Is there a way to check on which drive the demisto application is installed on
Hi All, "Jira-edit-Issue" task has some default Arguments as Inputs (eg: IssueID, priority,status, summary, description etc.,). Now I need to add new field as Inputs to Jira edit issue from XSOAR, fields like resolution, etc. I tried editing the script also.. Can anyone please help me which part of the script needs to be edited. Thanks
Hello all, I have a playbook, the one from XSOAr Engineer you tube course actually, video #8, sub-playbooks. This runs flawlessly in the playbook page but when I run it from an incident it ends up trying to reset the password for every AD user even though I specify james.bond as the user. I am not sure of the logic. It doesn't seem to "call" t...
Dear All I am trying to setup a new Grid Field in XSOAR. I have added few column header with the field names that I require however, in the layout, not all columns are shown. There are certain fields which are missing in the display.
Hello, We created an internal list in XSOAR called "urls". We'd like to create an url to share a link with the data of the list. How can be this done?
Hello everyone, I am trying to upload json file to create report. Despite I tried tons of way I couldn't send the body properly. demisto-api-post request need multipart/form-data content type. Is there any way to send raw json properly? Here is my code; content = demisto.args().get('page_content') page_number = demisto.args().get('page_num')...
Hello, We use markdown tables to show the analysts' incident data. We use them for manual tasks in details as in layouts. We'd like to paint those cells where the data shown is critical. For example, on a markdown table where some hashes are detonated, we'd like to paint the rows or cells where hashes are malicious.
Hi, We have created EDL query to ingest IOC to the SPLUNK from XSOAR Threat intel management Platform. We have to know that Refresh List will work and how to get all IOC via EDL query from XSAOR Kindly share any best practice any one implemented in their environment
Hello everyone, I am trying to get numbers of bioc and ioc rules from our xdr integration. I want to create a widget to see that how many ioc and bioc rules added week by week. Do anyone have idea for this? Thanks in advance. Cortex XDR Cortex XSOAR
If I have a tenant/account that has incidents.some of those incidents have indicators / entities tied to abc.com or xyz.comIs there a way to query for, show me all the incidents that have hostnames or account names that end in abc.com?Wasn't having luck in xsoar, so i switched over to kibana and our elastic database, but I don't see any of my in...
Hi everyone, In our environment, we are supposed to generate reports through playbooks since we want to be able to customize the template according to the incident type. Executing the report is simple but downloading is not that simple. I am following the api documentation https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR-API/ here/rep...
Hi all!I want to move this section to a different tab in the layout. How do I do that? I've tried using the War Room Entries section to the tab where I wanted it to be, but the filter 'URL Enrichment' is not listed. Any tips? Thanks!
Hi, I encountered a parsing error while running the phishing playbook with the previously reported email. sharing the steps and input data for better understanding of this issue. "Check Mail Hash In Process or Not" Playbook steps: 1. Set HashIncidentCount to -1 2. Format Mail Hash 3. Get InProcess List 4. Get Incident ID 5. Get Incident ...
We have to Generate a report that presents the network traffic data in XSOAR obtained from our SIEM. We would appreciate the guidance on the calculation process and the essential aspects we should include in the report. Thank you Cortex XSOAR
