This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! Question regarding using common argument "execution-timeout" in the python code.

While running a command in the XSOAR, there is a common argument named "execution-timeout" which increases the timeout for the command. Can I use this argument directly in the python code? What I want to achieve is, I have one command which is taking more than 5 minutes (which is the default timeout for a command) to complete. Now, I don't want ...

Resolved! Copy Paste Task between playbooks

Is there a way to copy/paste tasks between playbooks? I have many occasions when similar task logic can be reused elsewhere (and I am not talking sub-playbooks here) and the quickest way to be copy/paste the task in the new playbook. However the copy function seem to be limited to a current playbook only, dragging the task to different playbook...

Antanas by L2 Linker
  • 3634 Views
  • 2 replies
  • 1 Likes

Mulesoft integration with XSOAR

Hi, I wanted to integrate Mulesoft with XSOAR, Since Mulesoft is not available in XSOAR marketplace, looking for Mulesoft' s REST API documentation or connector which will be helpful to develop custom integration in XSOAR. Can you help me to get those details if you have already developed custom integration for Mulesoft. Thanks in advance.

DP696 by L2 Linker
  • 2025 Views
  • 1 replies
  • 0 Likes

update-remote-system command not getting triggered

Is it necessary to add a tag to the entry or comment in XSOAR to get it mirrored on remote incident?Suppose, I do not add a tag to a note/war room entry, then do I get that entry in the "UpdateRemoteSystemArgs"? Currently, I am not getting that entry in the "UpdateRemoteSystemArgs". Is it so that I have done something wrong in configura...

Resolved! Execute playbook using an instance

Hi, we have an integration with different instances, and we want to execute a builtin playbook, inside another playbook, but we need to indicate which instance we want to use. The playbook does not have an "Advanced->Using" Field. Is there any way to set the instance? Or maybe do i need to clone the playbook, create an argument for the instan...

MTubia by L1 Bithead
  • 2195 Views
  • 1 replies
  • 0 Likes

URLscan.io's SOAR spot: Chatty security tools leaking private data!

Community, have you noticed that we may be accidentally exposing confidential information of the users we protect by submitting URLs for analysis to URLscan.io? Credits to: FABIAN BRAUNLEIN Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more are publicly listed and searchable on urlscan.io, a se...

urlscan.PNG
XSOAR CONFIG - Prevent.png

Resolved! XSOAR Multi-Tenancy Architecture and System Requirements

Hi, I am planning to deploy 1 main machine and 4 host machines. I'll keep all the tenants in the host machines so the main machine won't have any tenants (I read somewhere that this is the recommended deployment). I want to save resources if possible so what is the minimum system requirements for the main machine with no tenants? The multi tenan...

Timeout in task not working

Hello, Timeout configuration does not function in "ScheduleCommand" task using an automation. The timeout is set inside the task in Advanced Tab->"Execution timeout(seconds)" and inside the automation in Settings->Advanced->Timeout(seconds), but is not working. Am I missing something?

Josep by L4 Transporter
  • 1346 Views
  • 1 replies
  • 0 Likes

Filter out incidents having email communications associated with it

From all the incidents I have, I want to filter out the incidents having email communications associated with them.There are several fields in the context and in the incident of the context that identifies an incident as email communications associated.Can anybody help me with this ? maybe using any specific field from context or incident.

Help ML models

Hello, I need some help to understand how ML models work in XSOAR. In the documentation, I can only see models related to emails. I'd like to create a model just with the close reason, False Positive or True Positive. I already trained the model, however, I don't know exactly which are the inputs of the training or the inputs to use the model.

Josep by L4 Transporter
  • 1565 Views
  • 1 replies
  • 0 Likes

Question Regarding Mirroring Integration In Cortex XSOAR

I've a couple of questions regarding mirroring in Cortex XSOAR which are listed below. 1. Is it possible to change the status of the XSOAR incident from Pending to Active in the get-remote-data command? I have checked couple of mirroring integration (e.g. ServiceNow v2, XSOAR Mirroring) and they are only closing the XSOAR incident once the remot...

Multiple Question realted to assign owner from playbook

Guys, I Have Phishing Playbook consists of two big parts: a- L1 Phishing playbook. b- L2 Phishing playbook. The flow starts from L1 doing the needed automation and tasks like (Extracting IOCs, Headers, Doing Enrichment, making Splunk searches, .... etc.) Then it will stop at the stopping point which ask the Analyst to categorize which type ...

  • 1298 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks