Cortex XSOAR Discussions

Resolved! X out of X accounts returned an error during a multi-account request

Seeing the following every multiple times a minute in my server.log

Note i replaced the host with <host>

error Some requests to accounts failed for incidents export [error '2 of 18 requests to accounts failed! failing accounts are [acc_Dem01,acc_Demi

...

FortiSEIM Integration - Auth Issues

Dear All ,

FortiSiem integration is failing due to the Auth issues , Your help would be appreciated

Resolved! Field Trigger Script / Broswer Caching Issue?

I have a field trigger script on dbot status changing; essentially updating a custom field to nothing if the an incident is re-opened.

if field=="dbotStatus" and old=="Closed" and new=="Active" and incidentType=="Azure Sentinel":
demisto.executeComman

...

XSOAR - How to pull file from context in playbook

Hello,

I am trying to pull a file from the context. I tried pulling the 'EntryId' for the file, but the playbook returned an error saying there was not a file at that file path. Is it possible to pull a file from the context, and if so, how can it be

...

Generic Webhook - Integration Issues

Dear Team ,

We are unable to fetch incidents via web-hook integration , it thrown an error (

{"detail":"Method Not Allowed"} )

while testing

your help would be greatly appreciated

Error trying to move an account to a different host

We have a MT XSOAR deployment, and I need to move a created account that is on the main host to a different one, when I try to move the account I get the error

"Account acc_XXXX could not be moved to HOST because address phoenix.scilabs.mx: missing p

...

Captura de pantalla 2022-02-23 123157.jpg

Resolved! Creating Multiple Widgets on Layout to Show Different Images

Hello,

I have multiple screenshots from various tasks in the playbook such as Rasterize among others from a Sandbox Integration. I would like to make individual widgets on the Layout that can display these Image Files Separately.

1. Can the images be

...

trying to return raw output vs formatted

!py script=`return_results(demisto.executeCommand("azure-sentinel-list-incident-entities", {"incident_id":"xxxxxxx-xxxxxx-xxxxx"}))`

The above works and turns in human readable format; however i want to return the raw json.

This works:
!azure-sentinel-

...

Resolved! Xsoar Twitter Entegration

Hi Everyone,

We try to use twitter api on XSOAR.We created instince and try to test connection and get error:

AttributeError: 'Client' object has no attribute 'say_hello'

Anyone saw this error?

Thanks for helps.

sentinel integration, azure-sentinel-update-incident, not able to set to active

I can close an azure incident in xsoar war-room with the following:

!azure-sentinel-update-incident incident_id="xx-xxxxx-xxxxx" status="Closed" classification="Undetermined"

However when i try to re-open the incident in azure from war-room with the f

...

Resolved! Getting Error to Integrate MicroFocus SMAX

Dear Team,

Getting an error when Integrate the SMAX with XSOAR.

Failed to execute test-module command. Error: 'latin-1' codec can't encode characters in position 16-247: ordinal not in range(256) (85)

Please help to resolve this Issue.

Resolved! Is it possible to use nested variables in XSOAR?

Hi all,

A customer of ours is trying a curious thing and I am not sure if it is possible in general, so I guessed the best way would be to ask right away. Our customer created a XSOAR list, that contains a html string with context data variables in it

...

Resolved! XSOAR Qradar Ingestion

I am attempting to ingest Qradar into the XSOAR using the Integration. I need to pull custom fields from the SIEM and what I need to understand is as follows;

Is it preferable to pull these fields within an AQL Search at the playbook stage ?

Or is it

...

Finding suppressed incidents

Hello,

I need to make an HTTP request to get suppressed incidents from the main account. Is anyone has an idea how can a filter those incidents? Thanks!

Search in XSOAR for Timers (active incidents)

Hi all
I would like to search in Cortex XSOAR for running timers that exceed a certain time. I tried it but it didn't worked out.
It should work like this that I can search for an timer (in this case detectionsla the total duration) and afterwards it s

...

Discussions

Resolved! X out of X accounts returned an error during a multi-account request

FortiSEIM Integration - Auth Issues

Resolved! Field Trigger Script / Broswer Caching Issue?

XSOAR - How to pull file from context in playbook

Generic Webhook - Integration Issues

Error trying to move an account to a different host

Resolved! Creating Multiple Widgets on Layout to Show Different Images

trying to return raw output vs formatted

Resolved! Xsoar Twitter Entegration

sentinel integration, azure-sentinel-update-incident, not able to set to active

Resolved! Getting Error to Integrate MicroFocus SMAX

Resolved! Is it possible to use nested variables in XSOAR?

Resolved! XSOAR Qradar Ingestion

Finding suppressed incidents

Search in XSOAR for Timers (active incidents)

Can XSOAR disk space vary automatically?

Assign incident to new owner

unable to push the content from dev to prod

JSON Sample Incident Generator

Rename table headers

Re: Dashboard Graph Display Incident Count Per Month

Dashboard Graph Display Incident Count Per Month

Re: Incident Parent-Child Relationship

Re: Missing context in indicator preview. I executed an NVD reputation command on CVE via a custom script.

Re: Couldn't sort by date in bar graph widget in Dashboard

Unlock your full community experience!

Resolved! X out of X accounts returned an error during a multi-account request

Resolved! Field Trigger Script / Broswer Caching Issue?

Resolved! Creating Multiple Widgets on Layout to Show Different Images

Resolved! Xsoar Twitter Entegration

Resolved! Getting Error to Integrate MicroFocus SMAX

Resolved! Is it possible to use nested variables in XSOAR?

Resolved! XSOAR Qradar Ingestion