This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Resolved! ServerLogs integration does not work.

I have the integration enabled and configured using the requirements stated in the Marketplace, but when I try to load the dashboard it says I don't have the SSH integration enabled. But I do, and I have a local user and have tested it manually, so I don't think this is credential related. It just looks like the integration is not able to access...

Update an incident via API XSOAR

Hi, I need help about How get via API an incident update. I don't see this option (sorry), I can set a new incident but I don't update an incident. This way must be API, I use this route "/incident". Can you help me, plase? Regards

sanaya by L0 Member
  • 6584 Views
  • 4 replies
  • 1 Likes

Resolved! Update an incident via API in CORTEX XSOAR

Hi, I need help about How get via API update an incident. I don't see this option (sorry), I can set a new incident but I don't update an incident. This way must be API, I use this route "/incident". URL API: https://cortexip/incident Can you help me, plase? Regards Cortex XSOAR

sanaya by L0 Member
  • 4417 Views
  • 2 replies
  • 0 Likes

Resolved! Is partial import of data from a XSOAR instance to another XSOAR instance supported?

Helloa customer I work for is trying to perform a partial import of data from a XSOAR to another instance of the same with same version.They want a partial import beacause they have not so much resources on the second instance and they just need it to test some things. But the question is, is it supported?Should Palo Alto discourage this type of...

FindSimilarIncidents doesn't work

Hello all, We're trying to develop a playbook that first look at similar incident (FindSimilarIncidents) before proceeding but it isn't able to find any similar incident (even when we have duplicate of the current incident). For a bit of context this playbook is executed from the result of a Tenable scan when vulnerabilities are identified. For ...

AlexandreBorgo_0-1631284094703.png
AlexandreBorgo_2-1631284374214.png
AlexandreBorgo_1-1631284184311.png

Need help for Hybrid Analysis Automatisation

Hello We do use Hybrid Analysis to check URLs.Is anyone here, who can tell me how to read the results?For scanned URLs we get on Hybrid Analysis Website a "no specific result", "suspicious" or "malicious" as result.But I do not see those results in any Output of the automation. Only from third-Party scanners - but the result of Hybrid Analysis I...

[XSOAR] Issue downloading files

Hello! We want to create an automation which download a file from a given URL (which contains a file. pe: https://www.comunidad.madrid/sites/default/files/doc/sanidad/epid/informe_epidemiologico_semanal_covid_s32.pdf)The idea is to store the file in the XSOAR incident to analyze it with our tools.It is easy to do with Python in a local machine, ...

XSOAR - Send CSV

Hello, I am trying to send a csv in a post request using the "http request" built-in task, but the File parameter seems to be missing. What is the best way to send a csv file in an api post from XSOAR?

Enable Communication Tasks

Hello all I'm trying to activate the Communication Task. The Idea is, that User may answer without to have a xsoar account. So far, I found this Doc: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/engines/configure-engines/enable-access-to-communication-tasks-through-an-engine.html I've entered both settings into ...

Cut syslog messages, strugeling on commas between quotes

Hello Demisto get a syslog message from panorama from threat log.To clarify my problem, here a simplified syslog output, which Demisto gets in:1,2,3,"jon,doe",5,6,7 (Example: Mail Subject) My Problem lies on the syslog incoming Mapper, I would like to cut the syslog message into the right field, (here "Subject")So, I use as first transformer "Re...

User Count Breached

Hi , My license user's limit for XSOAR is 10. Although I have added 10 users only . It's giving me an error saying " New License required to add Additional users" and "User Count Breached".

SDash6 by L0 Member
  • 3430 Views
  • 3 replies
  • 0 Likes
  • 1300 Posts
  • 45 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks