Resolved! Read emails from mailbox
Hi, I am trying to read the mailbox that we created on Exchange. Other than IMAP is there any other option we have in XSOAR to read mails?
Hi, I am trying to read the mailbox that we created on Exchange. Other than IMAP is there any other option we have in XSOAR to read mails?
Background:In our XSOAR platform setup, the XSOAR server is cloud hosted by Palo Alto and the XSOAR engines are deployed at 2 different data centers (on-prem). Each of these datacenters will have a single Cortex XSOAR engine server installed, which will include, a. Production Engine b. Development Engine. Both the XSOAR engines from different d...
Hello, When an incident comes to XSOAR the classifier set the incident type. I would like to know if the incident is updated with new alerts (for ex. in Cortex XDR), will the incident type in XSOAR be updated if needed or is the type set and never change (like the incident name)? When an incident is updated does the entire process runs again (cl...
1. What RHEL installer type (minimal or full fledge GUI) should be considered for XSOAR engine server? 2. Is there any documentation by Palo Alto on Podman proxy configuration for XSOAR Engine installation and any specific URLs required to be whitelisted for Podman like Docker? The following URL has information on Docker but not related to ...
Hi all, I wonder that if it is possible to show context data directly on layout, without mapping that data to incident field.
Hi, When will the cisco prime integration available in marketplace. Is there any license limitation to use Cisco prime content pack? Regards, Deepa
Hi, Here are two different emails subject: 1. Test email - Phishing Email 2. Test email - Ping Two playbooks: 1. Phishing Email 2. Ping Currently I have setup two instances of integration "Mail Listener v2" with corresponding incident types so that phishing email will go to playbook - phishing email and ping email will go to playbook - pi...
Hi, I created a PDF report using rasterize with HTML body content. The XSOAR variables I put contains URLs and Email addresses. My first challenge i faced was the variables when replaced with the acutal values (URLs and emails), they are clickable. I want to prevent this as this is a phishing analysis report and I do not want the viewer to acc...
Hi, As per the below link its mentioned minimum storage requirement for XSOAR engine is 100 GB. And for drive partition it is recommended to allocate 50 GB for /var and 50 GB for /home is XSOAR engine is getting installed on RHEL 8.x. In this case other partitions like /tmp, /usr, /etc doesn't require any space? https://docs.paloaltonetworks...
Hi, I want to upload a file from the XSOAR to a server, for this I want to use the smb-upload automation. Shared map is created, all correct rights are given, credentials in the XSOAR are correct. For now I'm just testing a simple test.txt file to upload I'm always running into the same error: Failed to execute smb-upload command. Error: R...
Is it possible for DEV and PROD servers to use the same set of engines? #DEV #PROD #XSOAR #ENGINE
Hi, As per below link the integrations can be executed REST API, webhooks, and other techniques. So I'd like to know about what are the other methods available in XSOAR platform. https://xsoar.pan.dev/docs/concepts/concepts#:~:text=Product%20integrations%20(or%20apps)%20are%20mechanisms%20through%20which%20security%20orchestration%20platform...
Hi, In one of the XSOAR documentation its mentioned "For all Linux deployments except RHEL 7.x (for example Ubuntu, CentOS, etc.). Automatically installs Docker, downloads Docker images, enables remote engine upgrade, and allows installation of multiple engines on the same machine. For RHEL 7.x, see Install Docker Distribution for Red Hat on C...
Hi, In a playbook I'm using the automation 'send e-mail (EWSO365)'. In the body of the email I'm adding a list that the playbook has generated as following: Get inputs.BreachData Override input Where No filters applied Transformers JsonToTable (title: BreachData, headers: , is_auto_json_transform: , json_transform_properties: ) I ...
Dears,Kindly need your support to get an answer for the following case:We are A MSSP environment, we have many clients.Our deployment is multi-tenant deployment with multiple hosts and each host has only one tenant on it.Our deployment is using a database and XSOAR App on the same server with no disaster recovery or high availability.One of our ...

