Looking at some of my widgets on my dashboard, i noticed there is a date range filter. But is there a way to specify to use the closed date and not the occurred date?
Hi,
One of my playbook includes a removefromlist automation but sometimes this step gives the error below, if this step is rerun without any change everything is ok. Do you have any idea why it needs to be rerun sometimes and any ideas about this err
...
I need to update my QRadar Content Pack which also requires X dependencies be upgraded.
What is best practice for content package upgrades?
Is it as simple as installing from marketplace or do we have to run a sync after or cycle demisto after?
Other th
Hi!
we are testing XSOAR capacities. For testing purposes, we are creating an integration with our intel solution, Blueliv:
https://xsoar.pan.dev/docs/reference/integrations/blueliv-threat-compass
When fetching it returns an error. From the mapping ed
...
Example:
https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-5/cortex-xsoar-admin/docker/docker-hardening-guide/run-docker-with-non-root-internal-users#idb5fe7d70-f021-4270-a328-7439d5574723
I set this on the main account and sync'd all accounts.
H
...
Hi,
I'm trying to install XSOAR in my personal machine to practice a bit and experiment, Anyone has recommended system requirements for this?
Including space.
Thanks in Advanced
Trying to export a ticket from PROD into DEV.
To test I exported a ticket in DEV as a json using this in the playground.
!azure-sentinel-get-incident-by-id incident_id="c5dc30e5-6981-4cb0-9895-66967fc3f2e9" raw-response="true"
(saved as json)
Then n DEV
...
Hello,
I am having issues working with the Automation Menu. When opening the menu I receive the error "Application Unreachable".
It appears a few times yet I am still able to access the automation that I need. What is the reason why I am receiving this
...
We have configured the RSS integration in the community supported RSS content pack (https://xsoar.pan.dev/marketplace/details/RSS) to ingest CISA NCAS alerts as incidents for our threat intel teams to investigate. This is using the public feed at ht
...
The connection has been tested sucessfully but error during executing commands
Got a QRadar integration.
It's suppose to pull back offenses with magnitude > 4
However, our metrics are much higher than what the client expects.
When reviewing this case got pulled into XSOAR:
However, when exporting QRadar, the incident has the foll
Hello Everyone,
Yesterday, I have observed delayed in offenses which comes from QRadar into XSOAR. I am confused with this type of behavior from XSOAR.
Offense which is triggered in QRadar : 29-03-2022 23:00PM
Same offense/Alerts is created in XSOAR :
...
Workflow:
From the Incidents page / table, select multiple incidents.
Click the "Close" button that allows closing multiple incidents at one time.
My close form comes up. I have a field trigger script on one of the fields.
It doesn't look like that fiel
I have some automation that I'm working on and I am not seeing the expected results. I broke the script down into the following simple version.
ScriptA which is:
demisto.executeCommand("ScriptB", {})
ScriptB which is:
return_results("ScriptB Called")
wh
I am using splunk 60 day free trial non-enterprise edition and created a new custom index in splunk and manually added a sample event csv format file in the new index and all date is 2 days ago sample data
splunk integration with xsoar does not genera
...
