Cortex XSOAR Discussions

CIRCL hashlookup (hashlookup.circl.lu) 1.0.0 3167802 returns error when no results

When the integration is used on non-existent hash:

!file file=2795b688bb5918e092e0ee33cd25aa98

Then it end with error:

Reason

Failed to execute file command. Error: Error in API call [404] - NOT FOUND {"message": "Non existing MD5", "query": "2795b688bb5

...

accepting custom cert -failed

Have followed this kb however under instance, it is still unable to test successfully when unchecking the trust all certification options under the integrated instance.

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoar-admin/d

...

Create a PDF file from context

Hi,

I am trying to create playbook where IOCs are extracted and enriched and then values are send as a PDF file via email.

I reached the part where the IOCs are parsed and enriched, but I am stuck at creating the PDF file.

Is it possible to create a PD

...

XSOAR Integration with Cisco IronPort Email API - Code Missed on Backend

Hi Team,

Can you please help here to integrate Cisco ESA(API V2) with XSOAR . I have tried with the following integration from marketspace "Cisco IronPort Email API (Community Contribution)" which is developed using API v2. But unfortunately It pop

...

Error in Splunk integration Splunkpy

Hello everyone,

While testing the integration of Splunk to XSOAR with Splunkpy, I'm getting this error:

Anyone know how to solve it?

Thanks for your support.

Resolved! Assigning an array of Values to a key/variable

Hey guys,

I'm working on separating internal and external IP(s) on a playbook and I want to use those values in a email body. So currently I'm using a temporary list to store IP(s) then call when needed in the same playbook with ${lists.templist}.

...

Communication Task Authentication failed

Hi,

I want users to authenticate in Cortex XSOAR before answering the form sent by mail like explained here https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-5/cortex-xsoar-admin/playbooks/playbook-tasks/communication-tasks/create-a-data-collec

...

Handling errors in a playbook

I'm looking to change the flow of my playbook not only if errors are encountered in my tasks, but dependant also on what those errors are. I found a tutorial on docs.paloaltonetworks.com that included this:

Step 3: For new tasks, in the Task Name f

...

Dbot Score for Virustotal IP check is always 1

Hey Guys,

I'm facing this issue that doesn't matter how malicious the IP is Dbotscore is being 1 for the VT IP automation,

Things I tried,

1. Setting a threshold in VT integration for 1.

2 . Setting the reliability to A+

2. Running the command

...

Resolved! SetGridField Issue

I'm testing the inbuilt playbook "Integrations and Incidents Health Check" , however it throws an error on the block which contains SetGridField, which is the error shown below.

I have few questions regarding the automation and troubleshooting,

1) W

...

Resolved! A question from the Phishing V3 webinar: Phishing Campaign Ticketing

Will a Phishing campaign ticket is opened automatically, If yes - when?

Note: This question was asked during our Customer Success Webinar: Phishing V3

Cortex XSOAR

Resolved! A question from the Phishing V3 webinar: URL & ML

Any action(decision-making) ideas by using the URL Phishing & Machine learning Model?

Note: This question was asked during our Customer Success Webinar: Phishing V3

Cortex XSOAR

Resolved! A question from the Phishing V3 webinar: URL Prediction

How does the URL prediction reach out to the potentially malicious URL without leaving artifacts that will be traced back to our environment?

Note: This question was asked during our Customer Success Webinar: Phishing V3

Cortex XSOAR

Resolved! A question from the Phishing V3 webinar: Custom Logos

Where are the custom logos stored?

Note: This question was asked during our Customer Success Webinar: Phishing V3

Cortex XSOAR

Resolved! A question from the Phishing V3 webinar: Investigation

It does within an isolated container. We use XSOAR to investigate all kinds of malicious content and it is designed for it - Can we get more information on this? Is it the hardening of Docker ? or others?

Note: This question was asked during our

...

Discussions

CIRCL hashlookup (hashlookup.circl.lu) 1.0.0 3167802 returns error when no results

accepting custom cert -failed

Create a PDF file from context

XSOAR Integration with Cisco IronPort Email API - Code Missed on Backend

Error in Splunk integration Splunkpy

Resolved! Assigning an array of Values to a key/variable

Communication Task Authentication failed

Handling errors in a playbook

Dbot Score for Virustotal IP check is always 1

Resolved! SetGridField Issue

Resolved! A question from the Phishing V3 webinar: Phishing Campaign Ticketing

Resolved! A question from the Phishing V3 webinar: URL & ML

Resolved! A question from the Phishing V3 webinar: URL Prediction

Resolved! A question from the Phishing V3 webinar: Custom Logos

Resolved! A question from the Phishing V3 webinar: Investigation

Do we have XQL query builder feature in XSOAR

Where is the XSAOR 8 CLI Reference?

Pre Processing Rules Logs

XSOAR CMDB - SQL issue

Cortex XSOAR - Best Practice Optimize Threat Intelligence Management (TIM)

Re: Cortex XSOAR intergration with Terraform Cloud?

Splunk integration - Mirroring not working

Unlock your full community experience!

Resolved! Assigning an array of Values to a key/variable

Resolved! SetGridField Issue

Resolved! A question from the Phishing V3 webinar: Phishing Campaign Ticketing

Resolved! A question from the Phishing V3 webinar: URL & ML

Resolved! A question from the Phishing V3 webinar: URL Prediction

Resolved! A question from the Phishing V3 webinar: Custom Logos

Resolved! A question from the Phishing V3 webinar: Investigation