Cortex XSOAR Discussions

Resolved! Create individual incidents for each value in a list in parallel

Hello,

A list of URLs splitted by "," is used in automation. The automation should create a new incident for each value, however it shouldn't be created in a sequential way. All incidents should be created at the same time (don't need to finish the f

...

Resolved! Read emails from mailbox

Hi,

I am trying to read the mailbox that we created on Exchange. Other than IMAP is there any other option we have in XSOAR to read mails?

Resolved! XSOAR Engine Backup/Restore

Background:
In our XSOAR platform setup, the XSOAR server is cloud hosted by Palo Alto and the XSOAR engines are deployed at 2 different data centers (on-prem). Each of these datacenters will have a single Cortex XSOAR engine server installed, which

...

Are XSOAR incident type updated?

Hello,

When an incident comes to XSOAR the classifier set the incident type.

I would like to know if the incident is updated with new alerts (for ex. in Cortex XDR), will the incident type in XSOAR be updated if needed or is the type set and never ch

...

Resolved! RHEL Installer Type and Podman Installation Steps

1. What RHEL installer type (minimal or full fledge GUI) should be considered for XSOAR engine server?

2. Is there any documentation by Palo Alto on Podman proxy configuration for XSOAR Engine installation and any specific URLs required to be white

...

Context data 2 layout

Hi all,

I wonder that if it is possible to show context data directly on layout, without mapping that data to incident field.

XSOAR Cisco Prime Integration

Hi,

When will the cisco prime integration available in marketplace. Is there any license limitation to use Cisco prime content pack?

Regards,

Deepa

Setting up classification & mapping for email ingest

Hi,

Here are two different emails subject:

1. Test email - Phishing Email

2. Test email - Ping

Two playbooks:

1. Phishing Email

2. Ping

Currently I have setup two instances of integration "Mail Listener v2" with corresponding incident types so

...

Rasterize PDF format queries

Hi,

I created a PDF report using rasterize with HTML body content. The XSOAR variables I put contains URLs and Email addresses.

My first challenge i faced was the variables when replaced with the acutal values (URLs and emails), they are clickable.

...

XSOAR Engine Storage Requirements

Hi,

As per the below link its mentioned minimum storage requirement for XSOAR engine is 100 GB. And for drive partition it is recommended to allocate 50 GB for /var and 50 GB for /home is XSOAR engine is getting installed on RHEL 8.x. In this case

...

smb-upload (Server Message Block (SMB) v2): error

Hi,

I want to upload a file from the XSOAR to a server, for this I want to use the smb-upload automation.

Shared map is created, all correct rights are given, credentials in the XSOAR are correct.

For now I'm just testing a simple test.txt file t

...

Resolved! DEV PROD XSOAR Engines

Is it possible for DEV and PROD servers to use the same set of engines?

#DEV

#PROD

#XSOAR

#ENGINE

Cortex XSOAR tool integrations methods

Hi,

As per below link the integrations can be executed REST API, webhooks, and other techniques. So I'd like to know about what are the other methods available in XSOAR platform.

https://xsoar.pan.dev/docs/concepts/concepts#:~:text=Product%20inte

...

Resolved! OS Requirement for Cortex XSOAR engine deployment

Hi,

In one of the XSOAR documentation its mentioned "For all Linux deployments except RHEL 7.x (for example Ubuntu, CentOS, etc.). Automatically installs Docker, downloads Docker images, enables remote engine upgrade, and allows installation of mul

...

Resolved! Body email

Hi,

In a playbook I'm using the automation 'send e-mail (EWSO365)'.

In the body of the email I'm adding a list that the playbook has generated as following:

Get

inputs.BreachData

Override input

Where

No filters applied

Transformers

JsonT

...

Discussions