When I use the XSOAR 8 SearchIncidentsv2 script with reason argument it return no results for example reason:False Positive returns nothing. Why is that? Is there some specific formatting to use?
Hi team!
First of all, thank you very much in advance for your help.
I want to add an SLA to an incident in XSOAR so that if the SLA is breached, the incident is automatically closed. In theory, this is straightforward to implement by setting a t
...
Hello all,
I have an XSOAR 8.+ tenant and need to store my incidents from up to two years ago. I understand that by default XSOAR retention policy retains incidents based on license etc. Is there a way to export the data that is half a year old to a
...
I see there is documentation on customizing system emails: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/8/Cortex-XSOAR-Administrator-Guide/Customize-System-Emails
I'm seeing placeholders such as {{ .username}} and {{ .invName}}. Where i
Hi.
I am considering automating the regression testing of the Playbook.
For instance, it would be ideal if we could confirm whether the existing paths can still transition smoothly when a user adds one more branch to the ConditionalTask in the Playb
...
Hi Team,
The customer wants to implement 2 integrations, so they are requesting the TAC support on the usage of 2 integrations.
Note: No CS team available.
Below are those 2 integrations.
1. NCIIPC Threat Intel Feeds via normal API key.
2. HPSM (
Hi Team,
I need to find a way to drop similar events (by eventnames field) from QRadar when they are mirrored in in XSOAR by using a pre process rule
I have checked for a native approach in Cortex Xsoar to do it but it seems that
Pre-processin
Hi all and happy Taco Tuesday!
I'm part of a very small team of 3 that supports a retail company's domestic and international security & compliance operations, and I'm looking to automate some daily reporting that would ultimately be viewed in Conflue
Hi all,
I imported a custom pack to XSOAR main account, but I don't want some tenants to use it so I want to use XSOAR propagation labels, but even if I set propagation labels, when I sync it distributes to tenants.
Do you have any suggestion?
I am trying to create a custom integration and have read that xsoar will invoke fetch-incident command at the given incidentfetchinterval timeframe on its own. But when i run the integration to fetch incidents i dont see it adhering to the given inte
...
Hello LC,
I have recently developed some advanced workflows with team integration. I use the MicrosoftTeamsAsk to send a message to a user, and when the user clicks on one of the buttons within Teams, they receive an error message, "Unable to reach a
...
Can I configure XSOAR Engine used to run playbooks, instead of the XSOAR instance itself, and if yes what is the configuration steps, sizing, ..etc
Cortex XSOAR
Hi there, looking to see if we can send limited number (subset) of devices from Palo IOT XSOAR integration to Cisco ISE instead of the full set.
ref > https://docs.paloaltonetworks.com/iot/integration/network-access-control/integrate-iot-security-w
...
Anyone using XSOAR File Management.?
I am getting below error when trying to run any command
Failed to execute test-module command. Error: Failed to parse json object from response: b'<!doctype html>\n<html lang="en">\n<head>\n <meta charset="ut
...
