Is the delete context feature added for 6.2 or just for the debugger? And will that affect if we have delete context tasks currently in our playbooks?
Let’s say my parent playbook is very big and I just want to test the subplaybook by itself. If the subplaybook has input, how can we pass it test data for the debugger?
Does the Content Type of the list affect how it is read in by an automation or playbook, or is that only for editor syntax highlighting? Previously, would input json into a list, but since it is read in as text, we would have to handle the data with a text to json transformer. Does this still work the same?
What are the limits for lists, number of lists and size of lists?
I'd like to take the generic polling concept and make it a little more specific, but I'm coming up short. I'm doing a QRadar search (although I suspect Splunk or anything else would be very similar.) The QRadarFullSearch playbook will poll and wait for the search to finish, and that has worked great so far for what it is. But the search can f...
Hi,I am getting following error while trying to login to XSOAR through SSO. I have setup the SAML app on XSOAR with all the attributes provided by AD team. AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: 'https://sts.windows.net/f35a6974-607f-47d4-82d7-ff31d7dc53a5/'. Can someone ...
Hi All, We wanna send an email notification, and that email content will be incident details and results of the analyst's analysis.I checked marketplace and GitHub demisto repo but I didn't find development as I mentioned. Our html email body schema is ready for use but I guess we have to develop our own script with the api and email applicatio...
I'm working on a failsafe automation to shut down an integration if it fetches more than a certain threshold of events in a time period. Is it possible to disable an integration, or turn off the "fetches incidents" parameter, with a command? Or through the API?
Trying to learn how to use this thing. I've got a very simple playbook set up that uses the Slack integration to send a simple yes/no prompt to a user. Within the Playground, I'm able to successfully send simple messages via slack, so the connection appears to be good, but every time I run the playbook I just get 'Incident playbook task "Ask u...
I am new to XSOAR and I am trying to create table show incident close reason group by incident type looks like below Ture positiveFalse positiveDuplicateincident type 11211incident type 22433incident type 341622I cant find any widget can do this so I try to look into the automation script but I have no idea how it going to work. If anyone can g...
Hi, I want to add Demsito to our soc and integrate it with Qradar. i saw that Demisto supports this integration, but i didn't find documentation on such operatation. Thanks!!
How is everyone else doing secrets?It seems odd to me that everything that might use an API key needs to be an integration instead of an automation.You can't seem to easily hide plain-text apikeys from an automation at all. For example:I have a Contact List for emergencies:I have an API key, that I use to query the owner of certain cloud instanc...
Hello We use Demisto Version 6.2.0, Build 1271082 If I configure a Cherwell Instance to fetch incident but It fails with the following Error:Spoiler (Highlight to read)Error OccurredFailed to get samples from instanceError detailsScript failed to run: Error: [Traceback (most recent call last): File "<string>", line 1017, in <mod...
| Subject | Likes |
|---|---|
| 1 Like | |
| 1 Like | |
| 1 Like | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
