Cortex XSOAR Discussions

Resolved! Sumo Logic integration error: This operation is not allowed for your account type

Hi all,

the integration with Sumo Logic failed to work and now I get the error:

2022-04-22 12:41:51.3031 error Could not fetch incidents from SumoLogic instance : SumoLogic_instance_1 [error 'Script failed to run: Status: 403
ID: WOXBU-A2PLF-BUHRT
Code

...

Add event data into "incident summary" section in "incident info"

Hi,

Is there any way to add a specific event field into "incident info" page to visualize in the "Incident Summary" section. Let's say a request url is not included in incident info but in event info we have the url information..

Regards.

Resolved! Error while closing incident

Hi!

we are testing XSOAR on a local VM. We have created several incidents via an integration with our Threat intel solution.

When we are going to close an incident.. it doesn't close!

We get no error from the UI. If we go to the VM console, from /var/l

...

ip list retention

Hi,

In our environment we have a list to hold ip addresses with comma seperated format, how can we provide data retention for each ip addresses within the list.

Regards.

How to change Dashboard Widget Date Range from occurred to closed date

Looking at some of my widgets on my dashboard, i noticed there is a date range filter. But is there a way to specify to use the closed date and not the occurred date?

Resolved! Automation "Remove From List" error

Hi,

One of my playbook includes a removefromlist automation but sometimes this step gives the error below, if this step is rerun without any change everything is ok. Do you have any idea why it needs to be rerun sometimes and any ideas about this err

...

Resolved! Do content pack updates require downtime

I need to update my QRadar Content Pack which also requires X dependencies be upgraded.

What is best practice for content package upgrades?
Is it as simple as installing from marketplace or do we have to run a sync after or cycle demisto after?

Other th

...

Resolved! Blueliv integration error

Hi!

we are testing XSOAR capacities. For testing purposes, we are creating an integration with our intel solution, Blueliv:

https://xsoar.pan.dev/docs/reference/integrations/blueliv-threat-compass

When fetching it returns an error. From the mapping ed

...

Resolved! Do I have to set Server Configurations per tenant?

Example:
https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-5/cortex-xsoar-admin/docker/docker-hardening-guide/run-docker-with-non-root-internal-users#idb5fe7d70-f021-4270-a328-7439d5574723

I set this on the main account and sync'd all accounts.

H

...