How can I surely say that incident is changed from Pending state to Active state during outgoing mirroring?

When we change the incident from Active state to Close state, we get "closeReason", "closingUserId", and "closeNotes" in the delta of "UpdateRemoteSystemArgs". But when the incident is changed from Pending state to Active state, we do not get anythin

Blueliv API integration error

We are testing XSOAR and integrations. We have some problems when we try to fetch incidents in BlueLiv integration. 

This is the complete error:

Extract Indicator in XSOAR

Hi all,

I want to manually extract the 'IOC alarm' coming from XDR. But the incoming IP addresses come in 2 ways as 'action_local_ip' and 'action_remote_ip'. If I extract according to action_local_ip or action_remote_ip, some IOCs get an error (wrong

Issue with certificates - Encountering SSL handshake failure error

Hi,
Created own self-signed certificate, and replaced with the certificate and key in the designated path '/usr/local/demisto/d1.cert.pem & /usr/local/demisto/d1.key.pem' (on XSOAR engine) and given the required permission and ownership to the files.

SMAX Integration Error

Hi Everyone,

We have integrated SMAX as the ticketing solution on XSOAR for one of the clients.

After configuring, it is giving an unexpected error. I don't think its a network issue or issue with the credentials.

Some assistance on the error wou

Run a command on all tenants from master

hi everyone,

I need some help with microsoft graph integrations with multi tenancy

I configured an instance of Microsoft Graph Mail Single User integration in the master and want to sync to all the tenants. Simply syncing won't work because the i

Apply transformers directly on variables

Hello,

I'm creating Json lists introducing data in them. I'm using "addToList" automation. The data introduced example:

listData:

{"key1":{

"subkey1: ${dataInput1},

"subkey2: ${dataInput2},

"subkey3: ${dataInput3},

"subkey4: ${dataInput4}

}

Is ther

Even though get-remote-data command executes successfully, the entries returned in the GetRemoteDataResponse object is not being added to the incident

When the get-remote-data is being called, I am getting below errors when returning entries to the GetRemoteDataResonse. The command is executes successfully, but I do not get entries in the XSOAR incident which I have passed to the GetRemoteDataRespo

Panoroma IP Blocking Issue

I wanted to block ips via using xsoar, on Pan-os panorama. We have integrated xsoar and panoroma but non of the automations provide us a blocking on panorama. In addition to that I tried to give inputs to Block IP Generic v3 playbook(which is provide

closing duplicated tickets in XSOAR & Splunk automatically

Hello,

i am trying to close duplicated tickets on XSOAR and Splunk automatically using pre processing rules (for closing on XSOAR) and post processing rule (for closing on Splunk) which i wrote a script for

However i cannot test the post processing