This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Cortex XSOAR Discussions

Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! Is it possible to use nested variables in XSOAR?

Hi all,

A customer of ours is trying a curious thing and I am not sure if it is possible in general, so I guessed the best way would be to ask right away. Our customer created a XSOAR list, that contains a html string with context data variables in it

...

araka by L1 Bithead
  • 3447 Views
  • 2 replies
  • 0 Likes

Resolved! XSOAR Qradar Ingestion

I am attempting to ingest Qradar into the XSOAR using the Integration. I need to pull custom fields from the SIEM  and what I need to understand is as follows;

Is it preferable to pull these fields within an AQL Search at the playbook stage ?

Or is it

...

Search in XSOAR for Timers (active incidents)

Hi all
I would like to search in Cortex XSOAR for running timers that exceed a certain time. I tried it but it didn't worked out.
It should work like this that I can search for an timer (in this case detectionsla the total duration) and afterwards it s

...

Bildschirmfoto 2022-02-19 um 12.27.02.png
Bildschirmfoto 2022-02-19 um 12.32.04.png
lslschr1 by L0 Member
  • 2296 Views
  • 1 replies
  • 0 Likes

setIncident for single select type

This command works:
demisto.executeCommand('setIncident', {'summary': "test"})`

Note: summary is a custom field of text.

 

This fails:

demisto.executeCommand('setIncident', {'sentinelclosereason': "JOSH"})


The only difference I can see is that sentinelclos

...

jboyd98 by L2 Linker
  • 2683 Views
  • 1 replies
  • 0 Likes

Minemeld Alternative

Hello ,

 

On of our customer is dependent on their partner for Minemeld EDL

 

The Partner is hosting the Minemeld server and now our customer is planning to build their own Minemeld

 

As Minemeld is no longer supported by PAN and is purely an open Source s

...

Cortex Doubt Operations

Hello everyone;

Cortex:
The console reports 481 agents of which it gives with lost connection 110, in the licensing section it indicates 371 agents installed of the 500 licensed, so it seems that it does not take into account those of lost connection,

...

Alpalo by L4 Transporter
  • 1746 Views
  • 1 replies
  • 0 Likes
  • 1189 Posts
  • 40 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks