This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Cortex XSOAR 5.5 Required Upgrade

This announcement applies to all customers currently running a version of Cortex XSOAR 5.5 older than (B78409) and that use the API, Splunk App, or SumoLogic to push incidents to XSOAR. We identified an issue in these releases that when pushing incidents from the API, Splunk App, or SumoLogic during a server restart, the incidents might be corru...

afiedler by L4 Transporter
  • 2733 Views
  • 1 replies
  • 0 Likes

Resolved! XSOAR CentOS 8 unsupported

We are running a multi tenant xsoar server and I noticed that we are using CentOS 8 Linux which reached End of Life recently. There is also the stream version of CentOS8. For this version the EOL date is May 31st, 2024. I am slightly confused as it says in the xsoar administrator's guide centos8 is unsupported because it reached EOL. Should I do...

Resolved! Azure AD Identity Protection Integration custom filter

I have the AZ AD Identity Protection integration setup and working, but I am trying to get some custom filters to work without much luck. Does anyone have an example of what OData queries are relevant with this integration? Would like to be able to filter_expression to something like risklevel=high but everything I try comes back with a "Invali...

kbratt by L1 Bithead
  • 3317 Views
  • 2 replies
  • 0 Likes

XSOAR Opsgenie integration

How do I get the api token/key for opsgenie to use in xsoar instance. Opsgenie settings gives me an api key while saving, but the api throws an incorrect key format error. Also, there is no native inbuilt integration in opsgenie for xsoar to directly generate a key

Resolved! Unique names for rasterized images into ServiceNow

Greetings,I am pulling in rasterized images into ServiceNow from URLs, and ideally I'd like to name them the URL they are pulled to eliminate some confusion. But I am not seeing a good way to do this, I have tried adding "URL${inputs.URL}" to the filename in the rasterize automation, but it appends every URL that was pulled into the filename, a...

Resolved! setting multiple values in subkeys

Hi, I have a seemingly simple task which i can't figure out how to handle. I want to import a csv file in the context, having column names as the subkeys. And then I want to get rid off some excessive subkeys/columns.My steps are:1. upload a file from file share using smb-download - SUCCESS2. Import file in the context keys using ParseCSV automa...

Antanas by L2 Linker
  • 4676 Views
  • 3 replies
  • 0 Likes

About Fetch Incidents interval

Hi All, I am new to Cortex XSOAR. I have one question. lets say we are fetching the incidents for any specific time interval and now considering SOAR recommended fetch limit of 200 Incidents per fetch, there can be situation when we might have more than 200 incidents and in this case we will have backlog of these remaining incidents for next fet...

AChawale by L0 Member
  • 2619 Views
  • 1 replies
  • 0 Likes

Multiple Checkpoint instance add-host issue

Hi, There we have 2 different CP-FW instance running but in block playbook we are unable to block 1 ip address for 2 CP-FW instance. It gives (unauthorized 401 - session expired) error. In case of single instance deployment same playbook works with no error.

Resolved! Is a query result a lit or or a dict?

Hey there, Running a query - current_unique_IDs = demisto.executeCommand("query", {"query":get_current_uniqueIDs_query_SQL, "using-brand":"Generic SQL"}) when i execute - demisto.results(type(current_unique_IDs) I get But when i try list functions it says it is a dict. but when i try to do dict functions I get a non hashable error. I want to ...

Tripper_0-1651598898339.png
Tripper_0-1651599849700.png
Tripper by L1 Bithead
  • 5224 Views
  • 6 replies
  • 0 Likes

Resolved! XSOAR disk quota exceeded error

I am getting disk quota exceeded error while running commands both on the playbook and the consolehere is the full error.2022-04-29 06:42:22.4327 error Container exit with error. container name: [demistoserver_pyexec-01aab3da-d09e-4478-84b6-650a5860ddeb-demistopython33.10.4.27798-acc_XXX-30] error: [exit status 126] stderr: [Error: OCI runtime e...

image (1).png
  • 1302 Posts
  • 45 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks