Hello,
Is there any document or KB available ?? describing steps as to how to Integrate XSOAR with Any Vulnerability Scanners and start fetching information and reports from scanners to XSOAR ??
Thanks
Argha
Hi Everyone,
I have Cortex XSOAR with SplunkPY running and fetching incidents. I am using Splunk classifier and Splunk incoming mapper by default.
Drill down is being enriched successfully and i can see it parsed at both classifier & mapper stages -
...
Hello All,
I have a python script using demisto-py that creates tickets based on an input Word document.
However, specifying the playbook isn't working.
When I call demisto_client.demisto_api.CreateIncidentRequest() with the "playbookid" field is p
...while running a project from visual studio, the cortex app blocking the executable saying it is malicious activity. I have attached a screenshot of the issue. Please solve the issue ASAP.
I have deployed a number of other roles using SAML successfully. Now when it comes to assigning the Read-only role this has become a challenge. Unlike the other previously configured roles that also included not only the SAML mapping but also the Shi
...
Hello
I'll try to get a API request from our Panoramas.
The curl request looks like;
curl -X GET "https://<panorama>/api/?key=<api-key>&type=op&<show><devices><all></all></devices></show>"So, I tried with the Integration "Palo Alto Networks PAN-OS"
There
...
I am attempting to close a single incident via the XSOAR API and the Batch Close Incidents endpoint (POST /incident/batchClose). The information about my request and the response are posted below. The status of the incident was new before I sent the
...
Hello Everyone,
If any integration(RSA Netwitness or Syslog) in XSOAR is failed and got some error then can I send mail to any team member as integration got some error. I have already configured System diagnostic but it cannot work.
I need any altern
...
Hello
When I request a Wildfire request then I do not get a lot of Information in the "Output" to work with other tasks.
To get more infos, I do in the Demisto CLI this:
!wildfire-report format=xml hash=<sha256-Hash> verbose=true raw-response="true" e
...
The integration created does pull the tickets .However i couldn't see rawjson field getting updated though using the below line.I couldn't do field mapping as i can't see the data on choosing instance under classification and mapping
rawJSON : JSON.s
...
Looking for some help on create an API integration for creating incidents and mapping those fields to normalized fields.
I can create an incident just fine, I can assign the incident type, the issue I'm running into is the field normalization. IE let
...
Hi !
My xSoar System Diagnostic shows an alert for 3 incidents with exceptionally big context (>1 000 KB).
That being said, when I press the "View in incidents" button, the query returns no results ...
How can I find the 3 incidents to remediate the
...
I am having difficulty connecting my integration to microsoft defender with the grant type as client credentials. if anyone is familiar with making calls to api's and receiving tokens, I would definitely need your assistance.
I have the integration enabled and configured using the requirements stated in the Marketplace, but when I try to load the dashboard it says I don't have the SSH integration enabled. But I do, and I have a local user and have tested it manually, so I
...
Hi,
I need help about How get via API an incident update. I don't see this option (sorry), I can set a new incident but I don't update an incident. This way must be API, I use this route "/incident".
Can you help me, plase?
Regards
