Cortex XSOAR Discussions

Cortex XSOAR Mobile App Demo

In this demo, we show you how to get up and running with the Cortex XSOAR mobile app and how to use some of the most popular features, including:

Dashboards
Incident summary and several IR capabilities
View and complete tasks
War Room chat

(view in My Vi

...

Cortex XSOAR 5.5 Required Upgrade

This announcement applies to all customers currently running a version of Cortex XSOAR 5.5 older than (B78409) and that use the API, Splunk App, or SumoLogic to push incidents to XSOAR.

We identified an issue in these releases that when pushing incid

...

Cortex XSOAR 6.0.1 (B84583) Released

The newest version of Cortex XSOAR is now available.

Check out the Cortex XSOAR Release Notes for release details, including new features, bug fixes, and enhancements.

Cortex XSOAR Release Announcements

Cortex XSOAR 6.0 is now available!

The newest version of Cortex XSOAR is now available.

Check out the Cortex XSOAR Release Notes for release details, including new features and breaking changes.

Resolved! XSOAR CentOS 8 unsupported

We are running a multi tenant xsoar server and I noticed that we are using CentOS 8 Linux which reached End of Life recently. There is also the stream version of CentOS8. For this version the EOL date is May 31st, 2024. I am slightly confused as it s

...

Resolved! Azure AD Identity Protection Integration custom filter

I have the AZ AD Identity Protection integration setup and working, but I am trying to get some custom filters to work without much luck. Does anyone have an example of what OData queries are relevant with this integration?

Would like to be able to

...

XSOAR Opsgenie integration

How do I get the api token/key for opsgenie to use in xsoar instance.

Opsgenie settings gives me an api key while saving, but the api throws an incorrect key format error. Also, there is no native inbuilt integration in opsgenie for xsoar to directly

...

Resolved! Unique names for rasterized images into ServiceNow

Greetings,

I am pulling in rasterized images into ServiceNow from URLs, and ideally I'd like to name them the URL they are pulled to eliminate some confusion. But I am not seeing a good way to do this, I have tried adding "URL${inputs.URL}" to the fi

...

how to know my company support subscription expire date

Resolved! setting multiple values in subkeys

Hi,

I have a seemingly simple task which i can't figure out how to handle. I want to import a csv file in the context, having column names as the subkeys. And then I want to get rid off some excessive subkeys/columns.

My steps are:

1. upload a file fro

...

About Fetch Incidents interval

Hi All, I am new to Cortex XSOAR. I have one question. lets say we are fetching the incidents for any specific time interval and now considering SOAR recommended fetch limit of 200 Incidents per fetch, there can be situation when we might have more t

...

Multiple Checkpoint instance add-host issue

Hi,

There we have 2 different CP-FW instance running but in block playbook we are unable to block 1 ip address for 2 CP-FW instance. It gives (unauthorized 401 - session expired) error. In case of single instance deployment same playbook works with n

...