Cortex XSOAR Discussions

Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Sending only one email for an Ask Task

Hello, I am attempting to configure an Ask Task to send one email only with no retries and an end by SLA condition. I have implemented the settings to no retries (default) and to end the task upon SLA Breach 6 hours. Once saving the playbook I see th

...

Resolved! Filenames with slashes not updating

Greetings,


So I have been pulling rasterized images with the names of the URLs attached into XSOAR and attempting to pipe them into some ServiceNow tickets, but character restrictions are giving the system issues on what files to call during the uploa

...

MicrosoftTeams-image (3).png
MicrosoftTeams-image (4).png
MicrosoftTeams-image (5).png

Start playbook from API with own inputs

Hi all,

 

I have problem and I would like please you for help.

My target is, from API (via postman) run some playbook with own data. For example, call playbook, where I added into playbook Inputs property "Left".

 

How I tried set $Input.Left from my API,

...

Resolved! how to use demisto-api-download in a Automation

I am trying to use the built in demisto-api-download autmation to download a file from our hosted xsoar instance 

I am struggling to figure out how to format my command in the automation. From the documentation these are the inputs :
 

Arguments Descrip

...

kbratt by L1 Bithead
  • 4773 Views
  • 5 replies
  • 0 Likes

Auto-categorize Outlook Phishing Email

Hello guys,

I'm currently trying to create a Playbook that auto-categorize already analyzed phishing email, let me explain :

Here is the current process :

1. An analyst tags an email as Phishing using Outlook categories in the main Email box

2. Thanks to

...

benzer by L0 Member
  • 2445 Views
  • 3 replies
  • 0 Likes

Resolved! SLA best practices

Hi,

 I want to set sla times per severity type but it seems xsoar bind sla's to incident type, so i think i need to start each sla per severity in playbook by testing severity it is nearly clear for me. But i am confused what type of SLA should i crea

...

Resolved! Different response page server

Hi, 

 

In a multitenant deployment i want to place the response page somewhere else from the "Host-tenant" machine  lets say customer environment. And configure   "External Host Name" to this new server which is accessible from customer local area.

 

Reg

...

  • 1178 Posts
  • 39 Subscriptions
Top Solution Authors
Top Liked Authors