closing duplicated tickets in XSOAR & Splunk automatically

Hello,

i am trying to close duplicated tickets on XSOAR and Splunk automatically using pre processing rules (for closing on XSOAR) and post processing rule (for closing on Splunk) which i wrote a script for

However i cannot test the post processing

'command is supported from engine version 6.0 and above' error when testing Cisco ISE integration

Hi,

When testing Cisco ISE OOTB integration in XSOAR getting ' Wait time:1m0s. Note that command is supported from engine version 6.0 and above' error. But we are running on 6.9 version. Can someone help me with this please.

Thanks,

Getting this error when enabling malwarebytes #xsoar integration

Executed: test-module
Instance Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955
Arguments {}
Start time 2022-10-21T16:15:27.798846102-04:00

2022-10-21T16:15:28.151429016-04:00 info: (Malwarebytes_OP360bae6c541-5338-433c-8e65-0698f6d1e955_Malwareby

Search IOCs on VirusTotal Faster

We are running a playbook to search a list of IOCs on VirusTotal, the list is received by an attachment on incident creation. The playbook then exports the VirusTotal scores into the war room as a csv file. All this is achieved by manual indicator cr

XSOAR Tenant RO access

Hi All,

In an environment where one has a multi tenant setup, what is required from a licensing perspective in order to setup an account (pref read only) to be able to view both the master and any child tenants within. requirement for this account is

Microsoft Sentinel Integration

I am having the following error while trying to create an instance of  "Microsoft Sentinel Integration":

Script failed to run: Error: [Traceback (most recent call last): File "<string>", line 1, in <module> NameError:

Get MFA authentication methods

Hello community!

I was wondering if there's any integration that would allow me to get the defined authentication methods for a given user. The use case is to know if someone who has entered credentials in a phishing portal has MFA enabled or not a

Not able to create a file in the artifacts folder using automation

I run a query in indicator tags:malicious, I am able to get expect result, 

Then I run the build in automation "GetIndicatorsByQuery" in playground,  it shows there is a file created, however when I download the file the content is all  [{}, {}, {}

Avoid using too many containers

Hello,

We're trying to avoid using too many containers. In order to reduce it, we have come up with two options for the automation:

• Use the exact same container for automations (If they use the same libraries)
• Or use the empty "Docker image name" opti

How to get the Azure Active Directory Users Roles using the Cortex XSOAR ?

I want to get the roles which are assigned to Azure Active Directory user. Is there any way we can get these details using the Cortex XSOAR. I have tried Azure Active Directory Graph Users get-user command, but this command doesn't give roles assigne

Multitenant and JOB

Hi everyone,
I use a multi-tenant structure. As you know, JOBs are not distributed between tenants.
I have more than twenty tenants. I want to create a structure that will send a notification in case any of them get an error in the integration (unable

Mirroring Issue in Between SOAR host and a tennat

Hello everyone,

We have a mirroring problem within 1 tenannt and 1 soar host/server. Both of them are in the same network/side. Some how we can search incidents from tennant to soar host, however while using mirroring integration in order to provid