior to that it was working fine. Does any facing same issue. How to solve this issue.   

XSOAR and Ellucian Banner integration

I'm curious if anyone has had any success leveraging XSOAR with Banner to automate onboarding.  

automation script to take password

I'm attempting to write an automation that takes a user password. 

Then sends an api call containing that password, but when I enable the mandatory sensitive options on the automation script. The API call I wrote no longer runs. Are there any example

Incident assignment in XSOAR

Hi,

Anyone please help me to understand automatic incident assignment by DBot to analyst. what are the steps have to perform?

how to define the shift in user roles?

Thanks.