Cortex XSOAR: Tenable.sc Service: How to add a schedule

Hello all

We are using Cortex XSOAR Version Version 6.0.0; Build 79522 and having problems to generate a valid schedule for a Tenable.SC, Command "tenable-sc-create-scan"

If I enter one of the pre-defined options, like "Ical" I do get error back:

Erro

Pre-process rule doesn't work

Hello all,

We want to create a pre-process rule to drop all Phishing incident without [Phish Alert] inside the email subject.

We're creating the following rule

Incident classification considering multiple fields

Avoid empty returns

Hello All

In my Playbook I run into an issue with empty returns.

My Playbook requests Cherwell with several hosts in an array: ["server-A","server-B"]

In Cherwell, "server-B" does not exist, so I do see that in the "Result Tab" of the Task, but the Out

Xsoar: Retrieve file which has been quarantined by Cortex XDR

Hello Guys,

I'm trying to retrieve a file that has been quarantined by Cortex XDR using an XSOAR playbook. I trace the Action ID in XDR but I always find it failing. However, it's always working for non-quarantined files. 

I need to retrieve the file

Does XSOAR support IPv6 ?

Hi all,

I'm searching in the documentation if xsoar is supporting IPv6 or only 4. But I cannot find info. Can you help?

War room: View full content in a new tab. Output in column instead of row

Hello

If we press in the war room output to " View full content in a new tab" then the output is a table - and everything in one row.

Is it possible to get the output in columns?

Even csv is all in one row...

so, instead first row with description, pu

Cortex XQL searches in XSOAR - how to?

Hi, I am trying to integrate more and more XSOAR into my environment.

I would like to be able to do XQL searches on xdr dataset, but I can't find a way to do that.

I have Cortex Data Lake integration, but is seems to cover only logs from firewalls.

Thx

Cortex XDR Halt Playbooks?

So we're utilizing XDR Prevent (not Pro) here. Appears to be all the preparation on PAN's site is carefully equipped towards the Proform, and Github hasn't been exceptionally productive.

I'm contemplating whether anybody has any playbooks or work pro

Timeframe for Script in a widget

How can I get the Timeframe inside a Dashboard into an python script so that I can use it to query splunk for the same timeframe 

I haven't been able to find anything related to this in the documentation. 

Thanks, 

Juan

SplunkPy | Integration test throws error

While testing SplunkPy integration, I am getting the following error.

Error from SplunkPy is : Script failed to run:

Error: Error [[Traceback (most recent call last):

    File "<string>", line 1, in <module>

  ImportError: No module named splunklib.