This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! Pre Processing Rules Logs

Dear Experts, I have configured Cortex XSOAR to ingest cases/alerts, but for certain conditions, I want to prevent these from becoming incidents or triggering playbooks. I’ve created a script to drop alerts that meet specific criteria. However, I need to maintain a record of which alerts were dropped and, if possible, send notifications about th...

Syedhkt by L2 Linker
  • 1993 Views
  • 2 replies
  • 0 Likes

Problem 1 in 1,000,000? I hope not

hello community! I hope you are doing well. I'm here to ask a question that PAN support didn't know how to deal with and maybe some of you have already gone through the same thing. It was Saturday morning and xsoar and its functions were completely frozen, absolutely nothing was running. As XSOAR administrator, this had already happened so I res...

XSAOR - 503 Service Temporarily Unavailable Issue

Hello, I'm currently implementing Cortex XSOAR On-Prem 8.8. I'm fairly new to this product. I have deployed the VM and cluster configuration completed successfully. I was able access GUI and do the basic configurations. After I updated the version to 8.8.x, I'm getting "503 Service Temporarily Unavailable" How can I fix this issue ?

Integration of SIEM Instances with Load Balancer IPs

Can we integrate two instances of the SIEM, given that both IP addresses belong to the same SIEM but are associated with load balancer IPs? However, if we integrate both instances, there is a slight chance of data duplication. What would be the best approach to integrate with the load balancer IPs while avoiding any duplication? Cortex XSOAR

whois integration issue

Hi Everyone, I am enriching domain with domain command of whois but i got issue if any one of domain has no data at their server side for example [Domain1,Domain2] whois will return error if any one of domain data is missing. I just want if no data for one domain just skip it and return ,me remaining Cortex XSOAR #whois #integrations

Syedhkt by L2 Linker
  • 447 Views
  • 0 replies
  • 0 Likes

proofpoint-tr-get-list (Gets items for the specified list)

Hello, In proofpoint threat response integration there is a command : proofpoint-tr-get-list (Gets items for the specified list). I need some guidance on what this command do and what list ID needs to provide to get contents? proofpoint-tr-get-list (Gets items for the specified list) Any guidance would be appreciated. Thank you,

Divyesh by L0 Member
  • 365 Views
  • 0 replies
  • 0 Likes

Resolved! XSOAR CMDB - SQL issue

Hi everyone,I'm trying to use Cortex XDR and Cortex XSOAR to build a basic CMDBIn my XSOAR playbook, I run an XDR XQL query, then try to insert the results into an SQL database using the sql-command automation. The command looks like this:INSERT INTO Devices ( [hostname], [serial_number], [model], [MAC ADD], [IP Address], [Vendor], [Profile], ...

tlmarques by L4 Transporter
  • 1379 Views
  • 1 replies
  • 0 Likes

Question about the execution of the Set Assignee Task

In my playbook, I have a task that runs the Set Assignee Task script, sending an email as a parameter. During the flow execution, this task remains in the waiting status, displaying the message: waiting for user input to continue this task. I would like to understand why this task is not executed automatically.

Problem with Cisco WSA Proxy integration

Hello Team, I have a problem with Cisco WSA Proxy integration. I'm trying to connect XSOAR with Cisco WSA Proxy through Cisco WSA v2 integration. The user for this API has full administrator rights, authentication is successful, and I get a response for a GET request - !cisco-wsa-url-categories-list successfully. When I'm trying to execute ...

YuliyanD by L0 Member
  • 1260 Views
  • 2 replies
  • 0 Likes

Adding a Timestamp/Date to Custom Report Subject

Hola Livecomm, I have a very trivial question; I want to define a custom subject for my reports to include the date or timestamp of when it runs. I have researched this extensively and have found the Server Configuration Key for this but it does not guide me on how to add a variable that can include the date of which the report has run. For exam...

Resolved! Where is the XSAOR 8 CLI Reference?

In the XSOAR 8.x documentation there are examples of CLI commands, including Integration commands, system commands, and information about how to escape specific characters.However, try as I might, I can't seem to find an authoritative XSOAR CLI reference. Browsing down the list of possible commands in CLI might be OK in a pinch, but it's no subs...

mattem by L1 Bithead
  • 3149 Views
  • 1 replies
  • 0 Likes

Customfield in JIRA

Hi,I have integrated JIRA with XSOAR.I have created a custom field in JIRA which has a dropdown list with options. I want the value to be populated in JIRA by XSOAR.I am using jira edit issue automation where I am providing {"fields":{"customfield_xyz":{"value":"${abc.answer0}"}}} in issuejson. I can see the abc.answer in task output of the play...

Himangi by L2 Linker
  • 664 Views
  • 1 replies
  • 0 Likes

Resolved! Cortex XSOAR - Best Practice Optimize Threat Intelligence Management (TIM)

Dear Community, I read the documentation about Threat Intelligence Management (TIM) from this article before https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/what-is-everyone-doing-with-their-tim-license/td-p/548211?attachment-id=12602. However, that document is not updated, and there is no mention of best practices for managing T...

AFaruq_0-1750923154291.png
A.Faruq by L1 Bithead
  • 1638 Views
  • 1 replies
  • 0 Likes
  • 1298 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks