Cortex XSOAR Discussions

'Failed to parse JSON object from response' while integrating Microsoft Defender for Cloud Apps with XSOAR

Hi,

I encountered the error 'Failed to parse json object from response: b'\r\n\r\n<!-- Copyright (C) Microsoft Corporation. All rights reserved.' when trying to integrate 'Microsoft Defender for Cloud Apps' using client credentials authentication meth

...

Export indicators with custom indicator fields

Our detection engineering team wants to upload a list of IOCs to XSOAR and get the VirusTotal scores of them as a csv file.

Through an automation I am extracting and enriching all the indicators and running

!ExportIndicatorsToCSV query="investigati

...

Resolved! Error with Set Command context

Hi all the community,
i face a problem when using set Command, you find bellow the error:

===ERROR

DBot
February 15, 2023 12:09 PM
Scripts returned an error
#2: add Test key to context
Command:

!Set key="test" value="abc" stringify="false" extend-context="

...

Resolved! Widget to display Active Logged in XSOAR user (SOC Analyst)

Does anyone have a script or know a way to display the currently signed-in XSOAR users?

Basically, i'd like a dashboard widget with active users signed-in....

Let me know your thoughts -

Thanks again,

Boyd

Resolved! XSOAR Community edition trial only 30 days

Hello,

I'm trying to deploy XSOAR at home just to try out some ideas. However, a 30 day trial is not enough time to attempt it.

Is there a way to acquire a limited version of XSOAR but with no time restriction?

Attentively,

Josep

Parse email attaachement using EWS V2 Extension

Hi all,
actually i am configuring an abuse email box that will receive all email that are suspected to be a phishing email,
actually when we send the suspected email as en EML attachement to the abuse email box that is alredy configured via EWS instanc

...

extend-context of multiple columns at once

Hi all.
I'm struggling a lot to solve a particular issue.
I am performing a Log analytics query which returns 4 columns (named AuthenticationRequirement, ResultType, ExternalUser and TrustedNetwork). The result could result in multiple rows with these

...

Resolved! Search custom fields in report query

Hi,

I think subject is clear enough that what i want to  , for some reason i want to query on some custom fields in report query page. As below pictures presents "domain" is the custom field that i need to query but no way to call it in report que

...

I want to attach attachment in incident using playbook.

Hi Team, I have one use case I wanted to attach an attachment in an incident using the playbook. So I have one command which retrieves attachments of particular incidents. I have created one playbook which first retrieves the attachment of a particu

...

XSOAR Search queries

Hello Team,

Trying to remove tags from multiple cases at one go however failed due to incorrect syntax.

!lr-case-tags-remove case_id:"16563,16532,16626" tag_numbers=154
Should it be split into multiple lines to execute? could someone assist me wi

...

Automate download of playbooks backup

Hello,

Is there any way to automate this?

Thank you in advance

Notify user by Microsoft Teams from XSOAR

Hello,

I'd like to send direct messages using Microsoft Teams from XSOAR. No command was found inside Microsoft Teams integration to do it. Do you know how can create this feature?

Resolved! Creation of table from arrays

I am trying to create a table something like this:

I already have arrays (of names in this example) for each situation. So my HasX array would be like ["John", "Roger"] and my 'doesn't have X' array would be ["Steve"], and similar for Y with ["R

...