Help with Cortex XSOAR API

Hi everyone,

I'm currently working with XSOAR API, and I'd like to get some help in this way.

I gotta gather all the data from a specific dashboard. I know that there is one API endpoint that I can use for it but, the documentation does not expla

JavaScript vs Python scripts

Hi everyone,

Lately, I was wondering about Python and JavaScript performance in terms of computational speed and XSOAR resource use. I'd like to work as efficient as possible and that's the reason I'd like to ask for the XSOAR community thoughts.

Error with input field, before entering subplaybook, no running tasks in subplaybook, but QRadar query will called and performed.

Error with input field, before entering subplaybook, no running tasks in subplaybook, but QRadar query will called and performed.

Please assist urgently.

Cortex XSOAR DNS resolving issue

Hi all, 

I am trying to integrate Cortex XDR with Cortex XSOAR. I have configured api key and other settings . But sometimes this integration works, sometimes do not,  because of DNS resolving issue. 

I dont think it is our DNS servers problem, becaus

MT out of sync issue

Hi Team,

One of my customer accounts in multi-tenant setup appear to be out-of-sync despite successfully syncing. I have synced accounts from the Main Account UI using both the 'Sync all accounts' and 'Sync' individually selected accounts . The cont

XSOAR removes roles from a user - Licensing issues?

Hi team,

I currently have 6 users configured in XSOAR (including the admin user). However, we only have 5 licenses contracted.

The "admin" user has the admin role.
The remaining users are assigned the analyst role.

Incident:

I have noticed that, from t

Questions regarding the operation of Cortex Xsoar

Hi Team,

I have some questions regarding the operation of Cortex Xsoar and need assistance

1. I bought a license for 5 users. Does that mean you can only create 5 users or only 5 users can be active at the same time? 

2. How to classify incident i

Log bundle extraction issue with System Diagnostics and Health Check

Hi All,

Is there anyone faced below issues with the content pack "System Diagnostics and Health Check" (#System Diagnostics and Health Check | Cortex XSOAR (pan.dev)) while running the main playbook 'Health Check > Health Check - Collect Log Bundle'.

Emailaskuser - detail information response mail

Hello,

Emailaskuser automation is used to receive confirmation mail.

Here, we need to know who is returning the mail (from) in a fast and performant way.

do not want to search the mailbox, we cannot see the data of the return mail.

Is there an ea

XSOAR Login error when using aws load balancer

Hello

This is AWS environment.
I installed XSOAR 6.12 on Private EC2.
Since it is not accessible from the outside,

I created a Public Subnet, connected a Load Balancer, and specified the Private EC2 where XSOAR is installed in the target group.

The Loa

CrowdStrike Next-Gen SIEM

Hi all,

How can i fetch the alert generated by CrowdStrike Next-Gen SIEM to SOAR? Here, are the alerts generated by queries created or like Email, Cloud category.

#XSOAR #CrowdStrike #Next-GenSIEM

XSOAR - Manual Review Indicators

Hi, 
I have created a playbook that extracts IOC from a csv in a mail.
I want to ask the analyst if they want to manually review or auto block the IOCs.
If the analyst marks Manual review I want it to loop over every IOC and the analyst should mark to b

How does EmailAskUser flow work?

I configured my playbook to execute EmailAskUser script but I don't know what is happening in the background causing the completion of the next task. Can somebody explain this behavior to me? The script isn't well documented and I was wondering the d

Get Incident List from Microsoft 365 Defender

Hi Team,

I want to get the events between the dates I give from Microsoft 356 Defender. In the ‘microsoft-365-defender-incidents-list’ command, the limit is set to maximum 100. What should I do to make the limit unlimited?

The command: