Skip to main content

Code42 File Search v2

This Playbook is part of the Code42 Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.10.0 and later.

This playbook searches for files via Code42 security events by either MD5 or SHA256 hash. The data is output to the Code42.FileEvents context for use.


This playbook uses the following sub-playbooks, integrations, and scripts.


This playbook does not use any sub-playbooks.


  • Code42


This playbook does not use any scripts.


  • code42-file-events-search

Playbook Inputs#

NameDescriptionDefault ValueRequired
MD5MD5 hash to search forFile.MD5Optional
SHA256SHA256 hash to search forFile.SHA256Optional

Playbook Outputs#

Code42.FileEventsReturned File Resultsunknown
Code42.FileEvents.timestampThe timestamp when the event
Code42.FileEvents.eventSummary information about the event, including date observed, event type, and event source.unknown
Code42.FileEvents.userDetails about the user associated with the event (if any).unknown
Code42.FileEvents.destinationDetails about the destination target of the event (if any).unknown
Code42.FileEvents.processDetails about the CPU process involved in the event (if any).unknown
Code42.FileEvents.riskDetails overall risk severity for the event and lists all associated risk indicators.unknown
Code42.FileEvents.gitDetails about git repository involved in event (if any).unknown
Code42.FileEvents.reportDetails about Salesforce reports involved in the event (if any).unknown
Code42.FileEvents.fileDetails about file metadata for file involved in the event (if any).unknown
Code42.FileEvents.sourceInfo about the origin of a file involved in the event (if any).unknown

Playbook Image#

Code42 File Search