Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

update data to rawjson key fails

The integration created does pull the tickets .However i couldn't see rawjson field getting updated though using the below line.I couldn't do field mapping as i can't see the data on choosing instance under classification and mapping

 

rawJSON : JSON.s

...

rr449 by L0 Member
  • 1997 Views
  • 1 replies
  • 0 Likes

XSoar API Create Incident Mapping

Looking for some help on create an API integration for creating incidents and mapping those fields to normalized fields.

 

I can create an incident just fine, I can assign the incident type, the issue I'm running into is the field normalization. IE let

...

Resolved! ServerLogs integration does not work.

I have the integration enabled and configured using the requirements stated in the Marketplace, but when I try to load the dashboard it says I don't have the SSH integration enabled. But I do, and I have a local user and have tested it manually, so I

...

Update an incident via API XSOAR

Hi,

 

I need help about How get via API an incident update. I don't see this option (sorry), I can set a new incident but I don't update an incident. This way must be API, I use this route "/incident".

 

Can you help me, plase?

 

 

Regards

sanaya by L0 Member
  • 5834 Views
  • 4 replies
  • 1 Likes

Resolved! Update an incident via API in CORTEX XSOAR

Hi,

 

I need help about How get via API update an incident. I don't see this option (sorry), I can set a new incident but I don't update an incident. This way must be API, I use this route "/incident".

 

URL API: https://cortexip/incident

 

Can you h

...

sanaya by L0 Member
  • 4025 Views
  • 2 replies
  • 0 Likes

FindSimilarIncidents doesn't work

Hello all,

 

We're trying to develop a playbook that first look at similar incident (FindSimilarIncidents) before proceeding but it isn't able to find any similar incident (even when we have duplicate of the current incident).

 

For a bit of context this

...

AlexandreBorgo_0-1631284094703.png
AlexandreBorgo_2-1631284374214.png
AlexandreBorgo_1-1631284184311.png

[XSOAR] Issue downloading files

Hello!

 

We want to create an automation which download a file from a given URL (which contains a file. pe: https://www.comunidad.madrid/sites/default/files/doc/sanidad/epid/informe_epidemiologico_semanal_covid_s32.pdf)

The idea is to store the file in

...

XSOAR - Send CSV

Hello,

 

I am trying to send a csv in a post request using the "http request" built-in task, but the File parameter seems to be missing. What is the best way to send a csv file in an api post from XSOAR?

Enable Communication Tasks

Hello all

 

I'm trying to activate the Communication Task.

The Idea is, that User may answer without to have a xsoar account.

So far, I found this Doc:

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/engines/configure-eng

...

  • 1257 Posts
  • 43 Subscriptions
Top Solution Authors
Top Liked Authors