ElasticSearch integration es-eql

Can someone, anyone, post a properly formatted (working) !es-eql-query command run in XSOAR.  I am apparently too dumb to get it working.  For context, here's the ES|QL query I'm trying to make work.

FROM logs-* | WHERE winlog.event_data.LogonProcessN

Increasing docker image pull timeout

Hey everyone,

I am looking for a way to increase the docker image pull timeout from its 5 minutes default.

The error occurs due to a combination of very slow network connection (a traffic shaping option which I cannot change) and big images (e.g. dem

How do I find the *meaning* of fields listed for APIs?

I see the API documentation (e.g., https://cortex-panw.stoplight.io/docs/cortex-xsoar-8/qqt4382rrk8vo-create-an-incident-from-json), but it seems that in many cases the actual meaning and usage are not defined for some of the input fields.  Because o

Layout Section in Email

How to include sections from a layout in email body which is send by send-mail command? For example, Indicators section? Cortex XSOAR 

Urgent !! Cortex XSOAR User Licence Support

Would you please assists on picking a user for cortex xsoar, we have been bought a 1 year license for cortex xsoar starter (1 in quantity with support 2 users) and full user (4 in quantity) which is total of 6 users. However, currently we are plannin

Reminder Follow-Up Mail Playbook

I need to create a simple JOB in Demisto that does the following:

Sends an email to the user - with the text "Reminder to perform action XXX"
Give the user half an hour to reply by email (the user can reply with any text they want),
Wait half an hour
If

Help with retrieving list of XSOAR items

Hi all, 

I am looking to build an inventory list of everything we have within XSOAR, such as:
All playbooks, dashboards, integrations regardless of whether or not we use them.

Extra points if we also know the author of each item, and / or the last per

Getting Vulnerability Findings from Tenable SC for a Specific Host

Hello LiveComm,

I have a use-case that requires the extraction of vulnerabilities found on a specific host on Tenable SC (not tenable.io !). I have tried a combination of commands but I have not been able to to do this. When accessing the tenant GUI

How to join slack {{#demisto-developers }} channel

Hi,

I registered my account and received an email with following content:

Join the Slack workspace Cortex XSOAR DFIR Community now to start collaborating! by clicking here or the button below.

However, the link seems expired and I got following

Demisto-sdk upload doesn't allow override

Hi Community!

I have a question since i can't find answer anywhere.

I wonder how the demisto-sdk community update the content pack when there is a code change, in my experience. i need to upload the same pack sometimes because I changed one script

Does XSOAR support multithreading/multiprocessing?

I’m currently working with Cortex XSOAR and need some guidance on optimizing the execution of a large number of tasks. Specifically, I have a scenario where I need to close out 50+ child tickets that are linked to a parent ticket. These tasks are cur

Query on V8

Hi Team,

A standard customer has some query on (cluster V8 on-prem) structure. Please find it below:

1. If we don't setup VIP in cluster configuration, we could access the Web GUI by access to any IP of the nodes ? If the node is down, is it need t

Skip Docker Validation

Hello,

What is the meaning of this Screenshot, and how we can fix it:

Need to know the fixed latest docker image version of CVE-2023-52426

Hi Team,

The Prisma cloud scans the CVE-2023-52426 in the docker image demisto/pandas:1.0.0.86039 and the package version is 2.5.0-r2 and is fixed in 2.6.0-r0.

The customer wants to know in what version of the docker images, the CVE is resolved. So w