Hello, Anyone know how I can run an automation in the playground, to save a string of text into a file locally on the system?
Hello all We are using Cortex XSOAR Version Version 6.0.0; Build 79522 and having problems with Jobs.I've created a Job, which calls a playbook. this playbook is done withing 1 minute - but the Jobs-Status is always on "running". The playbook has a "Done" Section Header at the end. Do I have to add some Tags or anything, that Jobs sees, that th...
Dear Team, We are doing xsoar server installation 6.11 in Linux machine. But while running the package, we are unable to configure. We are getting many errors. Kindly help us on the same. Thanks & Regards, Priya M
Hi, I'm integrating XSOAR with Cisco Ironport, after entering enough information, I get an error like above. Has anyone encountered this case?
Hello everyone Recently I am developing playbooks for the management of possible security incidents. Something that catches my attention is that, in case of errors throughout the playbook, I have established that the case is closed through the "Close Investigation (builtin)" automation. Although on other occasions, the question I want to ask...
Hi,Sometime when I'm trying to uploading images in incident warroom, its not coming as link, and not able to view what's in the image. attaching screenshots for reference. Thanks
Is it possible to disable local user login on tenants in xsoar. We want to allow local user login via main account only.
Hi, I am building the playbook, where I have one task that is searching for incidents using the query as in:!SearchIncidentsV2 query="type:FireEye NX Alert and fireeyenxalertvictimip:11.11.11.11 or 134.122.90.162"With a help of community members I was able to insert the variable IP which contains a list of IP addresses to search for (above these...
Hello, i get some problems during setup my splunk to xsoar: The problem i get is xsoar take the notable event hash filed like it was a file hash and i didn't want it in my playbook. Some of you has already face this issue ? do you have resolved it ? Thanks Cortex XSOAR
I have been notified by my firewall team that the Cisco Umbrella API is being updated to version 2. I have tried updating the creds that I am using to this new version but with no luck. Has anyone else been having the same issues? The current version will be end of life on September 1st.
Hi all, I have two custom fields. Initially, these fields were added to the context data even if they are empty. Now, they don't get added at all. This code used to work demisto.incident()['customFields']['fieldhere'] to grab the custom fields, but now it returns a KeyError error. Any advice?
Hi all, I am creating an incident with script as following: uri = f'/incident' body = { "name": incident_name, "type": incident_type, "createInvestigation": True, #"rawJSON": json.dumps({'hello': 'test'}) } return execute_command('demisto-api-post', {'uri': uri, 'body': body}, fail_on_error=False) ...
Hello,I would like to use 'jq' Transformer as designed in a custom "Mapper", but it constantly says to me that error message, whatever I am testing :===> "Result: Failed to execute jq. Error: the JSON object must be str, bytes or bytearray, not dict"Event though I tried barely everything in order to be able to test it, as you would be able to...
!gcb-list-detections alert_state="ALERTING" page_size="100" detection_for_all_versions="False" list_basis="CREATED_TIME" start_time="2023-07-17T14:52:46.000Z" end_time="2023-07-17T14:57:46.894Z" retry-count="2" retry-interval="30" is returning "Failed to execute gcb-list-detections command. Error: list index out of range" for a week now, was wor...
I am writing to request support for migrating from the old playbook (Endpoint Malware Investigation - Generic) to the new playbook (Malware Investigation & Response Incident handler) and I have only the Standard Success support.Additionally, I would like to inquire if it is possible to get support from the live community to assist with the i...
