Cortex XSOAR Discussions

SMAX Integration Error

Hi Everyone,

We have integrated SMAX as the ticketing solution on XSOAR for one of the clients.

After configuring, it is giving an unexpected error. I don't think its a network issue or issue with the credentials.

Some assistance on the error wou

Run a command on all tenants from master

hi everyone,

I need some help with microsoft graph integrations with multi tenancy

I configured an instance of Microsoft Graph Mail Single User integration in the master and want to sync to all the tenants. Simply syncing won't work because the i

Apply transformers directly on variables

Hello,

I'm creating Json lists introducing data in them. I'm using "addToList" automation. The data introduced example:

listData:

{"key1":{

"subkey1: ${dataInput1},

"subkey2: ${dataInput2},

"subkey3: ${dataInput3},

"subkey4: ${dataInput4}

}

Is ther

Even though get-remote-data command executes successfully, the entries returned in the GetRemoteDataResponse object is not being added to the incident

When the get-remote-data is being called, I am getting below errors when returning entries to the GetRemoteDataResonse. The command is executes successfully, but I do not get entries in the XSOAR incident which I have passed to the GetRemoteDataRespo

Panoroma IP Blocking Issue

I wanted to block ips via using xsoar, on Pan-os panorama. We have integrated xsoar and panoroma but non of the automations provide us a blocking on panorama. In addition to that I tried to give inputs to Block IP Generic v3 playbook(which is provide

closing duplicated tickets in XSOAR & Splunk automatically

Hello,

i am trying to close duplicated tickets on XSOAR and Splunk automatically using pre processing rules (for closing on XSOAR) and post processing rule (for closing on Splunk) which i wrote a script for

However i cannot test the post processing

'command is supported from engine version 6.0 and above' error when testing Cisco ISE integration

Hi,

When testing Cisco ISE OOTB integration in XSOAR getting ' Wait time:1m0s. Note that command is supported from engine version 6.0 and above' error. But we are running on 6.9 version. Can someone help me with this please.

Thanks,

Getting this error when enabling malwarebytes #xsoar integration

Executed: test-module
Instance Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955
Arguments {}
Start time 2022-10-21T16:15:27.798846102-04:00

2022-10-21T16:15:28.151429016-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwareby

Search IOCs on VirusTotal Faster

We are running a playbook to search a list of IOCs on VirusTotal, the list is received by an attachment on incident creation. The playbook then exports the VirusTotal scores into the war room as a csv file. All this is achieved by manual indicator cr

XSOAR Tenant RO access

Hi All,

In an environment where one has a multi tenant setup, what is required from a licensing perspective in order to setup an account (pref read only) to be able to view both the master and any child tenants within. requirement for this account is

Microsoft Sentinel Integration

I am having the following error while trying to create an instance of  "Microsoft Sentinel Integration":

Script failed to run: Error: [Traceback (most recent call last): File "<string>", line 1, in <module> NameError:

Get MFA authentication methods

Hello community!

I was wondering if there's any integration that would allow me to get the defined authentication methods for a given user. The use case is to know if someone who has entered credentials in a phishing portal has MFA enabled or not a

Not able to create a file in the artifacts folder using automation

I run a query in indicator tags:malicious, I am able to get expect result, 

Then I run the build in automation "GetIndicatorsByQuery" in playground,  it shows there is a file created, however when I download the file the content is all  [{}, {}, {}