Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Copying directories on an SMB share.

I have a playbook where the end result is that I need to MOVE a folder within a Windows share from one location to another and then make a COPY of that folder in another location.

 

The SMB V2 integration doesn't have the functionality to do this, an

...

Resolved! Powershell Modules in Xsoar Cloud

Hi,

I am trying to integrate with our Microsoft Defender instance from Xsoar Cloud. Right now I am trying to create a playbook task to add an item to the Tenant Allow Block List (TABL). Looks like the only way is via Powershell. I have a script that

...

Error Handling In Playbooks/Integrations

Hi All,

I want to know is there any built in configuration/settings/playbook or any module that helps to handle playbook error(error handling). Error/On Continue Task level error handling is not enough so i want if there is any integration issue or c

...

Syedhkt by L2 Linker
  • 568 Views
  • 1 replies
  • 0 Likes

8.9 On-prem Install Documentation Confusion

Hello, I'm trying to install our extra-small single server on-prem 8.9 XSOAR and ran into some confusion with the documentation. I didn't see a way to report the issue elsewhere so I thought it might be helpful here.
https://docs-cortex.paloaltonetwor

...

sackett by L1 Bithead
  • 434 Views
  • 1 replies
  • 0 Likes

XSOAR - Transform Language

Hello everyone, I would like to ask how to get the user.name value from this context data.
I tried using the syntax ${incident.labels.user.name}, but it didn’t work.

Here's the context structure:

{ incident: { ... labels: { user.name: ...

G.Anshar by L1 Bithead
  • 656 Views
  • 2 replies
  • 0 Likes

Changing Multiple Docker Images at once

Hey,

We are offline users

We updated from 6.12 -> 6.14, Then after the update, the docker images changed, and it's causing a lot of ": Script failed to run: failed to pull docker Image "demisto/python 3:3.11.10.113941"

 

Now, to fix it I need to chan

...

NivNet by L1 Bithead
  • 495 Views
  • 2 replies
  • 0 Likes

Download from War Room

Is there a script or command line call that can be used to download an entry from the War Room?

 

I have a script assigned to a button that generates a report and the report download is then entered into a War Room entry when executed/generated.

 

I

...

BPalmer_0-1746569185023.png
B.Palmer by L0 Member
  • 433 Views
  • 1 replies
  • 0 Likes
  • 1255 Posts
  • 43 Subscriptions
Top Solution Authors
Top Liked Authors