Cortex XSOAR Discussions

Question from Playbook Optimization webinar: Outputs & Sub-Playbooks

What does happen if are there 2 outputs with the same name in a playbook containing more subplaybooks?

** Note: this is a question from our Customer Success Webinar: Playbook optimization in Cortex XSOAR

Cortex XSOAR

Question from Playbook Optimization webinar: Playbook best practices

any best practices for playbook?

** Note: this is a question from our Customer Success Webinar: Playbook optimization in Cortex XSOAR

Cortex XSOAR

Question from Playbook Optimization webinar: Sub-Playbook context keys

How can you access subplaybook context keys? I does not work sometimes to reach the subplaybook-xxx.

** Note: this is a question from our Customer Success Webinar: Playbook optimization in Cortex XSOAR

Cortex XSOAR

Question from Playbook Optimization webinar: Sub-Playbook quiet mode

Let's say we fix a sub playbook to run in quiet mode cos it's larger than 150KB. Will this affect the main playbook if it is dependent on the subplaybook output. Also will it fix all the older incidents that have already run ?

** Note: this is a qu

...

Question from Playbook Optimization webinar: Command modification

Is it possible to modify all instances of a command? For instance, if we wanted to change the "Run without a worker" setting on all usages of sleep - is that possible? Or would I need to do it 1-by-1? Or even possible per playbook maybe with multi-se

...

Question from Playbook Optimization webinar: Playbook unassigned

how can we unassigned the playbook?

** Note: this is a question from our Customer Success Webinar: Playbook optimization in Cortex XSOAR

Cortex XSOAR

Question from Playbook Optimization webinar: List lookup

Is a conditional list lookup always considered 'better' in terms of performance compared to loading a list into context or just when the list is very large?

** Note: this is a question from our Customer Success Webinar: Playbook optimization in Cor

...

Question from Playbook Optimization webinar: Sub-Playbook

I have heard from a support member that it's bad practice to go more than on sub-playbook team, ie don't have subplaybooks within subplaybooks. Can you clarify?

Cortex XSOAR

Question from Playbook Optimization webinar: Maximum sleep time

What is the maximum Sleep time the system will allow for? We have scenarios we need to wait for a machine to come back online to take action against it, and it could be days or weeks

** Note: this is a question from our Customer Success Webinar: Pl

...

Question from Playbook Optimization webinar: Workers traverse and sub-playbooks?

Can you talk about how workers traverse a playbook and sub-playbooks?

** Note: this is a question from our Customer Success Webinar: Playbook optimization in Cortex XSOAR

Cortex XSOAR

Resolved! "OK" button is greyed out when the default option "Built-in" select (Playbook Task)

Hi Team,

I am creating a Playbook task by referring "cortex-xsoar-deployment-guide"

"OK" button is greyed out when the default option "Built-in" is select and this option is my requirement.

Pls help team.

#Chinmaya

Resolved! SLA changes that are made by field change scripts are getting reverted

Hi, I have a a field trigger script assigned to a status field. When it changes, the script stops an SLA and starts another and these are Time To Assignment and Response SLA respectively. I have one tenant that refuses to keep the changes meaning tha

...

Resolved! Arcsight base event to layout

Hi,

My Playbook is able to get arcsight events those related to a correlation (alarm) but i need to visualize these base events into layout tab but cant find a proper way. Do you have any suggestion ?

Regards.

Resolved! Joining two keys with the same subkey value

Hi,

I need to join 2 context keys that match value of the same subkey, however I can't find a proper automation or transformation. In context I have 2 keys. One key contains IP's and Hostnames, the other contains IP's and Email Admins. I want to join

...

PCSAE Course Free

Hi All,

I just wanted to put out there that I have made a course around the PCSAE certification and that it is completely free, the link to the YouTube playlist is https://youtube.com/playlist?list=PL_ZuwXjrdb3j_vcAFCMLQxlJ6oFAi3HYT please have a loo

...

Discussions

Question from Playbook Optimization webinar: Outputs & Sub-Playbooks

Question from Playbook Optimization webinar: Playbook best practices

Question from Playbook Optimization webinar: Sub-Playbook context keys

Question from Playbook Optimization webinar: Sub-Playbook quiet mode

Question from Playbook Optimization webinar: Command modification

Question from Playbook Optimization webinar: Playbook unassigned

Question from Playbook Optimization webinar: List lookup

Question from Playbook Optimization webinar: Sub-Playbook

Question from Playbook Optimization webinar: Maximum sleep time

Question from Playbook Optimization webinar: Workers traverse and sub-playbooks?

Resolved! "OK" button is greyed out when the default option "Built-in" select (Playbook Task)

Resolved! SLA changes that are made by field change scripts are getting reverted

Resolved! Arcsight base event to layout

Resolved! Joining two keys with the same subkey value

PCSAE Course Free

Field Change Script To System Fields

How to Copy Incident Files from Linked Incidents

Can XSOAR disk space vary automatically?

Assign incident to new owner

unable to push the content from dev to prod

XSOAR Feature Request

ServiceNow Developer looking for ideas

Unlock your full community experience!

Resolved! "OK" button is greyed out when the default option "Built-in" select (Playbook Task)

Resolved! SLA changes that are made by field change scripts are getting reverted

Resolved! Arcsight base event to layout

Resolved! Joining two keys with the same subkey value