Hi Everyone,GreetingsI'm wondering if it's possible to fetch data from JamfPro MDM solution for example user_name, ip address and mac details and add it as a custom widget to the cortex dashboard. If this is possible kindly guide me on how to achieve this.#cortexXDR
Hello Everyone, I am trying to implement Checkov in one of the portal repositories to validate policies and other configurations. However, I am facing an issue with downloading shared Terraform modules present in the One of the project. Somehow, Checkov is unable to download these modules and is giving the following warnings: 2025-07-01 10:09:12...
Hi everyone,I've configured the Microsoft Sentinel integration instance in XSOAR, and it's successfully fetching incidents along with associated entities. However, I'm unable to retrieve the custom details (also known as additionalData or customDetails in Sentinel) from those incidents.These fields are critical for our triage and enrichment work...
Hello everyone, We are wondering if anyone have experience in listing out all security rules in Palo Alto Firewall and get the 'last used' field from the rules using any API.We are looking into reviewing all our rules and perform clean up to unused rules. Appreciate if anyone can share some experience in handling such task. We tried to use the A...
Spoiler (Highlight to read)We have the Checkpoint integration v2 on Cortex XSOAR and I tested 'checkpoint-access-rule-update' but we are not able to modify the intended access rule. The access rule is not a main rule but a sub-rule. for example, the rule number that we want to enable/disable is 3.6. It look like the command 'checkpoint-access-ru...
Hi All!I am putting together a PowerShell script to see what IPs are listed in the DoS Block Table. The command (debug dataplane show dos block-table) keeps timing out with the error"Error executing command 'show config running'. Error: Exception calling "EndExecute" with "1" argument(s): "Command 'show config running' has timed out." Below is t...
Aruba ClearPass version 6.12 integration with palo alto using API, ClearPass match roles and use the enforcement policy to send roles to palo Alto . Palo Alto has dynamic group matched with the same role name received from Aruba ClearPass. the issue that after random time the IP removed from dynamic group the reenter again and this action repeated.
Can existing supported Cortex Enrichment integrations work in XSIAM or does there need to be a completely new integration built to support XSIAM. If you're able to carry the integration from XSOAR to XSIAM is there documentation available for that move?
Open this post to follow up QoS Monitoring for PRTG network monitor Anyone still using?Purpose for this discussion is to explore any possibilities to use LibreNMS/PRTG to monitor & stored the QoS statistics belowModel : PA3410 PAN-OS : 11.0.2-h3
Dear all,we have checkpoint infinity xd solution and we need to integrate it with palo alto ngfw (820 model)checkpoint side give us the guidline and also we made online meeting to check configurations. there are:1. valid checkpoint certificates2. public ip of syslog server3. we create the policy to permit all traffic to that public ip4. we tag t...
Hello,I have installed the ZScaler Internet Access integration version: 1.3.16Whenever I try to update it to the version 1.3.24, the command !zscaler-activate-changes returns the error: Failed to execute zscaler-activate-changes command. Error: 'dict' object has no attribute 'json'I believe that it might be an overlook in the integration. Who ca...
Dear Community, hello!I would like to start a conversation about a missing integration that I would like to develop on my own. I would like to connect PA Cortex XSOAR with Symantec Endpoint Protection (EDR). I am very new to all this, so I would welcome any comment, suggestion, starting points for my journey. Your help is needed and going to be ...
We are using EfficientIP IPAM solution to efficiently manage IP address allocation within our network. This solution extract ARP tables from devices using SNMP. We have integrated our Palo Alto firewalls to this solution and it is receiving the interface details. But, ARP details are not received from the firewalls. Appreciate your insights on t...
Hello , Hope you can help me with a solution! I am trying to clean some wide open rules that are receiving traffic that maybe if this same traffic bypass these wide open rules , the traffic will then be triggered with another specific rules below . In order to not cause issues as this is production traffic I would like to know if there is a to...
Hi, We have an issue with "Nist NVD" integration.When we want to use the commands, we are getting the following error:"Nist NVD returned an errorHide reasonCommand:!nvd-search-cve cve="CVE-2020-1000"(Nist NVD)Hide reasonReasonFailed to execute nvd-search-cve command.Error:Expecting value: line 1 column 1 (char 0)" The integration was published b...
