Resolved! How to get value in nested variable?
Hi all,
I want to value in list and i use ${list.list_name.${account_name}} but this is what happens after running that ${list.list_name.realaccountname}.
How can i do that?
Hi all,
I want to value in list and i use ${list.list_name.${account_name}} but this is what happens after running that ${list.list_name.realaccountname}.
How can i do that?
Hello,
I've some urls to introduce in a JSON list the command used are this one to encode:
#encode to ASCII
url.encode(encoding='ascii',errors="ignore").decode()
In the context the variable is perfect, however inside the JSON list it's not. Even
...
Dears,
Kindly need your clarification for the below scenario in my environment:
-- We have a XSOAR deployment and we need to deploy HA and DR to it, the current situation is that we have Basic installation with Bolt DB.
-- So After reading the gu
...
Hello,
There's a list in json format named "domainUrlStatus":
{"domain1.com": {
"url1.com": {
"status": "up",
...
Hi everyone,
I'm trying to use the GenericPolling playbook to wait for the "COMPLETED" status of a query in a QRadarv3 Integration. I use the following configuration:
Ids: ${QRadar.Search.ID}
PollingCommandName: qradar-search-status-get
PollingCommand
Should there be any concerns regarding to XSOAR server engine load if mirroring continues to run after closed XSOAR incidents?
Note: This question was asked during the Cortex XSOAR Customer Success Webinar: Mirroring
what if the closed ticket will be re-opened from SerciveNow (snow)?
Note: This question was asked during the Cortex XSOAR Customer Success Webinar: Mirroring
Hi all,
I was trying to make a playbook where I had a set of hashes extracted from a text file and then search on CbAppControl.
After searching, it would return the filename of the hash and the computers where the hash was detected.
Right now the
...
Hi,
I'm looking to map specific playbook task results to respective sections in the layout. Saved filter queries are defined at very high level and are not helping me. How can this be done? Thanks in advance.
Hello,
XSOAR and XDR are used with mirroring, when an incident is closed from XSOAR it's closed in XDR too. However, the alerts in XDR are not. So an script is needed in XSOAR to close those XDR alerts. How is this is script done? where should be set
...
We publish guides/playbooks on a 3rd party site for our analyst to use when troubleshooting an incident.
that 3rd party site has an api.
I've successfully pulled the guide / page into the warroom and it displays and returns correctly using return_re
...
If I configure the integration in SOAR using an API key from Cisco Secure Cloud Analytics, I get an authorization error:
Executed: test-module
Instance Stealthwatch Cloud_instance_1d4e2580e-a33d-4ace-8877-59165345b343
Arguments {}
Start time 2022-07-2
I am having a little problem uninstalling the demisto server and the documentation isn't clear enough for me to follow(Uninstall Cortex XSOAR (paloaltonetworks.com) I tried the command specifed in the documentation and nothing happened which means th
...
Hello,
We're having some problems with some content packs compatibility in XSOAR, normally we update all them as soon as possible. However, sometimes they fail, so going back to the last version is needed. We'd like to have some visual information ab
...
Dears, we want to enrich our indicators from McAfee sitelook and Symantec Sitelook, suppose that we have a scipt that get the results?? how can we create the custom threat intelligence feeds in xsoar ??
Subject | Likes |
---|---|
1 Like | |
1 Like | |
1 Like | |
1 Like | |
1 Like |
User | Likes Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |