Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Resolved! Get Data Collection Survey Link

Hello community, I'm currently working on a playbook in which I want to collect data from end users via a survey.The troublesome part is that this has to happen via a ServiceNow ticket. When creating the ticket in ServiceNow I want to include the survey-URL in the ticket notes.Now, there isn't a URL created/saved in the context data. My current...

Cannot edit indicator in multi tenant account

I need to set in an indicator configuration to avoid the use of some instances for enrichment, but I'm not able to edit the indicator in an account of the multi-tenant deployment, (IP), In the master account I'm able to edit without problems, I tried changing some propagation labels and syncing the accounts with no successm what else can I do? I...

Captura de Pantalla 2021-12-29 a la(s) 14.39.24.png
Captura de Pantalla 2021-12-29 a la(s) 14.38.56.png
Captura de Pantalla 2021-12-29 a la(s) 14.37.04.png

Create custom canvas

Hi guys, i need to create a relationship/attack map for our analysts, im wondering if i can somehow use the canvas to make such diagram/map.. there is anyway we can use the canvas library or something similar already existing on xsoar instead of creating all from scratch ? thanks

Demon by L0 Member
  • 2398 Views
  • 1 replies
  • 0 Likes

Problem with file uploading

I'm getting an error while trying to upload a 2.2MB plain-text file, the webgui only shows this message: Failed to upload file to war room. Error: K(...) is null What's the file size limit for uploads? Thanks

XSOAR Community Edition -> Cortex Data Lake integration

I'm trying to get Cortex Data Lake integrated with our Cortex XSOAR Community Edition instance, and getting nowhere very quickly. Reviewing the documentation: https://xsoar.pan.dev/docs/reference/integrations/cortex-data-lake I am completely lost finding the Token, ID, and Key values to tie it to our Cortex Data Lake instance. The documentation...

Netwerx by L1 Bithead
  • 5120 Views
  • 5 replies
  • 0 Likes

Resolved! Closing QRadar Alert from XSOAR

Hi Guys, Facing bit of a hiccup on playbook creation for Qradar. After the XSOAR incident closure I need to close the same alert related to that incident on Qradar too. However I cant find any function to do that in the documentation, I would really appreciate if someone can shed some light on it.

Question from "A developer's guide to XSOAR 6.2" webinar: Does the Content Type of the list affect how it is read?

Does the Content Type of the list affect how it is read in by an automation or playbook, or is that only for editor syntax highlighting? Previously, would input json into a list, but since it is read in as text, we would have to handle the data with a text to json transformer. Does this still work the same?

Resolved! Polling job for search results, not just search completion

I'd like to take the generic polling concept and make it a little more specific, but I'm coming up short. I'm doing a QRadar search (although I suspect Splunk or anything else would be very similar.) The QRadarFullSearch playbook will poll and wait for the search to finish, and that has worked great so far for what it is. But the search can f...

SAML configuration error with Azure AD

Hi,I am getting following error while trying to login to XSOAR through SSO. I have setup the SAML app on XSOAR with all the attributes provided by AD team. AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: 'https://sts.windows.net/f35a6974-607f-47d4-82d7-ff31d7dc53a5/'. Can someone ...

  • 1305 Posts
  • 45 Subscriptions