Automate changes to alert fields using timer scripts - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-10-10
Category
Administrator Guide
Abstract

Create scripts to perform specific actions in Cortex XSIAM when the SLA is breached.

Scripts in Cortex XSIAM enable you to automate processes. You can create scripts that perform specific actions when a timer field times out. Scripts used with timers must have the SLA tag.

You can use an out-of-the-box or custom script and attach it to an timer alert field.

A common use of scripts for timer fields is to send an email when a timer is breached. You can create a custom script that sends an email to specific users when the script is triggered. You can add this to any timer alert field as needed.