- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
I would like to ask for help on how to be able to implement within XSOAR the ability to determine which playbooks and automation can be executed or viewed by the user via the command line (by typing !) while still having the ability for the same user to be able to execute commands within an incident layout when an automation is associated with the change of value of a given field. For example, the user cannot execute the command !setIncident from command line but if it is executed within a playbook or an automation associated with a field within the layout of an incident instead yes, without receiving the error message if only a certain role is associated with the automation.
thank you very much
This is possible by setting the corresponding permissions in Settings > Users and Roles > Roles and by removing the 'Execute potential harmful actions' and 'Run scripts' options. Also the option to 'Create scripts that will run as superuser'.
Here is our official documentation in case you have more questions: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.12/Cortex-XSOAR-Administrator-Guide/Users-...
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!