This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Question from Playbook Optimization webinar: Command modification

Is it possible to modify all instances of a command? For instance, if we wanted to change the "Run without a worker" setting on all usages of sleep - is that possible? Or would I need to do it 1-by-1? Or even possible per playbook maybe with multi-select? ** Note: this is a question from our Customer Success Webinar: Playbook optimization in C...

rtsedaka by L6 Presenter
  • 2000 Views
  • 1 replies
  • 0 Likes

Resolved! SLA changes that are made by field change scripts are getting reverted

Hi, I have a a field trigger script assigned to a status field. When it changes, the script stops an SLA and starts another and these are Time To Assignment and Response SLA respectively. I have one tenant that refuses to keep the changes meaning that it sets the SLAs and then within a second all is reverted. I can clearly see it on the incident...

image.png
image.png
image.png

Resolved! Arcsight base event to layout

Hi, My Playbook is able to get arcsight events those related to a correlation (alarm) but i need to visualize these base events into layout tab but cant find a proper way. Do you have any suggestion ? Regards.

Resolved! Joining two keys with the same subkey value

Hi, I need to join 2 context keys that match value of the same subkey, however I can't find a proper automation or transformation. In context I have 2 keys. One key contains IP's and Hostnames, the other contains IP's and Email Admins. I want to join those that match same IP. E.g. : In the above scenario, as a result I want to have a key, that w...

unnamed (1).png
Antanas by L2 Linker
  • 4679 Views
  • 4 replies
  • 0 Likes

PCSAE Course Free

Hi All, I just wanted to put out there that I have made a course around the PCSAE certification and that it is completely free, the link to the YouTube playlist is https://youtube.com/playlist?list=PL_ZuwXjrdb3j_vcAFCMLQxlJ6oFAi3HYT please have a look, I welcome all feedback especially from this community so let me know what you think.

Task "jira-edit-issue" can not handle arrays in "Description"-Filed (with solution)

HelloI had an issue with an array for several tickets in jira-edit-issue and there in the field "Description".the problem was, that I had several outputs from an other Task.So, the array "output.color": contains:[{"Color":"blue"},{"Color":"green"},{"Color":"red"]Now I had three Jira-Tasks to update.First ticket with following content in the "Des...

Cortex XSOAR Mobile App Demo

In this demo, we show you how to get up and running with the Cortex XSOAR mobile app and how to use some of the most popular features, including: DashboardsIncident summary and several IR capabilitiesView and complete tasksWar Room chat(function() { var wrapper = document.getElementById('lia-vid-6195937855001w1004h540r18'); var videoEl = wrapp...

afiedler by L4 Transporter
  • 3158 Views
  • 1 replies
  • 0 Likes

Cortex XSOAR 5.5 Required Upgrade

This announcement applies to all customers currently running a version of Cortex XSOAR 5.5 older than (B78409) and that use the API, Splunk App, or SumoLogic to push incidents to XSOAR. We identified an issue in these releases that when pushing incidents from the API, Splunk App, or SumoLogic during a server restart, the incidents might be corru...

afiedler by L4 Transporter
  • 2712 Views
  • 1 replies
  • 0 Likes
  • 1301 Posts
  • 45 Subscriptions
Top Liked Posts
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks