This playbook processes indicators to check if they exist in a Cortex XSOAR list containing the organizational External IP addresses, and tags the indicators accordingly.
This playbook uses the following sub-playbooks, integrations, and scripts.
This playbook does not use any sub-playbooks.
This playbook does not use any integrations.
|Indicator Query||Indicators matching the indicator query will be used as playbook input||Optional|
|OrganizationsExternalIPListName||A Cortex XSOAR list containing the organization's External IP address values. IP Indicators that appear in the list are tagged as organizations external ip.||Optional|
|OrganizationExternalIP||IP addresses that are found in the organization's external IP list.||string|
|NotOrganizationExternalIP||IP addresses that are not found in the organization's external IP list.||string|