Integration Discussions

Does anyone have information on how to integrate Hillston brand Firewalls into XSIAMAmazon

Hello community, Does anyone here have information on how to integrate Hillston brand Firewalls into XSIAM? I have searched but can't find anything concrete. I would greatly appreciate it if you could enlighten me with ideas.

Create custom widget to display data from JamfPro

Hi Everyone,GreetingsI'm wondering if it's possible to fetch data from JamfPro MDM solution for example user_name, ip address and mac details and add it as a custom widget to the cortex dashboard. If this is possible kindly guide me on how to achieve this.#cortexXDR

Implementing checkov for shared modules

Hello Everyone, I am trying to implement Checkov in one of the portal repositories to validate policies and other configurations. However, I am facing an issue with downloading shared Terraform modules present in the One of the project. Somehow, Checkov is unable to download these modules and is giving the following warnings: 2025-07-01 10:09:12...

Microsoft Sentinel Incident custom details fetch in XSOAR

Hi everyone,I've configured the Microsoft Sentinel integration instance in XSOAR, and it's successfully fetching incidents along with associated entities. However, I'm unable to retrieve the custom details (also known as additionalData or customDetails in Sentinel) from those incidents.These fields are critical for our triage and enrichment work...

Automating security rules clean up

Hello everyone, We are wondering if anyone have experience in listing out all security rules in Palo Alto Firewall and get the 'last used' field from the rules using any API.We are looking into reviewing all our rules and perform clean up to unused rules. Appreciate if anyone can share some experience in handling such task. We tried to use the A...

Modifying Checkpoint FW Access Rule from Cortex XSOAR

Spoiler (Highlight to read)We have the Checkpoint integration v2 on Cortex XSOAR and I tested 'checkpoint-access-rule-update' but we are not able to modify the intended access rule. The access rule is not a main rule but a sub-rule. for example, the rule number that we want to enable/disable is 3.6. It look like the command 'checkpoint-access-ru...

Powershell to run CLI Command

Hi All!I am putting together a PowerShell script to see what IPs are listed in the DoS Block Table. The command (debug dataplane show dos block-table) keeps timing out with the error"Error executing command 'show config running'. Error: Exception calling "EndExecute" with "1" argument(s): "Command 'show config running' has timed out." Below is t...

Service Principal issues on Panorama Plugin for Azure

While setting up the Service Principal on Panorama Plugin for Azure, even though the IAM role of reader seems to be properly defined in Azure we get this error message during the validation phase:ERROR: Validation of #######-####-####-############ failed with msg Failed to validate credentials with error - Failed to validated Azure Monitoring pe...

Aruba ClearPass integration dynamic group issue

Aruba ClearPass version 6.12 integration with palo alto using API, ClearPass match roles and use the enforcement policy to send roles to palo Alto . Palo Alto has dynamic group matched with the same role name received from Aruba ClearPass. the issue that after random time the IP removed from dynamic group the reenter again and this action repeated.

Cortex XSOAR integration vs XSIAM integrations

Can existing supported Cortex Enrichment integrations work in XSIAM or does there need to be a completely new integration built to support XSIAM. If you're able to carry the integration from XSOAR to XSIAM is there documentation available for that move?

QoS Monitoring for PRTG network monitor

Open this post to follow up QoS Monitoring for PRTG network monitor Anyone still using?Purpose for this discussion is to explore any possibilities to use LibreNMS/PRTG to monitor & stored the QoS statistics belowModel : PA3410 PAN-OS : 11.0.2-h3

Checkpoint XDR syslog integration

Dear all,we have checkpoint infinity xd solution and we need to integrate it with palo alto ngfw (820 model)checkpoint side give us the guidline and also we made online meeting to check configurations. there are:1. valid checkpoint certificates2. public ip of syslog server3. we create the policy to permit all traffic to that public ip4. we tag t...

ZScaler Integration Error

Hello,I have installed the ZScaler Internet Access integration version: 1.3.16Whenever I try to update it to the version 1.3.24, the command !zscaler-activate-changes returns the error: Failed to execute zscaler-activate-changes command. Error: 'dict' object has no attribute 'json'I believe that it might be an overlook in the integration. Who ca...

Cortex Xsoar Elasticsearch Integration - Configuring several Elastic nodes

HelloWe are in the process of implementing the Elasticsearch integration in Cortex XSoar. However, we are wondering what best practices are when you have several Elastic nodes but the integration only allows entering one node address to connect to.I.e., we have elasticsearch.[1:5].domain.com for redundancy but the integration only allows enterin...

Cortex XDR integration with Qradar

I would like to know the log forwarder IP details for integrating the Cortex XDR to Qradar.We are looking for the US Region IP

Discussions