Automation Output In Indicator or Incident Layout

Dear all,

We have an issue about visulazating the outputs of indicator enrichment via using virus total ( vt-passive-dns-data).

To be more specific I am going to share our indicator layout and what we are expecting. As its given in the first scre

Best way to manage a time based IP blocklist in XSOAR

Hi All,

I have been trying to find the best way to manage a list of IP addresses. This is the idea I am trying to achieve.

1) I identify an IP address that is malicious and block it on the PaloAlto firewall in a static object group.

2) I keep tra

Query in Lucene syntax don't get the created data time

Hello, 

I'm trying to use the automation "SearchIncidentsV2" to get the incidents with two conditions: the name and a range of time. 

To achieve this, first I created a simple Query to get only the incidentes with a name.   name: "name of playbook" 

Reload QRadar incident information

Is there a form to reload the QRadar inicial values for the incident in case it didn't extract them?

Once QRadar set his values in incident context there's no way to reload them in case of error. 

Managing Self-signed Certificates

As per the below link it's been mention that by default XSOAR uses self signed certificates for secure HTTP connection.

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-5/cortex-xsoar-admin/installation/post-installation-checklist/https-with-a

Failed to start Demisto Server Service

Hello Everyone, 

We recently ran our of disk space on our XSOAR device. I was able to clear out 30GB of old updates/files, ect. I rebooted the server after deleting the files and the Demisto service will not start. When running systemctl status demis

Problem with white spaces in command input

When I try to put a filepath that has white spaces as an input in the command "cs-falcon-rtr-remove-file", I receive the following error:

CrowdStrike Falcon The command was failed with the errors: {'d5716ded5d214d61a23884dd9ef64078': 'Max args is 1

XSOAR CPU been too High

For a while now, our DEV XSOAR server has been holding cpu percentage at 65%. 0 jobs, 0 active workers, less than 10 enabled integrations, and 99 containers. Why is it so high? Any help to diagnose or reduce this percentage is appreciated!

Not able to use the context of one closed incident in a new one using Debugger Panel.

Hello,

I'd like to use the information I have in a already closed incident into a new one I'm developing just to test it.

When I click in the "Debugger Panel"->"Test data" and I search by the id of the closed incident it doesn't show up.
Is there a wa