Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Resolved! Include Linked incidents table in email notification

Dear Community members, hope you are all doing well ! I'm wondering if there is an option to include linked incident table (can be added to the incident layout) in email template. I'm using Mail sender (New) : https://xsoar.pan.dev/docs/reference/integrations/mail-sender-new for sending email and I'm feeding it my custom html template. if...

Could use some help with Azure SSO for community edition Cortex XSOAR

Hello, I have tried many settings and can't seem to quite figure out what text is to be entered into the setup section within Xsoar for the Azure SAML SSO setup. I keep getting this error: " {"id":"errSAMLLogin","status":400,"title":"Failed to login via SAML","detail":"Failed to login via SAML","error":"","encrypted":false,"multires":null} " I ...

DriveYourAceOff_0-1651006685822.png

How to Find and update existing incidents through Integration

Hi, We are providing partner integration for our product and this is the requirement. My product # generates/creates 'Cases' which are pulled inCortex XSOAR as incidents using fetchIncidents call. It might be possible that sometimes a 'Case' in our product gets updated and gets pulled in XSOAR again. The custom attribute used here is caseId ...

sudhesub by L1 Bithead
  • 4382 Views
  • 4 replies
  • 0 Likes

Resolved! Script-based Widget

I want to design a widget. This widget will appear on the dashboard. But I want this widget to work only once a day. How can I do this? Cortex XSOAR

Trigger a usecase by sending an email to an email address (Dedicated) owned by Paloalto

I would like to explore an option to trigger a use case by forwarding or sending the email to a cortex email address (Dedicated) to a client and trigger a playbook from there. (Something like [email protected]) and then it creates an incident and we can trigger the playbook from there. Is there a way to do this? Cortex XSOAR #Playbook_Tr...

Resolved! ERROR ModuleNotFound on XSOAR

Hi, While trying to run the PANORAM integration we are facing this issue: Script failed to run: Error: Error [[Traceback (most recent call last): File "<string>", line 12, in <module> ModuleNotFoundError: No module named 'panos' ]] - Stderr [] (2601) Stderr: Traceback (most recent call last): File "/var/lib/demisto/temp/script483...

Getting Started

Greetings--I'm a data analyst who is adept at using tools like Tableau, R, MS Access, MySQL, and PowerBI to analyze both large and small datasets to find patterns, tell stories, visualize data, etc. A cousin who first got me on the path for administering Palo Alto firewalls unwittingly set my path toward Cortex XSOAR # as well. Looking for adv...

Problem with AppendindicatorFieldWrapper script

Hi! When we run the appendIndicatorField task, the last IP address of an array never gets tagged. Please see the following examples for clarification: Example 1: works fine !appendIndicatorField indicatorsValues="134.122.135.178" field="tags" fieldValue="BlockPA" using-brand="Builtin" Example 2: tags IP 134.122.135.178, doesn't tag IP 43.1...

adocasar by L1 Bithead
  • 3300 Views
  • 3 replies
  • 0 Likes
  • 1305 Posts
  • 45 Subscriptions