This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! Closing QRadar Alert from XSOAR

Hi Guys, Facing bit of a hiccup on playbook creation for Qradar. After the XSOAR incident closure I need to close the same alert related to that incident on Qradar too. However I cant find any function to do that in the documentation, I would really appreciate if someone can shed some light on it.

Question from "A developer's guide to XSOAR 6.2" webinar: Does the Content Type of the list affect how it is read?

Does the Content Type of the list affect how it is read in by an automation or playbook, or is that only for editor syntax highlighting? Previously, would input json into a list, but since it is read in as text, we would have to handle the data with a text to json transformer. Does this still work the same?

Resolved! Polling job for search results, not just search completion

I'd like to take the generic polling concept and make it a little more specific, but I'm coming up short. I'm doing a QRadar search (although I suspect Splunk or anything else would be very similar.) The QRadarFullSearch playbook will poll and wait for the search to finish, and that has worked great so far for what it is. But the search can f...

SAML configuration error with Azure AD

Hi,I am getting following error while trying to login to XSOAR through SSO. I have setup the SAML app on XSOAR with all the attributes provided by AD team. AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: 'https://sts.windows.net/f35a6974-607f-47d4-82d7-ff31d7dc53a5/'. Can someone ...

Send Email to Spesific Mailbox with Incident Details and Analyst Comments

Hi All, We wanna send an email notification, and that email content will be incident details and results of the analyst's analysis.I checked marketplace and GitHub demisto repo but I didn't find development as I mentioned. Our html email body schema is ready for use but I guess we have to develop our own script with the api and email applicatio...

Stopped on waiting

Trying to learn how to use this thing. I've got a very simple playbook set up that uses the Slack integration to send a simple yes/no prompt to a user. Within the Playground, I'm able to successfully send simple messages via slack, so the connection appears to be good, but every time I run the playbook I just get 'Incident playbook task "Ask u...

Resolved! create table show incident close reason group by incident type

I am new to XSOAR and I am trying to create table show incident close reason group by incident type looks like below Ture positiveFalse positiveDuplicateincident type 11211incident type 22433incident type 341622I cant find any widget can do this so I try to look into the automation script but I have no idea how it going to work. If anyone can g...

  • 1300 Posts
  • 45 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks