This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Reports generation and download takes alot of time

Hello, I have any issue with generating reports in PDF and CSV formats, as it takes about 10-15mins to generate the report. This issue doesn't exist with word doc. I tried this multiple times as i thought that the docker image for those tasks maybe not local on the server and it took time to download from the Docker Hub registery, but the fac...

Resolved! Xsoar - XDR Public API Unauthorised

I am having difficulty integrating the XDR Integration. I have followed the instructions and have generated an "Advanced Key", copied the Key and the Key ID + URL. I have inserted the relevant details on the Instance Settings. When I perform "Test" I receive "401 Public API Unauthorised". I have tested multiple different roles of API including t...

Resolved! How do I get the numeric incident id in an automation?

I'm working with a Python automation, and I need to get the numeric incident id. I expect this id to be numeric (123456) but it is always a long concatenated hex string and GUID. incident = demisto.incidents()[0]incident_id = incident['id']print(incident_id ) Output is: 89a633e1ef019afeee78fbb2ac23ee84$&$234f4f55-5c46-44b1-8662-6f65039a9a0c...

Raoul by L0 Member
  • 4523 Views
  • 1 replies
  • 0 Likes

Resolved! split input to chunks with python

Hi, I'm trying to build an automation which would take an array of objects as an input, split it to chunks of specified number and put in the context. E.g. I have 36 IP addresses, i want it to split to chunks of 10. The end result would be having them in a context - 3 keys having 10 IPs and on key having the remaining 6 IPs. I can set the spli...

Antanas_0-1665477516583.png
Antanas by L2 Linker
  • 4371 Views
  • 3 replies
  • 0 Likes

XSoar Integration with cisco firepower

Dears, I installed cisco firepower integration. from Market Place. I use update network group objects command but actually it removes all the IP addresses inside this group and add the only list that I newly updated. Kindly need your support. Also for Integration with ASA firewall , it failed in the testing phase as it gives me error ...

Data presentation on XSOAR Web

Hi, I have a use case where I want to share some sensitive data with users which should have an expiration date. I want data to be put on XSOAR web server, which I would have a link for and expire after certain time. I find similar funcionality with data collection task via email when user receives a link to XSOAR and can submit his response o...

Antanas by L2 Linker
  • 1687 Views
  • 1 replies
  • 0 Likes

Questions for livebackup

Dears,we now are installing a new server to be our live backup server, we have multiple questions regarding this Kindly need your answer :1- Do we need a License for The Live backup Server????2-Are the configuration and Data are moving in real time from Active Server to standby Server?3-In case our main server is down and we converted the standb...

Resolved! User authentication

Hi, Can we use Active Directory Authentication integration for authenticate users into XSOAR, when we are using Azure AD. If not, what is the integration best suitable? Thanks

DP696 by L2 Linker
  • 2308 Views
  • 1 replies
  • 0 Likes

Problem encoding/decoding introducing in a JSON list data

Hello, I've some urls to introduce in a JSON list the command used are this one to encode: #encode to ASCII url.encode(encoding='ascii',errors="ignore").decode() In the context the variable is perfect, however inside the JSON list it's not. Even if I call variables from inside the JSON list to outside is perfect too. It's only inside the JSO...

Josep by L4 Transporter
  • 2053 Views
  • 2 replies
  • 0 Likes

Disaster recovery and High Availabilty

Dears, Kindly need your clarification for the below scenario in my environment: -- We have a XSOAR deployment and we need to deploy HA and DR to it, the current situation is that we have Basic installation with Bolt DB. -- So After reading the guide I reached out to the following two solutions: 1- Using High Availability Module, this modul...

Resolved! Problem using GenericPolling with Qradar v3 command

Hi everyone, I'm trying to use the GenericPolling playbook to wait for the "COMPLETED" status of a query in a QRadarv3 Integration. I use the following configuration:Ids: ${QRadar.Search.ID}PollingCommandName: qradar-search-status-getPollingCommandArgName: search_idInterval: 1Timeout: 30dt: QRadar.Search(val.Status!== 'COMPLETED' || val.Status...

gkindley by L1 Bithead
  • 2798 Views
  • 1 replies
  • 0 Likes
  • 1300 Posts
  • 45 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks