Dear Members ,
Hoe you are all doing well.
What is the best option to set a timeout for a sub playbook task, so if that playbook run exceed x amount of time it continues to the next task in the playbook.
Thanks.
I am running error trying to pull the alert_id from a Defender incident under the sub playbook MDE Malware-Incident Enrichment -> Get full alert details using automation: 'microsoft-atp-get-alert-by-id'.
Error:
Hi, I know that we can mass rename active cases but what about mass renaming closed cases? I can rename closed cases one at a time manually but it is super tedious to do so as we have thousands of existing cases. Any suggestions? Thanks.
Hi,
I am looking for functionality differences between the two licenses of XSOAR i.e. Cortex XSOAR Starter Edition and Cortex TIM Edition.
As per the Admin Guide, it seems the broad differences are in number of Automated Tasks and feeds...but noth
...
Can anyone provide an example of the API request they're utilizing to disable or enable an instance for an Integration via the CORE API?
Everything I've tried results in 400 error with this message:
"id": "errOptimisticLock",
"status": 400,
"title": "
Hello,
We want to assign Requestor and Requested for the user while opening a ServiceNow Incident through XSOAR, however, while referring to the doc/integration, I didn't find any information on how to achieve that.
Cortex XSOAR
Hi all, we are bulding a playbook on our XSOAR integration that, after pulling an offense from a QRadar istance, send a mail related to it and enrich the message with some html code and other customizations.
Our SOC asked us to include, in the mail s
...
I have been facing an issue with my script that downloads feeds from the provided URLs. The script was previously working fine without any changes, but recently I have been unable to download any feeds using the script. The issue has persisted for th
...
Suddenly Azure Log Analytics integration in XSOAR started throwing the error for Key or Certificate Thumbprint and Private Key must be provided prior to that it was working fine. Does any facing same issue. How to solve this issue.
I'm curious if anyone has had any success leveraging XSOAR with Banner to automate onboarding.
Hi all, I have a problem with QRadar integration. Let me summarize my environment and basic configuration.
Cortex XSoar version: 6.10.0
QRadar integration version: IBM QRadar v3
Mapper: QRadar - Generic Incoming Mapper
Incident type: Qradar Generic
Event
I'm attempting to write an automation that takes a user password.
Then sends an api call containing that password, but when I enable the mandatory sensitive options on the automation script. The API call I wrote no longer runs. Are there any example
...
Hi,
Anyone please help me to understand automatic incident assignment by DBot to analyst. what are the steps have to perform?
how to define the shift in user roles?
Thanks.
Is there any way to use a task to preview an email (from an msg or eml) and not just see the filtered results?
I'm looking for a solution to display an email in xsoar as if I were to open it in outlook.
For analysis it would be important to see the e
...
Dear LIVEcommunity users,
Since version 6.0, Cortex XSOAR implements incident mirroring. Do you know if it is possible to enable two (or more) different syncs on the same incident (e.g. 2 Jira integrations, or 1 Jira and 1 ServiceNow) ?
If yes :
