Secrets

How is everyone else doing secrets?

It seems odd to me that everything that might use an API key needs to be an integration instead of an automation.
You can't seem to easily hide plain-text apikeys from an automation at all.

For example:

I have a Conta

Cherwell Fetch Incident fails

Hello

We use Demisto Version 6.2.0, Build 1271082

If I configure a Cherwell Instance to fetch incident but It fails with the following Error:

Get Qualys credentials in python script

Hi -

The built in Qualys commands from an instance don't quite do what I want to do so I have a python script that uses the api to grab the last report from a map scan, filter it for systems that have specific ports open, and then upload the ip addres

Cortex XSOAR Context Issue

Hi Everyone, 

I have Cortex XSOAR with SplunkPY running and fetching incidents. I am using Splunk classifier and Splunk incoming mapper by default. 

Drill down is being enriched successfully and i can see it parsed at both classifier & mapper stages -

demisto-py - Specify Playbook

Hello All,

I have a python script using demisto-py that creates tickets based on an input Word document.

However, specifying the playbook isn't working.  

When I call demisto_client.demisto_api.CreateIncidentRequest() with the "playbookid" field is p

visual studio cortex app blocking

while running a project from visual studio, the cortex app blocking the executable saying it is malicious activity. I have attached a screenshot of the issue. Please solve the issue ASAP.

Read-Only role assignment issue

I have deployed a number of other roles using SAML successfully. Now when it comes to assigning the Read-only role this has become a challenge. Unlike the other previously configured roles that also included not only the SAML mapping but also the Shi

Integration "Palo Alto Networks PAN-OS" Question

Hello
I'll try to get a API request from our Panoramas.

The curl request looks like;

So, I tried with the Integration "Palo Alto Networks PAN-OS"

There

Does XSOAR API Batch Close Incidents Endpoint Work?

I am attempting to close a single incident via the XSOAR API and the Batch Close Incidents endpoint (POST /incident/batchClose). The information about my request and the response are posted below. The status of the incident was new before I sent the

Send Email with Integration Got any error

Hello Everyone,

If any integration(RSA Netwitness or Syslog) in XSOAR is failed and got some error then can I send mail to any team member as integration got some error. I have already configured System diagnostic but it cannot work.

I need any altern

Wildfire Report "Results" into "Outputs"

Hello

When I request a Wildfire request then I do not get a lot of Information in the "Output" to work with other tasks.

To get more infos, I do in the Demisto CLI this:

!wildfire-report format=xml hash=<sha256-Hash> verbose=true raw-response="true" e

update data to rawjson key fails

The integration created does pull the tickets .However i couldn't see rawjson field getting updated though using the below line.I couldn't do field mapping as i can't see the data on choosing instance under classification and mapping

rawJSON : JSON.s

XSoar API Create Incident Mapping

Looking for some help on create an API integration for creating incidents and mapping those fields to normalized fields.

I can create an incident just fine, I can assign the incident type, the issue I'm running into is the field normalization. IE let