Hello, I'd like to send direct messages using Microsoft Teams from XSOAR. No command was found inside Microsoft Teams integration to do it. Do you know how can create this feature?
I am trying to create a table something like this: I already have arrays (of names in this example) for each situation. So my HasX array would be like ["John", "Roger"] and my 'doesn't have X' array would be ["Steve"], and similar for Y with ["Roger", "Steve"] and ["John"] for the two properties. I feel like I have all the information to ...
Hi Team, I'm trying to get the output field which I want in "jira-issue-query" command. But I couldn't be able to get it. Below are the default outputs for Jira Issue. Now I want only one particular Field as an output. So I used Extend Context field to get the desired output (in this case, I want only the "ID" field as an ouput) But, I'm no...
Hi, Does someone know how long the demisto requires to complete the sync license from the primary server to the backup server? Please note you are posting a public message where community members and experts can provide assistance. Sharing private information such as serial numbers or company information is not recommended.
Our current setup mirrors incidents by post processing scripts. Bulk incident close makes too much noise in the system. It creates a container for each incident at the same time. It can overload the system from time to time. How does mirroring in the integration work? Does it mirror incidents one by one without creating a container for each?
Hi, Is there a way to configure pre-process rule to link and run preprocess script? I have to link incidents with few identical fields and set some fields values using script. I thought to make preprocess script which will do both, but I ran into a problem. As I see during preprocess the incident doesn't have ID assigned yet, so I can't use co...
Hi All, I'm attempting to add a custom field to the edit feature in XSOAR and cannot find any documentation when it comes to having that field show up in the edit form when editing multiple incidents regardless of type. When the edit layout is updated for any incident type, it is only used when editing a single incident of that incident type. ...
What is the best path to change XSOARs incident severity to match the severity another tool is pulling in? Ex. PhishER (KnowBe4) has it's own severity field called "PhishER" Severity, I want XSOAR's severity to mirror the incoming PhisihER severity
Hi All, "Jira-edit-Issue" task has some default Arguments as Inputs (eg: IssueID, priority,status, summary, description etc.,). Now I need to add new field as Inputs to edit jira issue from XSOAR. Can anyone tell how to include/add new inputs in task ? Thanks, Keerthi
Hello, Sometimes on instance fails pulling the data, however the instance has connection. It's just an error feeding the instance. How can a job be created to check is a pull has failed?
Hello, I receive many alerts of the same type each day creating an incident for each. I would like to put together all them in an incident and avoid creating incidents individually. So it will be solved just once.
Hello, I followed this docker hardening documentation to harden the docker containerzied environment for Cortex XSOAR solutin. I added the first server configuration key as this (docker.run.internal.asuser = true), and reset docker containers then issue this command (!py script="import os;print(os.getuid())") to validate if docker currently...
Hey! I'm trying to get a widget on a dashboard that shows a field and how many times it has triggered next to it.Example: Name: | Alert Count: ---------------------------------------------- Department 1 | 4 Department 2 | 2Department 3 | 6I know the horizontal bar allows you to group by a sp...
Hello, Now we are using CiscoEmailSecurity (Beta) integration for version 13.8.1, and is going to be updated to 14.2.0. How could we know if it's compatible? Thanks
Why is there a separate dictionary returned from demisto.incident? Does it matter whether a field is custom or builtin demisto.incident()['CustomFields']['myfield']I am asking this because I am thinking about implementing a custom function in CommonUserPython to grab field values without worrying about if the field is custom or built-in. Would t...
