Cortex XSOAR Discussions

Enable and disable integration instance from playbook/automation

Hello,

We'd like to create a flux where an integration instance is enabled, then the function related to that instance is used, and finally the integration instance is disabled. How can this be done? No functions have been found.

Enable instance->U

...

Propagation labels problem

Hi everybody, I am really having a hard time syncing content with tenants because propagation labels aren't working properly for me. To give you an example, I create an xsoarcommunity tenant and set the propagation label to carbon_test so that I can'

...

Resolved! File upload from XSOAR war room to Sentinel watchlist

Hi,

Newbie to Xsoar and working on an automation when a csv file is uploaded to war room, it should upload the csv to Azure Sentinel watchlist. From what I understand, I can do this by grabbing the file entry id of the latest file uploaded and th

...

Access denied for Cortex XSOAR Customer success Webinar: Case management.

Getting above message while trying to view content from below mentioned url.

LIVEcommunity - Access Denied - LIVEcommunity (paloaltonetworks.com)

'Failed to parse JSON object from response' while integrating Microsoft Defender for Cloud Apps with XSOAR

Hi,

I encountered the error 'Failed to parse json object from response: b'\r\n\r\n<!-- Copyright (C) Microsoft Corporation. All rights reserved.' when trying to integrate 'Microsoft Defender for Cloud Apps' using client credentials authentication meth

...

Export indicators with custom indicator fields

Our detection engineering team wants to upload a list of IOCs to XSOAR and get the VirusTotal scores of them as a csv file.

Through an automation I am extracting and enriching all the indicators and running

!ExportIndicatorsToCSV query="investigati

...

Resolved! Error with Set Command context

Hi all the community,
i face a problem when using set Command, you find bellow the error:

===ERROR

DBot
February 15, 2023 12:09 PM
Scripts returned an error
#2: add Test key to context
Command:

!Set key="test" value="abc" stringify="false" extend-context="

...

Resolved! Widget to display Active Logged in XSOAR user (SOC Analyst)

Does anyone have a script or know a way to display the currently signed-in XSOAR users?

Basically, i'd like a dashboard widget with active users signed-in....

Let me know your thoughts -

Thanks again,

Boyd

Resolved! XSOAR Community edition trial only 30 days

Hello,

I'm trying to deploy XSOAR at home just to try out some ideas. However, a 30 day trial is not enough time to attempt it.

Is there a way to acquire a limited version of XSOAR but with no time restriction?

Attentively,

Josep

Parse email attaachement using EWS V2 Extension

Hi all,
actually i am configuring an abuse email box that will receive all email that are suspected to be a phishing email,
actually when we send the suspected email as en EML attachement to the abuse email box that is alredy configured via EWS instanc

...

extend-context of multiple columns at once

Hi all.
I'm struggling a lot to solve a particular issue.
I am performing a Log analytics query which returns 4 columns (named AuthenticationRequirement, ResultType, ExternalUser and TrustedNetwork). The result could result in multiple rows with these

...

Resolved! Search custom fields in report query

Hi,

I think subject is clear enough that what i want to  , for some reason i want to query on some custom fields in report query page. As below pictures presents "domain" is the custom field that i need to query but no way to call it in report que

...