XSOAR Tenant RO access

Hi All,

In an environment where one has a multi tenant setup, what is required from a licensing perspective in order to setup an account (pref read only) to be able to view both the master and any child tenants within. requirement for this account is

Microsoft Sentinel Integration

I am having the following error while trying to create an instance of  "Microsoft Sentinel Integration":

Script failed to run: Error: [Traceback (most recent call last): File "<string>", line 1, in <module> NameError:

Get MFA authentication methods

Hello community!

I was wondering if there's any integration that would allow me to get the defined authentication methods for a given user. The use case is to know if someone who has entered credentials in a phishing portal has MFA enabled or not a

Not able to create a file in the artifacts folder using automation

I run a query in indicator tags:malicious, I am able to get expect result, 

Then I run the build in automation "GetIndicatorsByQuery" in playground,  it shows there is a file created, however when I download the file the content is all  [{}, {}, {}

Avoid using too many containers

Hello,

We're trying to avoid using too many containers. In order to reduce it, we have come up with two options for the automation:

• Use the exact same container for automations (If they use the same libraries)
• Or use the empty "Docker image name" opti

How to get the Azure Active Directory Users Roles using the Cortex XSOAR ?

I want to get the roles which are assigned to Azure Active Directory user. Is there any way we can get these details using the Cortex XSOAR. I have tried Azure Active Directory Graph Users get-user command, but this command doesn't give roles assigne

Multitenant and JOB

Hi everyone,
I use a multi-tenant structure. As you know, JOBs are not distributed between tenants.
I have more than twenty tenants. I want to create a structure that will send a notification in case any of them get an error in the integration (unable

Mirroring Issue in Between SOAR host and a tennat

Hello everyone,

We have a mirroring problem within 1 tenannt and 1 soar host/server. Both of them are in the same network/side. Some how we can search incidents from tennant to soar host, however while using mirroring integration in order to provid

Data Collection task customization send by email (email interface + the interface of the website opened from the generated url)

Hello.
We are working on a data collection task sent by email and we would like to edit the interface of the sent email + the webpage that opens from the url generated in the email.

I have found solutions for the interface of the sent email by setting

Data Collection Fields

Hello all, 

Is there a way to add attachments to an email that is sent using the ask by email function under the data collection option? I am trying to link evidence to a case so the end user can view the evidence and then make decisions based off of

[Multi-Tenancy] Cortex XDR Connected Endpoints tenant by tenant

Hi everyone,

In a dashboard, I want to display the total number of connected endpoints tenant by tenant with a pie chart if possible. There is a script named "XDRConnectedEndpoints" however it can only display the total number in all tenants. How s