Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

XSOAR - Send CSV

Hello, I am trying to send a csv in a post request using the "http request" built-in task, but the File parameter seems to be missing. What is the best way to send a csv file in an api post from XSOAR?

Enable Communication Tasks

Hello all I'm trying to activate the Communication Task. The Idea is, that User may answer without to have a xsoar account. So far, I found this Doc: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/engines/configure-engines/enable-access-to-communication-tasks-through-an-engine.html I've entered both settings into ...

Cut syslog messages, strugeling on commas between quotes

Hello Demisto get a syslog message from panorama from threat log.To clarify my problem, here a simplified syslog output, which Demisto gets in:1,2,3,"jon,doe",5,6,7 (Example: Mail Subject) My Problem lies on the syslog incoming Mapper, I would like to cut the syslog message into the right field, (here "Subject")So, I use as first transformer "Re...

User Count Breached

Hi , My license user's limit for XSOAR is 10. Although I have added 10 users only . It's giving me an error saying " New License required to add Additional users" and "User Count Breached".

SDash6 by L0 Member
  • 3479 Views
  • 3 replies
  • 0 Likes

Cortex XSOAR Mail_Listener not fetching emails

I'm having a problem with the Mail_Listener instance, it shows an error on fetch-incidents function : 2021-08-04 10:37:56.8945 error Failed to run script: Mail Listener v2_fetch-incidents with image: demisto/imap:1.0.0.19866 [error ' Error: [Traceback (most recent call last): File "<string>", line 441, in <module> File "&lt...

Cortex XSOAR - TAXII Server

Greetings,I'm currently evaluating Cortex xSOAR and one of my requirement is to enable TAXII Server feature.I can't find documentation about this feature so I am just testing every fields. Some questions I need help:What Taxii version is this support?How to access the taxii service? I defined the listening port as 8080, so the URL should be like...

postman-cortex-taxii.PNG
cortex-taxii-server-settings1.PNG
cortex-taxii-server-settings2.PNG
OCabrera by L0 Member
  • 3636 Views
  • 1 replies
  • 0 Likes

Resolved! Help with AD computers extract and group validation

Hi ! I am trying to use XSoar to extract all computers from a specific "OU" in my AD and validate if those computers are members of a group and if they are not, add the missing computers to the said group. Servers OS needs to be excluded from this extract since I do not want servers to be added to the AD group. The "ad-get-computer" from the Tas...

Resolved! return results from python request(s) output

I have a custom integration where I am trying to map results (in strings) that are emailsinto output to use for the next defined task or playbook.I figured, IF the output looked like output = 'email1\nemail2\nemail3' that I could do a return_results(output)and then in the Script settings, map the 'outputs' section under Arguments to "context pat...

MrDuck by L1 Bithead
  • 6989 Views
  • 1 replies
  • 0 Likes

Confluence Service username ascii-problems

Hello I've tried to add our Confluence Server into XSOAR (Version 6.2.0, Build 1271082), but I'm failing in the Test-Function.I've used as example username "1" and also Password as "1". This is the result: 'ascii' codec can't encode character u'\u20<XX_REPLACED>3' in position 60: ordinal not in range(<XX_REPLACED>28) (85) And Debug M...

Resolved! TLS Error XSOAR gui

Hi All, Bit of an odd one this, for seemingly no reason my browser started the tls client hello with tls v1 instead of v1.2 this meant that although xosar was up and running I was unable to get to the login page as xsoar was resetting the connection, regardless of what I tried I could not fix or even pin down the issue to a root cause.fast forw...

EWSv2 mark item as junk issue

Hi Guys Did anyone of you manage to mark emails as junk using !ews-mark-item-as-junk?I can get the item from the mailbox using the id and even mark it read / unread. But if I try to mark it as junk I get following error: Failed mark-item-as-junk with error: The specified object was not found in the store., The store ID provided isn't an ID of an...

  • 1305 Posts
  • 45 Subscriptions