Dears,
Kindly need your support for the following:
• we need to install the below as security controls on our XSOAR server (RHEL8):
o McAfee Endpoint security (latest version) for Linux.
o Cyber Reason EDR.
• kindly provide what is the Antivirus exclus
Hi,
A pre-process rule tests some condition and "link-close" incident into a previous one, and this works great. But i need to close related offense in qradar as well as the xsoar itself, with a sole preprocess rule deployed incident is closed in xso
...
Hi,
I think subject is clear enough that what i want to , for some reason i want to query on some custom fields in report query page. As below pictures presents "domain" is the custom field that i need to query but no way to call it in report que
...
When the integration is used on non-existent hash:
!file file=2795b688bb5918e092e0ee33cd25aa98
Then it end with error:
Reason
Have followed this kb however under instance, it is still unable to test successfully when unchecking the trust all certification options under the integrated instance.
https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoar-admin/d
...
When automation EmailAskUser is used, a wait task is placed after it waiting if there's an answer. If there's no answer the automation will stay there forever, a time threshold is needed to continue the automation. How can be this time limit set?
Hi,
I am trying to create playbook where IOCs are extracted and enriched and then values are send as a PDF file via email.
I reached the part where the IOCs are parsed and enriched, but I am stuck at creating the PDF file.
Is it possible to create a PD
...
Hi Team,
Can you please help here to integrate Cisco ESA(API V2) with XSOAR . I have tried with the following integration from marketspace "Cisco IronPort Email API (Community Contribution)" which is developed using API v2. But unfortunately It pop
...
Hello everyone,
While testing the integration of Splunk to XSOAR with Splunkpy, I'm getting this error:
Anyone know how to solve it?
Thanks for your support.
Hey guys,
I'm working on separating internal and external IP(s) on a playbook and I want to use those values in a email body. So currently I'm using a temporary list to store IP(s) then call when needed in the same playbook with ${lists.templist}.
...
Hi,
I want users to authenticate in Cortex XSOAR before answering the form sent by mail like explained here https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-5/cortex-xsoar-admin/playbooks/playbook-tasks/communication-tasks/create-a-data-collec
...
I'm looking to change the flow of my playbook not only if errors are encountered in my tasks, but dependant also on what those errors are. I found a tutorial on docs.paloaltonetworks.com that included this:
Step 3: For new tasks, in the Task Name f
...
Hey Guys,
I'm facing this issue that doesn't matter how malicious the IP is Dbotscore is being 1 for the VT IP automation,
Things I tried,
1. Setting a threshold in VT integration for 1.
2 . Setting the reliability to A+
2. Running the command
...
I'm testing the inbuilt playbook "Integrations and Incidents Health Check" , however it throws an error on the block which contains SetGridField, which is the error shown below.
I have few questions regarding the automation and troubleshooting,
1) W
...
Will a Phishing campaign ticket is opened automatically, If yes - when?
Note: This question was asked during our Customer Success Webinar: Phishing V3
Cortex XSOAR
