I have deployed a number of other roles using SAML successfully. Now when it comes to assigning the Read-only role this has become a challenge. Unlike the other previously configured roles that also included not only the SAML mapping but also the Shi
I am attempting to close a single incident via the XSOAR API and the Batch Close Incidents endpoint (POST /incident/batchClose). The information about my request and the response are posted below. The status of the incident was new before I sent the
If any integration(RSA Netwitness or Syslog) in XSOAR is failed and got some error then can I send mail to any team member as integration got some error. I have already configured System diagnostic but it cannot work.
The integration created does pull the tickets .However i couldn't see rawjson field getting updated though using the below line.I couldn't do field mapping as i can't see the data on choosing instance under classification and mapping
I am having difficulty connecting my integration to microsoft defender with the grant type as client credentials. if anyone is familiar with making calls to api's and receiving tokens, I would definitely need your assistance.
I have the integration enabled and configured using the requirements stated in the Marketplace, but when I try to load the dashboard it says I don't have the SSH integration enabled. But I do, and I have a local user and have tested it manually, so I
We're trying to develop a playbook that first look at similar incident (FindSimilarIncidents) before proceeding but it isn't able to find any similar incident (even when we have duplicate of the current incident).