Chronicle Errors for a while now -

!gcb-list-detections alert_state="ALERTING" page_size="100" detection_for_all_versions="False" list_basis="CREATED_TIME" start_time="2023-07-17T14:52:46.000Z" end_time="2023-07-17T14:57:46.894Z" retry-count="2" retry-interval="30" is returning "Faile

Integration of "Malware Investigation And Response" Playbook

I am writing to request support for migrating from the old playbook (Endpoint Malware Investigation - Generic) to the new playbook (Malware Investigation & Response Incident handler) and I have only the Standard Success support.

Additionally, I would

Is it normal for the main account to hang when syncing 30 tenants at a time

Hi everyone,

This issue started to happen recently, I am not running anything on the main server and I didn't have any issues on that account so far . Syncing all the account however hangs the main server. I am considering either adding more resour

Issues after upgrading XSOAR

Hello wonderful people,

I just upgraded XSOAR from version 6.9 to version 6.11 in a live environment.

The upgrade was successful but "I got failed to migrate podman containers" after the upgrade.

Also after all, whenever I try to pull data from

Cannot start demisto service after changing certificates.

Hello folks,

I followed the steps here to change the GUI certs to new self-signed certificates, but the service doesn't come back up.

I found below error in server tail.

error Could not load scheduled jobs [error 'database not open'] (source: /

Able to get time when a user opens an XSOAR incident for the first time?

Hi, I would like to get this context key/value as I need it to track SLAs. Is there a way to do so, rather than manually configuring a button in my playbook workflow to call the `!GetTime` script? Thank you.

Automation to Print output and set tag in warroom

Trying to create an automation to print output in the warroom, which works. 

print(handover) 

Only thing is how can I give a tag automatically to the output in the warroom. 

I want to give the tag "Handover" to this output for example. 

Does an

What is everyone doing with their TIM license?

Hi everyone,

I am running a multi tenant version of XSOAR, this version doesn't come with TIM so I don't have access to full screen view for indicators. So far I have been extracting indicators with an automation and verdicts for those indicators a

Facing service now integration issue across all US tenants.

Hi , need support to get clarification on the below error , we are facing this service now integration issue accross US region almost 5 plus tenants,
So need some help to fix this issue as we were unable to create any ticket using snow as we were faci