Resolved! DEV PROD XSOAR Engines
Is it possible for DEV and PROD servers to use the same set of engines?
#DEV
#PROD
#XSOAR
#ENGINE
Is it possible for DEV and PROD servers to use the same set of engines?
#DEV
#PROD
#XSOAR
#ENGINE
Hi,
As per below link the integrations can be executed REST API, webhooks, and other techniques. So I'd like to know about what are the other methods available in XSOAR platform.
https://xsoar.pan.dev/docs/concepts/concepts#:~:text=Product%20inte
...
Hi,
In one of the XSOAR documentation its mentioned "For all Linux deployments except RHEL 7.x (for example Ubuntu, CentOS, etc.). Automatically installs Docker, downloads Docker images, enables remote engine upgrade, and allows installation of mul
...
Hi,
In a playbook I'm using the automation 'send e-mail (EWSO365)'.
In the body of the email I'm adding a list that the playbook has generated as following:
Dears,
Kindly need your support to get an answer for the following case:
We are A MSSP environment, we have many clients.
Our deployment is multi-tenant deployment with multiple hosts and each host has only one tenant on it.
Our deployment is using a dat
An Api call is created in an automation program. The call to the API needs to wait for a value to set to "FINISHED", so a while loop is created waiting for this value. However, I'd like to know the current status of this value setting the value in co
...
Dears,
Kindly need your support for the following:
• we need to install the below as security controls on our XSOAR server (RHEL8):
o McAfee Endpoint security (latest version) for Linux.
o Cyber Reason EDR.
• kindly provide what is the Antivirus exclus
Hi,
A pre-process rule tests some condition and "link-close" incident into a previous one, and this works great. But i need to close related offense in qradar as well as the xsoar itself, with a sole preprocess rule deployed incident is closed in xso
...
When the integration is used on non-existent hash:
!file file=2795b688bb5918e092e0ee33cd25aa98
Then it end with error:
Reason
Have followed this kb however under instance, it is still unable to test successfully when unchecking the trust all certification options under the integrated instance.
https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoar-admin/d
...
Hi,
I am trying to create playbook where IOCs are extracted and enriched and then values are send as a PDF file via email.
I reached the part where the IOCs are parsed and enriched, but I am stuck at creating the PDF file.
Is it possible to create a PD
...
Hi Team,
Can you please help here to integrate Cisco ESA(API V2) with XSOAR . I have tried with the following integration from marketspace "Cisco IronPort Email API (Community Contribution)" which is developed using API v2. But unfortunately It pop
...
Hello everyone,
While testing the integration of Splunk to XSOAR with Splunkpy, I'm getting this error:
Anyone know how to solve it?
Thanks for your support.
Hey guys,
I'm working on separating internal and external IP(s) on a playbook and I want to use those values in a email body. So currently I'm using a temporary list to store IP(s) then call when needed in the same playbook with ${lists.templist}.
...
Hi,
I want users to authenticate in Cortex XSOAR before answering the form sent by mail like explained here https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-5/cortex-xsoar-admin/playbooks/playbook-tasks/communication-tasks/create-a-data-collec
...