Disaster recovery and High Availabilty

Dears,

Kindly need your clarification for the below scenario in my environment:

-- We have a XSOAR deployment and we need to deploy HA and DR to it, the current situation is that we have Basic installation with Bolt DB.

-- So After reading the gu

Get/modify nested JSON list value

Hello,

There's a list in json format named "domainUrlStatus":

{"domain1.com":               {

                               "url1.com": {

                                               "status": "up",

CBAppControl - Passing hash and getting respective values

Hi all,

I was trying to make a playbook where I had a set of hashes extracted from a text file and then search on CbAppControl.

After searching, it would return the filename of the hash and the computers where the hash was detected.

Right now the

Specific Playbook task results to layout

Hi,

I'm looking to map specific playbook task results to respective sections in the layout. Saved filter queries are defined at very high level and are not helping me. How can this be done? Thanks in advance.

Create script to close XDR alerts from XSOAR.

Hello,

XSOAR and XDR are used with mirroring, when an incident is closed from XSOAR it's closed in XDR too. However, the alerts in XDR are not. So an script is needed in XSOAR to close those XDR alerts. How is this is script done? where should be set

Long Text Field Error when setting field with setIncident

We publish guides/playbooks on a 3rd party site for our analyst to use when troubleshooting an incident.
that 3rd party site has an api.

I've successfully pulled the guide / page into the warroom and it displays and returns correctly using return_re

XSOAR Cisco Secure Cloud Analytics (stealthwatch) integration

If I configure the integration in SOAR using an API key from Cisco Secure Cloud Analytics, I get an authorization error:

Executed: test-module
Instance Stealthwatch Cloud_instance_1d4e2580e-a33d-4ace-8877-59165345b343
Arguments {}
Start time 2022-07-2

Create dashboard or mail to report updates in own XSOAR content packs.

Hello,

We're having some problems with some content packs compatibility in XSOAR, normally we update all them as soon as possible. However, sometimes they fail, so going back to the last version is needed. We'd like to have some visual information ab

Threat Intelligence - Sitelook Symantec and McAfee

Dears, we want to enrich our indicators from McAfee sitelook and Symantec Sitelook, suppose that we have a scipt that get the results?? how can we create the custom threat intelligence feeds in xsoar ??

wildfire-get-sample (WildFire-v2) Permission Denied

Hello

I'd like to use wildfire-get-sample (WildFire-v2)

In the instances settings there is only one entry: API.

That API I get from https://eu.wildfire.paloaltonetworks.com/wildfire/account

In the instances I do a Test an it returned as "Success"