Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Endpoint Antivirus Exclusion list

Dears,

 

Kindly need your support for the following:

• we need to install the below as security controls on our XSOAR server (RHEL8):

o McAfee Endpoint security (latest version) for Linux.

o Cyber Reason EDR.

kindly provide what is the Antivirus exclus

...

Resolved! Linked incident offense close

Hi,

 

A pre-process rule tests some condition and "link-close" incident into a previous one, and this works great. But i need to close related offense in qradar as well as the xsoar itself, with a sole preprocess rule deployed incident is closed in xso

...

Resolved! Search custom fields in report query

Hi,

 

I think subject is clear enough that what i want to  , for some reason i want to query on some custom fields in report query page. As below pictures presents "domain" is the custom field that i need to query but no way to call it in report que

...

MKececioglu_0-1658219660817.png
MKececioglu_1-1658219709934.png

accepting custom cert -failed

Have followed this kb however under instance, it is still unable to test successfully when unchecking the trust all certification options under the integrated instance.

 

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoar-admin/d

...

Aneo_0-1657771048980.png

Create a PDF file from context

Hi,

I am trying to create playbook where IOCs are extracted and enriched and then values are send as a PDF file via email.

I reached the part where the IOCs are parsed and enriched, but I am stuck at creating the PDF file.

 

Is it possible to create a PD

...

Communication Task Authentication failed

Hi,

I want users to authenticate in Cortex XSOAR before answering the form sent by mail like explained here https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-5/cortex-xsoar-admin/playbooks/playbook-tasks/communication-tasks/create-a-data-collec

...

lulu42 by L0 Member
  • 402 Views
  • 1 replies
  • 0 Likes

Handling errors in a playbook

I'm looking to change the flow of my playbook not only if errors are encountered in my tasks, but dependant also on what those errors are. I found a tutorial on docs.paloaltonetworks.com that included this:

 

Step 3: For new tasks, in the Task Name f

...

Resolved! SetGridField Issue

I'm testing the inbuilt playbook "Integrations and Incidents Health Check" ,  however it throws an error on the block which contains SetGridField, which is the error shown below.

 

 

I have few questions regarding the automation and troubleshooting,

1) W

...

vidurasupun_0-1655096548235.png