Create a job to check if an instance pull has failed

Hello,

Sometimes on instance fails pulling the data, however the instance has connection. It's just an error feeding the instance.

How can a job be created to check is a pull has failed?

Put alerts of the same type in just a single one daily.

Hello, 

I receive many alerts of the same type each day creating an incident for each. 

I would like to put together all them in an incident and avoid creating incidents individually. So it will be solved just once.  

Docker Hardening

Hello,

I followed this docker hardening documentation to harden the docker containerzied environment for Cortex XSOAR solutin. 

I added the first server configuration key as this (docker.run.internal.asuser = true), and reset docker containers th

xSOAR Dashboard Widget - Table column Count for specific field

Hey!

I'm trying to get a widget on a dashboard that shows a field and how many times it has triggered next to it.

Example:

Name:              |     Alert Count:

----------------------------------------------

Department 1   |           4

Department 2

CiscoEmailSecurity (Beta) integration works on vesion 14.2.0?

Hello,

Now we are using CiscoEmailSecurity (Beta) integration for version 13.8.1, and is going to be updated to 14.2.0. How could we know if it's compatible?

Thanks

[DemistoClassApiModule] Why CustomFields in demisto.incident()

Why is there a separate dictionary returned from demisto.incident? Does it matter whether a field is custom or builtin

demisto.incident()['CustomFields']['myfield']


I am asking this because I am thinking about implementing a custom function in CommonU

I found the issue cannot save filter in the Playground War Room

Hi All,

In the new version of XSOAR server 6.10 GA cannot save the filter in the Playground War Room.

The save bottom cannot click.

Everyone found this same issue or not?

BR

Sakkarin Pichetskul

How to find incidents with a particular key present in context ?

whenever there is an email thread involved in the incident,  a field in the context is created as EmailThreads: [{email1 values}, {email 2 values}]

I want to find all the incidents which have this email thread involved.

Multi Tenant Automation

Hi,

Is there a way to run XSOAR automations across all tenants without having to place (push) the automation into all the tenants? 

If I wanted to write a script to pull all incidents across all tenants, how would I do that?

Thank you.

[Multi-Tenant] How to sync jobs to tenants

Hi everyone, I want to create a job to run everyday at 12pm to check if any license in the tenants expires in a week. The main account doesn't have the jobs tab. so I can't simply sync the job to all the tenants. What are my options?

Setting IncidentName and IncidentSeverity with Incoming Mapper

Hello,

I am trying to set the IncidentName and IncidentSeverity of an XSoar incident with the incoming mapper but it does not work. Ive tried googling and reading up but I cant find how you are supposed to set these fields.

Has anyone done this b