Skip to main content


This Integration is part of the XSOAR EDL Checker Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

Checks an XSOAR hosted EDL to make sure it's returning a valid response. Supports PAN-OS (text), CSV, or JSON EDLs.

This integration was integrated and tested with version 6.12 and 8.4 of Cortex XSOAR, and version 3.2.12 of the Generic Export Indicator Service.

Configure XSOAR EDL Checker on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for XSOAR EDL Checker.

  3. Click Add instance to create and configure a new integration instance.

    EDL NameThe name of the edl from the generic indicator export serviceTrue
    Trust any certificate (not secure)False
    XSOAR VersionThe version of XSOAR you are using 6.x or 8.xFalse
  4. Click Test to validate the URLs, token, and connection.


You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.


Checks the EDL and returns the response.

Base Command#



Argument NameDescriptionRequired

Context Output#

EDLChecker.NameunknownThe Name of the EDL from the Generic Indicators Export Service instance
EDLChecker.StatusunknownThe HTTP Status Code returned by the EDL
EDLChecker.ResponseunknownThe Response or Error from the check.
EDLChecker.ItemsOnListunknownThe number of indicators on the list, assuming a successful response!

Command example#


Context Example#

"EDLChecker": [
"ItemsOnList": 2,
"Name": "domains",
"Response": "domains returned a 200 response, all should be well",
"Status": 200
"ItemsOnList": 0,
"Name": "ips",
"Response": "Instance 'ips' is disabled (922)",
"Status": 400

Human Readable Output#

EDL Response for domains#

domains200domains returned a 200 response, all should be well2