10-23-2024 06:09 PM
Hi All,
My XSOAR instance is a cloud hosted environment running on the latest version 8 build.
I have a playbook that sends a notification email to a user in response to a change in their account settings to confirm if recognized. The user is requested to respond via the webform link that the data collection task generates in the email that gets sent. The webform expires after an hour if the user fails to respond.
If a user does not respond within the hour, the playbook flow stops there and updates the XSOAR case with a custom message I defined. This has always been the case for the past few months since this playbook was created.
However, since the beginning of this week (21-Oct-2024), XSOAR keeps creating cases on the same detection until a user responds to the email. This has resulted in hundreds of notification emails being sent to each user.
I have created a TAC case for investigation and have had to stop the auto-run of the playbook to stop the email spam until this gets resolved.
Has anyone else in the community come across the same issue in their environment recently ?
