Script Widget - RSS Feed.
Common Widgets
- Details
- Content
- Dependencies
- Version History
- Download With Dependencies
Frequently used widgets pack.
PUBLISHER
Cortex XSOAR
INFO
Certification | Certified | Read more |
Supported By | Cortex XSOAR | |
Created | June 30, 2020 | |
Last Release | June 15, 2022 |
DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.Name | Description |
---|---|
RSSWidget | |
GetLargestInvestigations | Deprecated. Use System Diagonstics page instead (available from version 6.2.0). Returns all investigations larger than 1 MB from all Cortex XSOAR. |
GetLargestInputsAndOuputsInIncidents | Deprecated. Use System Diagonstics page instead (available from version 6.2.0). Returns inputs and outputs larger than 1 MB from all Cortex XSOAR investigations. |
MyToDoTasksWidget | A script that creates a table of all the ToDo tasks assigned to the current user. |
FeedIntegrationErrorWidget | Returns a table widget of enabled feed integration instances that errors out on indicators fetch. |
Name | Description |
---|---|
Closed By Dbot | |
Top Users Closed Manual Tasks | |
Incidents By Close Reason | |
Incident Severity by Type | |
Memory Usage % per Engine (last 24h) | |
Incidents Dropped in Preprocessing | |
Workers per Engine | |
Average Incident Duration by Role (Avg) | |
MTTR by Type | |
Busy Workers per Engine (last 24h) | |
Command average runtime per Instance (top 5) | |
Executions by status per Manual Tasks (top 5) | |
Late Incidents | |
Active Incidents - Line chart | |
Memory Current Usage | |
Most Active Users | |
Closed Incidents by Role | |
Investigation Activity Timeline | |
Incidents by Role | |
Command executions errors | |
Failed Manual Tasks | |
Mean Time to Resolution (Occurred) | |
Incidents by Phase | |
Disk Current Usage | |
My ToDo Tasks | |
MTTD by Type | |
Disk Usage % per Engine (last 24h) | |
Unassigned Pending Incidents | |
Late Tasks by User | |
Commands executed | |
Running playbooks | |
Unassigned Incidents | |
Playbook run errors | |
CPU Usage % per Engine | |
Unassigned Active Incidents | |
Playbook runs | |
Command execution type | |
Average runtime for Playbooks | |
Failed Playbooks runs | |
Top executed Commands | |
Important Messages | |
Elastic Disk Current Usage | |
Indicators in Related Incidents | |
Open Tasks Per User | |
Indicators Activity by Type | |
Command executions per Incident Type | |
Late Tasks | |
Manual Verdict Indicators by User | |
Failed Automation executions per Incident Types (top 5) | |
Malicious Indicators Activity by Type | |
Largest Inputs And Outputs In Incidents | |
Top Active Playbooks | |
Manual Command execution errors (top 5) | |
Active vs Expired Indicators | |
Disk Usage % per Engine | |
CPU Current Usage | |
Active Incidents - Pie chart | |
My Tasks | |
SLA by Incident Type | |
Active Indicators by Verdict | |
Least executed Commands per Instance | |
Command execution errors | |
Command executions per Integration Category | |
Unit 42 Blog Feed | |
Unassigned Closed Incidents | |
Top 10 Attack Pattern Indicators in Related Incidents | |
Mean Time to Detection | |
Return On Investment (ROI) | |
Most Active Integrations | |
Command execution errors per Instance | |
Average runtime by Incident Type per Playbook (top 5) | |
Executions by status per Automated Tasks (top 5) | |
Incidents in Error Run Status | |
Average runtime per Playbook (top 5) | |
Detection SLA by Status | |
Elastic JVM Memory Current Usage | |
Unassigned Incidents | |
Task executions | |
Incidents Occurred Per Day | |
Tasks By State | |
Image | |
Malicious/Suspicious Indicators in Incidents | |
Active Incidents by Role | |
Relationship Generating Integrations | |
Incidents Top Close Analysts | |
Page Break Widget | |
Active Indicators Volumes by Feed | |
Text Widget | |
Largest Incidents by Storage Size | |
Late Incidents | |
TopMaliciousRatioIndicators | |
Most Active Investigations | |
Command execution errors per Integration Category | |
Task execution errors | |
CPU Usage % per Engine (last 24h) | |
Busy Workers Count per Engine | |
Least executed Commands | |
Average runtime per Automation (top 5) | |
MTTR by Type (in minutes) | |
Mentions | |
Memory Usage % per Engine | |
Elastic CPU Current Usage | |
Active Incidents Assigned by User | |
Malicious Indicators Activity | |
Feed Integrations Errors | |
Remediation SLA by Status | |
Latest Messages | |
Average runtime by Instance per Command (top 5) | |
Indicators Activity | |
Errors by Incident Type per Command (top 5) | |
Server CPU Usage % (last 24h) | |
Server Memory Usage % (last 24h) | |
Incident Types by Severity | |
Manual Verdict Indicators | |
Feeds Errors | |
My Messages | |
MTTR Occurred by Type | |
Top 10 File Indicators in Related Incidents |
Pack Name | Pack By |
---|---|
CommonScripts | By: Cortex XSOAR |
Base | By: Cortex XSOAR |
DemistoRESTAPI | By: Cortex XSOAR |
Pack Name | Pack By |
---|
Scripts
MyToDoTasksWidget
- Added type validations and other internal code improvements.
FeedIntegrationErrorWidget
- Added type validations and other internal code improvements.
Scripts
MyToDoTasksWidget
- Fixed an issue where the script failed to run if there were no To Do tasks assigned to the user.
Scripts
RSSWidget
- Fixed an issue where the RSS feed entries were in ascending order (they are now in descending order).
- Updated the Docker image to: demisto/feed-parser:1.0.0.25187.
Widgets
Unit 42 Blog Feed
- Documentation and metadata improvements.
Scripts
New: MyToDoTasksWidget
- A script that creates a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).
Widgets
New: My ToDo Tasks
- A widget that presents a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).
Widgets
New: Unit42 Blog Feed
- Available from Cortex XSOAR 6.2.0.
New: Active Indicators Volumes by Feed
- Available from Cortex XSOAR 6.2.0.
New: Top 10 File Indicators in Related Incidents
- Available from Cortex XSOAR 6.2.0.
New: Indicators in Related Incidents
- Available from Cortex XSOAR 6.2.0.
New: Relationship Generating Integrations
- Available from Cortex XSOAR 6.2.0.
New: Top 10 Attack Pattern Indicators in Related Incidents
- Available from Cortex XSOAR 6.2.0.
New: Malicious/Suspicious Indicators in Incidents
- Available from Cortex XSOAR 6.2.0.
New: Feeds Errors
- Available from Cortex XSOAR 6.2.0.
New: Active vs Expired Indicators
- Available from Cortex XSOAR 6.2.0.
New: Active Indicators by Verdict
- Available from Cortex XSOAR 6.2.0.
Widgets
Mentions
- Breaking Change The Mentions widget is not supported on version 6.2 or newer.
Scripts
GetLargestInputsAndOuputsInIncidents
- Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.
GetLargestInvestigations
- Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.
Scripts
FeedIntegrationErrorWidget
Improved the date format of Instance Last Modified Time.
Scripts
New: FeedIntegrationErrorWidget
Returns a table widget of enabled feed integration instances that errors out on indicators fetch. (Available from Cortex XSOAR 6.1.0).
Widgets
New: Feed Integrations Errors
(Available from Cortex XSOAR 6.1.0).
Scripts
RSSWidget
- Fixed an issue where HTML content would be presented with HTML tags.
Scripts
GetLargestInputsAndOuputsInIncidents
- The script has been deprecated. For XSOAR versions up to 6.2.0, it is not advised to use the script as it can cause performance issues. For XSOAR 6.2.0 and later versions, please refer to the System Diagnostic page as an alternative.
GetLargestInvestigations
- The script has been deprecated. For XSOAR versions up to 6.2.0, it is not advised to use the script as it can cause performance issues. For XSOAR 6.2.0 and later versions, please refer to the System Diagnostic page as an alternative.
Scripts
GetLargestInputsAndOuputsInIncidents
- Updated the Docker image to: demisto/python3:3.9.7.24076.
GetLargestInvestigations
- Updated the Docker image to: demisto/python3:3.9.7.24076.
Widgets
Command execution type
- - Fixed an issue where the widget tried to display values as percentages.
Scripts
RSSWidget
Added the limit argument.
Scripts
New: RSSWidget
Script Widget - RSS Feed. (Available from Cortex XSOAR 5.5.0).
Widgets
Malicious Indicators Activity by Type
- Fixed an issue where the time resolution value was missing.
Widgets
New: Command executions per Integration Category
- Command executions per Integration Category (Available from Cortex XSOAR 6.2.0).
New: Executions by status per Manual Tasks (top 5)
- Executions by status per Manual Tasks (top 5) (Available from Cortex XSOAR 6.2.0).
New: Command execution errors per Integration Category
- Command execution errors per Integration Category (Available from Cortex XSOAR 6.2.0).
New: Command execution type
- Command execution type (Available from Cortex XSOAR 6.2.0).
New: Top executed Commands
- Top executed Commands (Available from Cortex XSOAR 6.2.0).
New: Average runtime per Automation (top 5)
- Average runtime per Automation (top 5) (Available from Cortex XSOAR 6.2.0).
New: Average runtime by Incident Type per Playbook (top 5)
- Average runtime by Incident Type per Playbook (top 5) (Available from Cortex XSOAR 6.2.0).
New: Command executions errors
- Command executions errors (Available from Cortex XSOAR 6.2.0).
New: Task execution errors
- Task execution errors (Available from Cortex XSOAR 6.2.0).
New: Least executed Commands per Instance
- Least executed Commands per Instance (Available from Cortex XSOAR 6.2.0).
New: Average runtime by Instance per Command (top 5)
- Average runtime by Instance per Command (top 5) (Available from Cortex XSOAR 6.2.0).
New: Command execution errors per Instance
- Command execution errors per Instance (Available from Cortex XSOAR 6.2.0).
New: Errors by Incident Type per Command (top 5)
- Errors by Incident Type per Command (top 5) (Available from Cortex XSOAR 6.2.0).
New: Playbook run errors
- Playbook run errors (Available from Cortex XSOAR 6.2.0).
New: Task executions
- Task executions (Available from Cortex XSOAR 6.2.0).
New: Playbook runs
- Playbook runs (Available from Cortex XSOAR 6.2.0).
New: Average runtime per Playbook (top 5)
- Average runtime per Playbook (top 5) (Available from Cortex XSOAR 6.2.0).
New: Command average runtime per Instance (top 5)
- Command average runtime per Instance (top 5) (Available from Cortex XSOAR 6.2.0).
New: Top Users Closed Manual Tasks
- Top Users Closed Manual Tasks (Available from Cortex XSOAR 6.2.0).
New: Failed Playbooks runs
- Failed Playbooks runs (Available from Cortex XSOAR 6.2.0).
New: Command executions per Incident Type
- Command executions per Incident Type (Available from Cortex XSOAR 6.2.0).
New: Least executed Commands
- Least executed Commands (Available from Cortex XSOAR 6.2.0).
New: Manual Command execution errors (top 5)
- Manual Command execution errors (top 5) (Available from Cortex XSOAR 6.2.0).
New: Executions by status per Automated Tasks (top 5)
- Executions by status per Automated Tasks (top 5) (Available from Cortex XSOAR 6.2.0).
New: Commands executed
- Commands executed (Available from Cortex XSOAR 6.2.0).
New: Failed Automation executions per Incident Types (top 5)
- Failed Automation executions per Incident Types (top 5) (Available from Cortex XSOAR 6.2.0).
New: Failed Manual Tasks
- Failed Manual Tasks (Available from Cortex XSOAR 6.2.0).
New: Average runtime for Playbooks
- Average runtime for Playbooks (Available from Cortex XSOAR 6.2.0).
New: Command execution errors
- Command execution errors (Available from Cortex XSOAR 6.2.0).
Widgets
Malicious Indicators Activity by Type
- Change layout name from Bad Indicators Activity by Type to Malicious Indicators Activity by Type.
Manual Verdict Indicators by User
- Change layout name from Manual Reputation Indicators by User to Manual Verdict Indicators by User.
Malicious Indicators Activity
- Change layout name from Bad Indicators Activity to Malicious Indicators Activity.
Manual Verdict Indicators
- Change layout name from Manual Reputation Indicators to Manual Verdict Indicators.
Widgets
Page Break Widget
- Updated the category to Utilities.
Image
- Updated the category to Utilities.
Text Widget
- Updated the category to Utilities.
Widgets
Bad Indicators Activity by Type
Fixed an issue where incorrect results were shown due to malformed timezone calculations.
Widgets
New: MTTR by Type (in minutes)
- Shows changes in Mean Time to Resolution (in minutes), over time, while differentiating between incident types.
MTTR by Type
- Metadata and documentation enhancements.
Scripts
GetLargestInputsAndOuputsInIncidents
- Fixed an issue where the script returned the task size in KB instead of MB.
- Added the table_result argument to control whether the script outputs a textual or a JSON format.
- Upgraded the Docker image to: demisto/python3:3.9.1.15759.
Scripts
GetLargestInputsAndOuputsInIncidents
- Fixed an issue where the wrong automation was called.
Scripts
GetLargestInputsAndOuputsInIncidents
- Removed the MB suffix from the values of the Size column.
- Changed the table header name Size to Size(MB).
- Changed the table header IncidentID to a hyperlink to the incident.
- Changed the table header TaskID to a hyperlink to the task.
- Changed the default result format to Markdown.
GetLargestInvestigations
- Removed the MB suffix from the values of the Size column.
- Changed the table header name Size to Size(MB).
- Changed the table header IncidentID to a hyperlink to the incident.
- Changed the default result format to Markdown.
- Added handling for Playground investigation.
- Added the table_result argument, which returns a result in either Markdown or in a format suitable for a table widget. By default,
the result is in Markdown.
Widgets
Largest Incidents by Storage Size
- Removed the MB suffix from the values of the Size column.
- Changed the table header name Size to Size(MB).
- Changed table header IncidentID to a hyperlink to the incident.
Largest Inputs And Outputs In Incidents
- Removed the MB suffix from the values of the Size column.
- Changed the table header name Size to Size(MB).
- Changed the table header IncidentID to a hyperlink to the incident.
- Changed the table header TaskID to a hyperlink to the task.
Scripts
GetLargestInvestigations
- Fixed an issue where the results were not sorted properly.
Scripts
GetLargestInvestigations
- Fixed an issue where the script would fail if no investigations were found.
- Upgraded the Docker image to 3.8.5.11789
GetLargestInputsAndOuputsInIncidents
- Fixed an issue where the script would fail if no inputs or outputs were found.
- Upgraded the Docker image to 3.8.5.11789
Widgets
Largest Investigations
- Fixed an issue where the widget did not pull information from the correct script.
Largest Inputs And Outputs In Incidents
- Documentation and metadata improvements.
Scripts
GetLargestInputsAndOuputsInIncidents
- Use the script to get information about the largest inputs and outputs in the largest incidents.
GetLargestInvestigations
- Use the script to get information about the largest incidents.
Widgets
Largest Inputs And Ouputs In Incidents
- Use the widget to get information about the largest inputs and outputs in the largest incidents.
Largest Investigations
- Use the widget to get information about the largest incidents.
Frequently used widgets pack.