How to find incidents with a particular key present in context ?

whenever there is an email thread involved in the incident,  a field in the context is created as EmailThreads: [{email1 values}, {email 2 values}]

I want to find all the incidents which have this email thread involved.

Multi Tenant Automation

Hi,

Is there a way to run XSOAR automations across all tenants without having to place (push) the automation into all the tenants? 

If I wanted to write a script to pull all incidents across all tenants, how would I do that?

Thank you.

[Multi-Tenant] How to sync jobs to tenants

Hi everyone, I want to create a job to run everyday at 12pm to check if any license in the tenants expires in a week. The main account doesn't have the jobs tab. so I can't simply sync the job to all the tenants. What are my options?

Setting IncidentName and IncidentSeverity with Incoming Mapper

Hello,

I am trying to set the IncidentName and IncidentSeverity of an XSoar incident with the incoming mapper but it does not work. Ive tried googling and reading up but I cant find how you are supposed to set these fields.

Has anyone done this b

Mulesoft integration with XSOAR

Hi,

I wanted to integrate Mulesoft with XSOAR, Since Mulesoft is not available in XSOAR marketplace, looking for Mulesoft' s REST API documentation or connector which will be helpful to develop custom integration in XSOAR. Can you help me to get th

update-remote-system command not getting triggered

Is it necessary to add a tag to the entry or comment in XSOAR to get it mirrored on remote incident?

Suppose, I do not add a tag to a note/war room entry, then do I get that entry in the "UpdateRemoteSystemArgs"?

URLscan.io's SOAR spot: Chatty security tools leaking private data!

Community, have you noticed that we may be accidentally exposing confidential information of the users we protect by submitting URLs for analysis to URLscan.io?

Credits to: FABIAN BRAUNLEIN

• Sensitive URLs to shared documents, password reset pages

Timeout in task not working

Hello,

Timeout configuration does not function in "ScheduleCommand" task using an automation. The timeout is set inside the task in Advanced Tab->"Execution timeout(seconds)" and inside the automation in Settings->Advanced->Timeout(seconds), but is n

How to uninstall deprecated integration in XSOAR

Hello,

I'm trying to uninstall the deprecated integration in XSOAR. However, when I search for them in the Marketplace, they don't appear. Any clue?

Filter out incidents having email communications associated with it

From all the incidents I have, I want to filter out the incidents having email communications associated with them.
There are several fields in the context and in the incident of the context that identifies an incident as email communications associat

Help ML models

Hello,

I need some help to understand how ML models work in XSOAR. In the documentation, I can only see models related to emails.

I'd like to create a model just with the close reason, False Positive or True Positive. I already trained the model, how