Skip to main content

GetInstances

This Script is part of the ModulesManagement Pack.#

Returns integration instances configured in Cortex XSOAR. You can filter by instance status and/or brand name (vendor).

Script Data#


NameDescription
Script Typepython3
Tags
Cortex XSOAR Version5.0.0

Inputs#


Argument NameDescription
brandBrand name to filter instances by.
instance_statusInstance status to filter instances by. Can be "active", "disabled", or "both". Default is "active".

Outputs#


PathDescriptionType
Modules.nameThe instance name.string
Modules.categoryThe instance category.string
Modules.defaultIgnoredTrue if the instance avilable by default, otherwise false.string
Modules.stateTrue if the instance is enabled, otherwise false.string
Modules.brandThe instance brand.string

Script Example#

!GetInstances

Context Example#

{
"Modules": [
{
"brand": "EWS v2",
"category": "Messaging",
"defaultIgnored": "false",
"name": "EWS v2_instance_1",
"state": "active"
},
{
"brand": "Elasticsearch v2",
"category": "Database",
"defaultIgnored": "false",
"name": "Elasticsearch v2_instance_1",
"state": "active"
},
{
"brand": "Elasticsearch v2",
"category": "Database",
"defaultIgnored": "false",
"name": "Elasticsearch v2_instance_2",
"state": "disabled"
},
{
"brand": "Rapid7 Nexpose",
"category": "Vulnerability Management",
"defaultIgnored": "false",
"name": "Rapid7 Nexpose_instance_1",
"state": "active"
},
{
"brand": "activedir-login",
"category": "Messaging",
"defaultIgnored": "false",
"name": "ad-login",
"state": "active"
},
{
"brand": "activedir",
"category": "Data Enrichment & Threat Intelligence",
"defaultIgnored": "false",
"name": "ad-query",
"state": "active"
},
{
"brand": "d2",
"category": "Endpoint",
"defaultIgnored": "false",
"name": "d2",
"state": "active"
},
{
"brand": "splunk",
"category": "Analytics & SIEM",
"defaultIgnored": "false",
"name": "splunk",
"state": "active"
}
]
}

Human Readable Output#

Results#

brandcategorydefaultIgnorednamestate
EWS v2MessagingfalseEWS v2_instance_1active
Elasticsearch v2DatabasefalseElasticsearch v2_instance_1active
Elasticsearch v2DatabasefalseElasticsearch v2_instance_2disabled
Rapid7 NexposeVulnerability ManagementfalseRapid7 Nexpose_instance_1active
activedir-loginMessagingfalsead-loginactive
activedirData Enrichment & Threat Intelligencefalsead-queryactive
d2Endpointfalsed2active
splunkAnalytics & SIEMfalsesplunkactive