Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Resolved! Resetting Qradar integration and keep mapped alerts.

Hello colleagues,

I'm using Qradar integration with all the alerts mapped and parameters configured. In order to solve a "fetch events" puntual problem is recommended to reset the integration with empty parameters and the use again the already workin

...

Josep by L4 Transporter
  • 1058 Views
  • 1 replies
  • 0 Likes

Resolved! Pre-process Rule Assistance

We are trying to create a pre-process rule to link and close the incident when certain field values are identical but still incidents are getting created for identical values. Please find the attached snip.



Please note you are posting a public message...

Resolved! Playbook Creates Incidents from Table.

I'm trying to create incidents from a Cortex XSOAR SIEM integration. The integration allows me to list alerts and I'm trying to create an incident for each one. When I run the playbook, the list alerts command returned multiple entries, but the creat

...

Resolved! DEVO integration into XSOAR

Hi

we need to integrate DEVO with XSOAR, in order to manage all alerts and be abe to query DEVO. First step is to get all alerts, so we have installed the "Devo v2 (Partner Contribution)" addon into XSOAR and followed the instructions, from https://x

...

MTubia_0-1666794019444.png
MTubia_1-1666794048295.png
MTubia_2-1666794133493.png
MTubia by L1 Bithead
  • 1402 Views
  • 2 replies
  • 0 Likes

Open zip file in automation

Hello,

I'm downloading a zip file via API with this request:

  • response = doHttpRequest(url=zip, method='GET', headers=headers)

it's supposed that my "response" variable now it's the zip file, however when I try to open, I can't, it's like it doesn't e

...

Josep by L4 Transporter
  • 1368 Views
  • 3 replies
  • 0 Likes

Script failed to run: Timeout Error: Docker code script failed due to timeout, consider changing timeout value for this automation, (2604) (2603)

 

We have a playbook task that sends a query to run on Splunk using the SplunkPy but it keeps failing and returning the following error
#22: Splunk Search Query


Command
!splunk-search query="index= test blah blah" earliest_time="1666679348" latest_ti

...

Resolved! Configuration file to playbook

Hi all,

I need to provide an externally uploaded configuration file to a playbook whose content varies periodically (it's a list of names). What is the best way to do this? The user who uploads the file can access the XSOAR GUI interface with an Anal

...

Rename XSOAR tenant

Receiving more business from a customer for some of their other entities.

 

I need to rename an XSOAR tenant to be more pointed - 

 

Is there any instructions on renaming.

Can i just stop the tenant and rename the folder on the backend; assume there's

...

JoshBoyd by L2 Linker
  • 1296 Views
  • 1 replies
  • 0 Likes

Phone call from XSOAR

How can i make Phone calls from a playbook?
I found the twilio integration which is able to send SMS, but I'd rather make a phone call to the incident manager somehow.
Have you found any solution to this?

  • 1004 Posts
  • 31 Subscriptions
Top Solution Authors