Hi,
Can we use Active Directory Authentication integration for authenticate users into XSOAR, when we are using Azure AD.
If not, what is the integration best suitable?
Thanks
Hello,
We're using a JSON list to store some metrics in XSOAR. We'd like to have all this information in a visual way at the dashboard so the analysts can see what's happening.
Hi all,
I want to value in list and i use ${list.list_name.${account_name}} but this is what happens after running that ${list.list_name.realaccountname}.
How can i do that?
Hello,
I've some urls to introduce in a JSON list the command used are this one to encode:
#encode to ASCII
url.encode(encoding='ascii',errors="ignore").decode()
In the context the variable is perfect, however inside the JSON list it's not. Even
...
Dears,
Kindly need your clarification for the below scenario in my environment:
-- We have a XSOAR deployment and we need to deploy HA and DR to it, the current situation is that we have Basic installation with Bolt DB.
-- So After reading the gu
...
Hello,
There's a list in json format named "domainUrlStatus":
{"domain1.com": {
"url1.com": {
"status": "up",
...
Hi everyone,
I'm trying to use the GenericPolling playbook to wait for the "COMPLETED" status of a query in a QRadarv3 Integration. I use the following configuration:
Ids: ${QRadar.Search.ID}
PollingCommandName: qradar-search-status-get
PollingCommand
Should there be any concerns regarding to XSOAR server engine load if mirroring continues to run after closed XSOAR incidents?
Note: This question was asked during the Cortex XSOAR Customer Success Webinar: Mirroring
what if the closed ticket will be re-opened from SerciveNow (snow)?
Note: This question was asked during the Cortex XSOAR Customer Success Webinar: Mirroring
Hi all,
I was trying to make a playbook where I had a set of hashes extracted from a text file and then search on CbAppControl.
After searching, it would return the filename of the hash and the computers where the hash was detected.
Right now the
...
Hi,
I'm looking to map specific playbook task results to respective sections in the layout. Saved filter queries are defined at very high level and are not helping me. How can this be done? Thanks in advance.
Hello,
XSOAR and XDR are used with mirroring, when an incident is closed from XSOAR it's closed in XDR too. However, the alerts in XDR are not. So an script is needed in XSOAR to close those XDR alerts. How is this is script done? where should be set
...
We publish guides/playbooks on a 3rd party site for our analyst to use when troubleshooting an incident.
that 3rd party site has an api.
I've successfully pulled the guide / page into the warroom and it displays and returns correctly using return_re
...
If I configure the integration in SOAR using an API key from Cisco Secure Cloud Analytics, I get an authorization error:
Executed: test-module
Instance Stealthwatch Cloud_instance_1d4e2580e-a33d-4ace-8877-59165345b343
Arguments {}
Start time 2022-07-2
| User | Likes Count |
|---|---|
| 1 | |
| 1 | |
| 1 | |
| 1 |
