Recurrent data input problems in tasks

Hello,

Data key received from API calls don't always have the same format in the context. Example:

Sometimes it could be:

data.[0].results.username

data.results.[0].username

data.[0].results.[0].username

data.results.username

The API call is the one

XSOAR XDR Query Context Data Delay

Hi everybody,

could you please help me with following issue?

When I use XQL query to XDR dataset (!xdr-xql-generic-query) it returns correct data to the War room but before are this data moved to Context data it takes almost 5 minutes (No matter how

XSOAR Proofpoint TAP and TRAP Email Ingestion

Palo Alto XSOAR is not able to ingest Proofpoint's TAP (Targeted Attack Protection) or TRAP (Threat Response Auto-Pull) emails. Because of the automation that is being done with TAP and TRAP, these emails do not go through XSOAR for "phishing" analys

Update automation script docker image version automatically

I have an automation script which updates all the non custom docker images versions to the latest version of it.

 It works well and updates all the non custom docker images to the latest version of it from docker images.

Now I have some automation sc

Microsoft Graph Mail Single User application approvation

I tried to activate the approval process using this link: https://oproxy.demisto.ninja/ms-graph-mail-listener
The process stops with this screen after entering the credentials.

So I can't acquire ID, Token, and Key.
What could have gone wrong?

IronPort integration with XSOAR, receiving to mails

Hi, I wondered if it's possible to check URLs from mails via integration with XSOAR and then send a response with verdict to those address which was recipient for this mail under investigation? 

Maybe you can advice some features for realization or s

Test sample in the playbook

Hi,

Is it possible to influence the sample data that is shown in playbook edit mode, when using Test to validate the data in any task? I find that in some playbooks it can give me to select the latest incident of that type, but on others - it only

Appending Incident field from a script

Dears, 

I am blocking urls on a security control then save the value of URL in incident field name (blocked urls) using setIncident command, 

But every time I block new url the incident field is not appending the new url to the old url. It replace