Cortex XSOAR Discussions

How to Export JSON of a Specific QRadar Offense for XSOAR Use

Hi everyone,

I’m working on a QRadar integration (v2.5.7) in Cortex XSOAR (v6.12) and need to generate a JSON file for a specific offense to use in several scenarios, such as configuring an incident classifier. For example, in the classifier edit

Cortex XSOAR community edition for a university student

Hello All,

As the title implies, I would like to get the community edition free trial for a project. Would it be possible to get community access for 30 days as a university student?

Any help would be appreciated. 

Problem integrating EWS O365 application into XSOAR

Does anyone have knowledge of how to integrate the EWS O365 application, in its latest version and considering that O365 no longer supports Impersonation rights. Specifically, what permissions or roles were granted in Entra ID on the business applica

Update Classifier from API

Hi,
we have an issue regarding classifiers, and we would like to ask if it is possible to interact with them using an automation or from the API.

Specifically, I am interested in understanding:
- Whether XSOAR provides built-in capabilities or tools fo

Prod to dev

I want to change my production environment XSOAR to DEV environment, and after that i will create new production environment.

I want to know how to move the production to dev including changing the IP  

Cortex XSOAR report blank page

Hey, we conducted a final test of the phishing playbook, and everything appeared to be functioning properly. Once the playbook completes, it is supposed to generate a report as usual. However, the report is being generated as a blank page, which wasn

Issue with Nutanix VM Creation for XSOAR v8.7 - "Boot Device Not Found"

Hello XSOAR Community,

I’m encountering an issue when deploying Cortex XSOAR v8.7 on a Nutanix environment. Every time I create a VM using the provided OVA file, the VM fails to boot and displays the error:

“Boot device not found. Please install an o

SQL results into layout

Hi ,

I’m running a playbook that generates multiple SQL results. What are the best practices for displaying these effectively in the incident layout? Should I use Markdown, custom sections, or widgets? Any tips for handling this?

Thanks!

XSOAR Feature Request

Hello all xsoar enthusiasts,

There is a FR that helps us to make xsoar a better place for MS Defender integration. Please upvote this FR here: Add Microsoft Sentinel | Cortex XSOAR Customer Feature Request

FR Description:
Palo Alto offers a range of

ServiceNow Developer looking for ideas

Hello all,

     I am a ServiceNow developer that is assisting a user that is using the XSOAR integration.  The user is using the XSOAR application to run queries on my SN instance, but is not getting any results.  I have checked his API account and

Child Incident Evidence In Parent

Hello!

I need to mark some child incident entries as notes and evidence in the parent incident.

I have found ways in which you can pass the entries to the parent and then mark them as note/evidence in the parent. However, I would like to have an auto

Build transformer with execute.command()

Hello,

I'm trying to build a transformer that given a IP gives back the reverse dns. However, it seems that using commands in transformers is not allowed. Am I wrong?

How to Automatically Send an Email When an Incident is Created in XSOAR?

Hello,

I want to automatically send an email whenever an incident is created in XSOAR. I’ve created a playbook and written a simple script that sends an email for a specific incident when executed within the playbook.

However, I’d like to automate th