Hi all,
I'm new in using XSOAR,
in a playbook I'm using the rasterize of a URL
now I'd like to put a conditional step where I check if the rasterize is not successful (e.g. the url does not exist)
How can I check that?
Hello
If we press in the war room output to " View full content in a new tab" then the output is a table - and everything in one row.
Is it possible to get the output in columns?
Even csv is all in one row...
so, instead first row with description, pu
...
Hi, I am trying to integrate more and more XSOAR into my environment.
I would like to be able to do XQL searches on xdr dataset, but I can't find a way to do that.
I have Cortex Data Lake integration, but is seems to cover only logs from firewalls.
Thx
...
So we're utilizing XDR Prevent (not Pro) here. Appears to be all the preparation on PAN's site is carefully equipped towards the Proform, and Github hasn't been exceptionally productive.
I'm contemplating whether anybody has any playbooks or work pro
...
How can I get the Timeframe inside a Dashboard into an python script so that I can use it to query splunk for the same timeframe
I haven't been able to find anything related to this in the documentation.
Thanks,
Juan
While testing SplunkPy integration, I am getting the following error.
Error from SplunkPy is : Script failed to run:
Error: Error [[Traceback (most recent call last):
File "<string>", line 1, in <module>
ImportError: No module named splunklib.
...
Is there a document pointing to the specific Markdown functionality that XSOAR supports? There seem to be lots of variants on Markdown.
I have a trigger script automation that updates the linked incidents of an incident. The update works, but then it produces the following error and refuses to update the field that triggered the automation.
The script works fine if I run it from t
...
Hello,
I am a noob in XSOAR, so if I am missing something obvious, my apologies.
I am working on a implementation where the system owner has set up a custom incident type for their Microsoft Security Graph API. The idea is now to do the mapping and I
Hi all,
We have several incidents that we need to work on the mapping of, but they are relatively rare and are not pulled from the (SplunkPy) integration often enough that they are in any of the events that we get when we do the mapping (6.0) and pull
...
Hi Team,
can you please help me how to integrate cortex xsoar with ibm qradar . I dont find related documents for this.It would be great if you can share KB article for this.Thanks
I couldn't find anything in the documentation about this. However, I'm brand new to XSOAR development, so maybe I'm missing it. So, before I go digging more, can anyone let me know if this capability exists or not?
I want dynamic interactive elemen
...
Hello everyone,
I am having some trouble working with files in an incident.
I have integrated an API that need a path to upload a file.
This API checks the file extension in the path and as I have seen, file paths in XSOAR incidents are something like
So we're using XDR Prevent (not Pro) here. Seems all the training on PAN's site is strictly geared towards the Pro version, and github hasn't been very fruitful yet.
I'm wondering if anyone has any playbooks or workflows or (crosses fingers) scripts t
Hello all
I run into a failure on Playbook Panorama Query Logs.
The failure is:
"Set vsys for firewall or Device group for Panorama"
This happen on the GeneralPolling Playbook and there at the task RunPollingCommand.
I've defined Device Group and askin
...
