Cortex XSOAR Discussions

Resolved! HTTPS with a Signed Certificate

Hi,

As per the below link, XSOAR on-perm services by default use self-signed certificates for secure HTTP connections. It would be great if you confirmed this would be applicable for the hosted service as well.

https://docs.paloaltonetworks.com/co

...

Resolved! Installing Python Libraries for Custom Automations

I have a need to use a library called "Beautiful Soup" for scraping and HTML Parsing on a Custom Automation I am writing for use in a playbook. How do I install the dependencies so that I can use any library that I need ?

Traditional on VSCode I wou

...

Free Cortex XSOAR training!

Hello to all on the youtube channel for the live community there is a 6 hour free training. You can also test the free community edition for the Cortex XSOAR and schedule a workshop if want to play with the tool a little more:

https://www.youtube.c

...

Resolved! Returning output from scripts that run on indicators to the war room

Hi,

I am playing around with buttons on indicator layouts. The output from the script comes as a notification on the bottom of the screen. The output gets truncated if long. To overcome the problem I used the following lines of code.

```

command

...

How to remove Integration "cache" completely

Hi,

We are facing an issue where the integration ran into an error trying to pull an investigation from Secureworks, where an asset was not found, and the integration kept giving the same error continuously and would not pull the next investigation

...

Resolved! SLA Total Duration field in incident table

I can query successfully tickets that have an SLA > than X seconds.

What I'm having trouble with is displaying a field in the incident table.

For example: If i pull back tickets that have an SLA.TotalDuration > 2 days, I want to see the tickets an

...

Resolved! Replying to an Email using a Playbook

Hi All,

I need to automate customer follow ups using XSOAR. My requirements are as below.

Listen to emails and create incidents for each sent email - EWS V2 is being used for this
Once the initial mail is sent XSOAR will follow up with the custome

...

Resolved! Using Incident Variables Within Data Collection Web Form

Hello, I am attempting to use variables such as ${incident.name} within the Web Form in the section called "Short Description". After conducting tests I can see that It wont render any variables. They just appear as above. Now I can see that it suppo

...

Podman - Docker - new Integration

Why does every time I install a new Integration like (Splunk) I get a warning ( unavailable docker image 'demisto/python3XXXXXX' ) Used by Integration (name of the integration)?

although I have opened the access and if I go to the console i can pull t

...

Cortex XDR Incident

Hello everyone, we started dealing with Cortex XDR and after getting the furst Incident, I am kinda lost. I am not even sure whats the issue, there is a lot of "information" on the management console. For example, the Incident, under "Key Assets & Ar

...

If a pre-process rule fails how can it been seen if the incident hasn't been created?

Hello,

If a pre-process rule fails how can it been seen if the incident hasn't been created?

Could be that the the incident is created anyway?

Just to set in context:

A pre-process is created to introduce the playbook procedure documentation in the

...

Send Report to Slack

Hi,

I want to send the report created from Dashboard&Report section via slack. Is this possible? I only saw mail configuration.

How to count the playbook

We have a question for how to count the playbook?

We have a function with 3 product and 3 version.
How to count/quantify the playbook? Is 3 product X 3 vesrions =9 playbook?

For the playbook should different versions/bands be in the different playboo

...

Resolved! Subplaybook execution count

Hi!

Is there a way to count how many times was the specific subplaybook executed across mutliple/all incidents? How to ensure the number includes loops in subplaybooks?

The reason I need this number is to better understand ROI of the platform.

Th

...

Problems with the Integration "QRadar v3" - Mirroring not working and qradar-reset-last-run command not working

Hi everyone,

Anybody having problems with the Integration 'QRadar v3'?

In particular, I found two things that are not working:

- First, Offenses created in QRadar are not being creating Incidents on Cortex XSOAR.

I configured the integration fo

...

Discussions

Resolved! HTTPS with a Signed Certificate

Resolved! Installing Python Libraries for Custom Automations

Free Cortex XSOAR training!

Resolved! Returning output from scripts that run on indicators to the war room

How to remove Integration "cache" completely

Resolved! SLA Total Duration field in incident table

Resolved! Replying to an Email using a Playbook

Resolved! Using Incident Variables Within Data Collection Web Form

Podman - Docker - new Integration

Cortex XDR Incident

If a pre-process rule fails how can it been seen if the incident hasn't been created?

Send Report to Slack

How to count the playbook

Resolved! Subplaybook execution count

Problems with the Integration "QRadar v3" - Mirroring not working and qradar-reset-last-run command not working

XSOAR Dev to Prod - Builtin content repository

Still waiting on XSOAR Community Edition + Cortex XDR lab access

Result empty after using json2html script

Do we have XQL query builder feature in XSOAR

Where is the XSAOR 8 CLI Reference?

Re: XSOAR Dev to Prod - Builtin content repository

Re: delay in a playbook

Unlock your full community experience!

Resolved! HTTPS with a Signed Certificate

Resolved! Installing Python Libraries for Custom Automations

Resolved! Returning output from scripts that run on indicators to the war room

Resolved! SLA Total Duration field in incident table

Resolved! Replying to an Email using a Playbook

Resolved! Using Incident Variables Within Data Collection Web Form

Resolved! Subplaybook execution count