XSOAR CMDB - SQL issue

Hi everyone,

I'm trying to use Cortex XDR and Cortex XSOAR to build a basic CMDB
In my XSOAR playbook, I run an XDR XQL query, then try to insert the results into an SQL database using the sql-command automation.

The command looks like this:

INSERT INTO

Not able to link more than 50 incident into first incident

Hi Team,

I want the know in one incident how many incident we can link using pre-processing rule. Is there is any limitation kindly let us know.

Currently i am not able to link more than 50 incident into one incident.

Cortex XSOAR 

Question about the execution of the Set Assignee Task

In my playbook, I have a task that runs the Set Assignee Task script, sending an email as a parameter. During the flow execution, this task remains in the waiting status, displaying the message: waiting for user input to continue this task. I would l

Problem with Cisco WSA Proxy integration

Hello Team,

I have a problem with Cisco WSA Proxy integration.

I'm trying to connect XSOAR with Cisco WSA Proxy through Cisco WSA v2 integration. The user for this API has full administrator rights, authentication is successful, and I get a respon

Adding a Timestamp/Date to Custom Report Subject

Hola Livecomm,

I have a very trivial question; I want to define a custom subject for my reports to include the date or timestamp of when it runs. I have researched this extensively and have found the Server Configuration Key for this but it does not

Where is the XSAOR 8 CLI Reference?

In the XSOAR 8.x documentation there are examples of CLI commands, including Integration commands, system commands, and information about how to escape specific characters.

However, try as I might, I can't seem to find an authoritative XSOAR CLI refer

Customfield in JIRA

Hi,
I have integrated JIRA with XSOAR.
I have created a custom field in JIRA which has a dropdown list with options. I want the value to be populated in JIRA by XSOAR.
I am using jira edit issue automation where I am providing {"fields":{"customfield_xy

Pre Processing Rules Logs

Dear Experts,

I have configured Cortex XSOAR to ingest cases/alerts, but for certain conditions, I want to prevent these from becoming incidents or triggering playbooks. I’ve created a script to drop alerts that meet specific criteria. However, I nee

Unclassified incident management: incidents remain in active status

Hi all,

in XSOAR 6.8 I created a custom incident type to automatically handle the closure of unclassified incidents. In 'Incidents Classification Editor' I set this type to 'Direct unclassified events to:'. The type is correctly associated with the

How to Get all Recipients of an email message with EWS O365 Integration Query

Hello,

I am integrating XSOAR with EWS O365, and I am building a phishing PB, that starts with query based on subject of an email, in order to get the item-id of that email message and also the recipients of that email to take action on each of them.

Mass Closure of XSIAM Incidents

Hello team!
I would like to know if there is an option for mass closure of incidents in XSIAM.
I have the following scenario of 2000 open incidents and I would like to perform mass closure of these open cases. Is there any way to do this?