Setting up classification & mapping for email ingest

Hi,

Here are two different emails subject:

1. Test email - Phishing Email

2. Test email - Ping

Two playbooks:

1. Phishing Email

2. Ping

Currently I have setup two instances of integration "Mail Listener v2" with corresponding incident types so

Rasterize PDF format queries

Hi,

I created a PDF report using rasterize with HTML body content. The XSOAR variables I put contains URLs and Email addresses.

My first challenge i faced was the variables when replaced with the acutal values (URLs and emails), they are clickable.

XSOAR Engine Storage Requirements

Hi,

As per the below link its mentioned minimum storage requirement for XSOAR engine is 100 GB. And for drive partition it is recommended to allocate 50 GB for /var and 50 GB for /home is XSOAR engine is getting installed on RHEL 8.x. In this case

smb-upload (Server Message Block (SMB) v2): error

Hi,

I want to upload a file from the XSOAR to a server, for this I want to use the smb-upload automation.

Shared map is created, all correct rights are given, credentials in the XSOAR are correct.

For now I'm just testing a simple test.txt file t

Cortex XSOAR tool integrations methods

Hi,

As per below link the integrations can be executed REST API, webhooks, and other techniques. So I'd like to know about what are the other methods available in XSOAR platform.

https://xsoar.pan.dev/docs/concepts/concepts#:~:text=Product%20inte

Installing XSOAR HA and DR for one host with one tenant in multi tenant environment

Dears,

Kindly need your support to get an answer for the following case:

We are A MSSP environment, we have many clients.

Our deployment is multi-tenant deployment with multiple hosts and each host has only one tenant on it.

Our deployment is using a dat

Endpoint Antivirus Exclusion list

Dears,

Kindly need your support for the following:

• we need to install the below as security controls on our XSOAR server (RHEL8):

o McAfee Endpoint security (latest version) for Linux.

o Cyber Reason EDR.

• kindly provide what is the Antivirus exclus

CIRCL hashlookup (hashlookup.circl.lu) 1.0.0 3167802 returns error when no results

When the integration is used on non-existent hash:

!file file=2795b688bb5918e092e0ee33cd25aa98

Then it end with error:

Reason

accepting custom cert -failed

Have followed this kb however under instance, it is still unable to test successfully when unchecking the trust all certification options under the integrated instance.

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoar-admin/d

Create a PDF file from context

Hi,

I am trying to create playbook where IOCs are extracted and enriched and then values are send as a PDF file via email.

I reached the part where the IOCs are parsed and enriched, but I am stuck at creating the PDF file.

Is it possible to create a PD