Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Integrating splunk with XSOAR.

Hi, Can someone help me with the below queries? We are in process of integrating splunk with XSOAR.It’s a cloud service and can be accessed via SplunkCloud and SplunkEnterpriseSecuritySuite. It should be integrated via SplunkCloud or SplunkEnterpriseSecuritySuite?What changes/configuration is needed at Splunk end to enable the integration.Th...

DP696 by L2 Linker
  • 5409 Views
  • 1 replies
  • 0 Likes

Resolved! Impossible to submit Support Case & issue with download link

Dear Community,We're sorry to have to reach out via a public discussion thread for such an issue, but we are struggling to get support from Palo Alto.We would like to try Cortex XSOAR as a solution, and applied to get a trial account. We did receive the license, but never got the download link. We tried to open a support case, but the ticket c...

BVEF by L1 Bithead
  • 4341 Views
  • 6 replies
  • 1 Likes

Obtain list content from api

Hi!I want to get the content of a list from the API REST. The endpoint /lists returns all lists and their content. Is there a way to get only the content of a list? In addition, the content of the list brings the line breaks and spaces corresponding to the pretty print of the json. For example: I can't find the documentation with the api endpo...

rdevega_0-1678707954535.png
rdevega_1-1678708140520.png
rdevega by L1 Bithead
  • 1802 Views
  • 1 replies
  • 0 Likes

Resolved! Need help on extract indicators from Email body

Hello Team, I have developed a playbook which extract indicators like IP,URL,Domain and Hash from Email body.but in some cases extract indicators and other automation which are available in xsoar cannot extract domains.can anyone suggest me how to extract domains from Email body.

Priyash7 by L0 Member
  • 4932 Views
  • 3 replies
  • 0 Likes

Extracting urls from html text

when I extract indicators from body of an email (the body of the email is in html format). I don't get the URLs, only the domains inside the URLs are extracted but the URLs itself not extracted. what I understand in extracting domains, that it works to extract emails and URLs then extract domains from it. Kindly find the attachment to show y...

No download Link

Hello I have received my license over email but the email does not contain any download link. Where can I get the files? Thanks.

JDiaz15 by L1 Bithead
  • 2785 Views
  • 5 replies
  • 0 Likes

XSOAR Ideal Development Environment

Hi everyone, we are a small team of 3 and trying to understand if we request more resources than necessary from our admins. We all have our own xsoar instances for development because we don't want to write to the same automation someone else is working on , basically we want isolation. Multi tenancy allows tenant level content upload but there ...

Teams integration in xsoar

Hi , I have few queries reg teams integration in xsoar. If we are integrating teams Using Cortex XSOAR rerouting1. what port should be opened from XSOAR2. What Urls should be whitelisted from XSOAR 3.if we are Creating the Demisto Bot in Microsoft Teams from Microsoft Developer Portal we will be able to generate client secret , should this be ad...

Import XSOAR incidents into MySQL DB

Hello all, I have MySQL DB to collect data from different projects/products and using Metabase to create dashboards. I would like to import all incidents into MySQL DB from XSOAR. Is there any integration can do it directly or I have to write python code to retrieve all incidents through XSOAR API? If API is the only option, should I use "Se...

ce13 by L1 Bithead
  • 1737 Views
  • 2 replies
  • 0 Likes

Cannot Impersonate user using the EWS O365 Integration in XSOAR

I'm trying to send mail from our service desk address and everytime DBOT produces an error "The user account which was used to submit this request does not have the right to send mail on behalf of the specified sending account., Cannot submit message." The azure app that the EWS O365 integration uses has the necessary API access to send mail a...

Splinter by L0 Member
  • 2502 Views
  • 2 replies
  • 0 Likes

Resolved! Content package is not able to update

Hi Friends, we are trying to update the content package and integrate it with any package into XSOAR it's showing the error: Could not install pack: could not create content item from file 'Lists/list-PrivateIPs.json'. invalid content item type 'list' Can anyone help me to solve this problem? Regards Vinay Cortex XSOAR

VinayKumarTM_0-1677851287923.png
  • 1305 Posts
  • 45 Subscriptions