Cortex XSOAR Discussions

Resolved! multitenant deployment main dashboard problem

Hi,

I have a multitenant deployment holding 30+ accounts, in my main account dashboard page it is unable to populate statistics such as incident count etc. It just keeps loading with no error. Any idea how can i sort this.

Regards.

Resolved! Sumo Logic integration error: This operation is not allowed for your account type

Hi all,

the integration with Sumo Logic failed to work and now I get the error:

2022-04-22 12:41:51.3031 error Could not fetch incidents from SumoLogic instance : SumoLogic_instance_1 [error 'Script failed to run: Status: 403
ID: WOXBU-A2PLF-BUHRT
Code

...

Add event data into "incident summary" section in "incident info"

Hi,

Is there any way to add a specific event field into "incident info" page to visualize in the "Incident Summary" section. Let's say a request url is not included in incident info but in event info we have the url information..

Regards.

Resolved! Error while closing incident

Hi!

we are testing XSOAR on a local VM. We have created several incidents via an integration with our Threat intel solution.

When we are going to close an incident.. it doesn't close!

We get no error from the UI. If we go to the VM console, from /var/l

...

ip list retention

Hi,

In our environment we have a list to hold ip addresses with comma seperated format, how can we provide data retention for each ip addresses within the list.

Regards.

How to change Dashboard Widget Date Range from occurred to closed date

Looking at some of my widgets on my dashboard, i noticed there is a date range filter. But is there a way to specify to use the closed date and not the occurred date?

Resolved! Automation "Remove From List" error

Hi,

One of my playbook includes a removefromlist automation but sometimes this step gives the error below, if this step is rerun without any change everything is ok. Do you have any idea why it needs to be rerun sometimes and any ideas about this err

...

Resolved! Do content pack updates require downtime

I need to update my QRadar Content Pack which also requires X dependencies be upgraded.

What is best practice for content package upgrades?
Is it as simple as installing from marketplace or do we have to run a sync after or cycle demisto after?

Other th

...

Resolved! Blueliv integration error

Hi!

we are testing XSOAR capacities. For testing purposes, we are creating an integration with our intel solution, Blueliv:

https://xsoar.pan.dev/docs/reference/integrations/blueliv-threat-compass

When fetching it returns an error. From the mapping ed

...

Resolved! Do I have to set Server Configurations per tenant?

Example:
https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-5/cortex-xsoar-admin/docker/docker-hardening-guide/run-docker-with-non-root-internal-users#idb5fe7d70-f021-4270-a328-7439d5574723

I set this on the main account and sync'd all accounts.

H

...

XSOAR community Edition System Requirement

Hi,

I'm trying to install XSOAR in my personal machine to practice a bit and experiment, Anyone has recommended system requirements for this?

Including space.

Thanks in Advanced

Resolved! error 'Missing required field: 'owner' when uploading / creating incident via json

Trying to export a ticket from PROD into DEV.

To test I exported a ticket in DEV as a json using this in the playground.

!azure-sentinel-get-incident-by-id incident_id="c5dc30e5-6981-4cb0-9895-66967fc3f2e9" raw-response="true"
(saved as json)

Then n DEV

...

Application Unreachable

Hello,

I am having issues working with the Automation Menu. When opening the menu I receive the error "Application Unreachable".

It appears a few times yet I am still able to access the automation that I need. What is the reason why I am receiving this

...

XSOAR RSS integration not fetching updated feed content

We have configured the RSS integration in the community supported RSS content pack (https://xsoar.pan.dev/marketplace/details/RSS) to ingest CISA NCAS alerts as incidents for our threat intel teams to investigate. This is using the public feed at ht

...

Integration with Nexthink

The connection has been tested sucessfully but error during executing commands

Discussions

Resolved! multitenant deployment main dashboard problem

Resolved! Sumo Logic integration error: This operation is not allowed for your account type

Add event data into "incident summary" section in "incident info"

Resolved! Error while closing incident

ip list retention

How to change Dashboard Widget Date Range from occurred to closed date

Resolved! Automation "Remove From List" error

Resolved! Do content pack updates require downtime

Resolved! Blueliv integration error

Resolved! Do I have to set Server Configurations per tenant?

XSOAR community Edition System Requirement

Resolved! error 'Missing required field: 'owner' when uploading / creating incident via json

Application Unreachable

XSOAR RSS integration not fetching updated feed content

Integration with Nexthink

Can XSOAR disk space vary automatically?

Assign incident to new owner

unable to push the content from dev to prod

JSON Sample Incident Generator

Rename table headers

Re: Dashboard Graph Display Incident Count Per Month

Dashboard Graph Display Incident Count Per Month

Re: Incident Parent-Child Relationship

Re: Missing context in indicator preview. I executed an NVD reputation command on CVE via a custom script.

Re: Couldn't sort by date in bar graph widget in Dashboard

Unlock your full community experience!

Resolved! multitenant deployment main dashboard problem

Resolved! Sumo Logic integration error: This operation is not allowed for your account type

Resolved! Error while closing incident

Resolved! Automation "Remove From List" error

Resolved! Do content pack updates require downtime

Resolved! Blueliv integration error

Resolved! Do I have to set Server Configurations per tenant?

Resolved! error 'Missing required field: 'owner' when uploading / creating incident via json