Common Scripts to use in Automations - Administrator Guide - 6.11 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.11
Creation date
2022-12-12
Last date published
2024-03-28
Category
Administrator Guide
Abstract

Scripts in the Common Scripts content pack and the Base content pack are available to use in other scripts.

Cortex XSOAR comes out-of-the-box with a number of common scripts, which can be used in playbooks and commands, the majority of which are contained in the Base and Common Scripts content packs.

The Common Scripts content pack includes scripts that are commonly used, such as EmailReputation, RunDockerCommand, ConvertXMLToJson, etc.

The Base content pack is a core pack, which helps you get started and includes various scripts including the common scripts, which can be used in other JavaScript, Python and PowerShell scripts.

Common Scripts

Common scripts contain common code (functions, variables, etc.) that can be used across scripts and can be embedded, when writing your own scripts and integrations. They are used to enhance the API in other scripts and integrations. For example, the tableToMarkdown function in the CommonServer script, takes a JSON and transforms it to markdown. You can call this function from integrations and scripts that you author.

In the Automation page you can view/edit the following common scripts:

  • CommonServer

    The Common Server script contains JavaScript functions and variables that can be in other scripts when writing your own scripts and integrations.

    The script contains nearly 200 functions/variables , such as tabletoMarkdown, closeInvestigation, SetSeverity, etc.

    You can copy the script and add new functions/variables or add your own functions to the CommonUserServer script. You can also use this script to override the existing scripts in the CommonServer script.

  • CommonServerPython

    The CommonServerPython script contains Python functions that can be in other scripts when writing your own scripts and integrations.

    The script contains over 400 functions, such as appendContext, vtCountPositives (which counts the number of detected URLs in the War Room entry), datetime_to_string, (which converts a datetime object into a string), etc.

    You can copy the script and add new functions/variables or add your own functions to the CommonServerUserPython script. You can also use this script to override the existing scripts in the CommonServerPython script.

  • CommonServerPowerShell

    The CommonServerPowerShell script contains PowerShell arguments/functions that can be in other scripts when writing your own scripts and integrations.

    The script contains many arguments/functions, etc. such as SetIntegrationContext, Write-HostToLog (which writes to the demisto.log), ReturnOutputs (which returns results to the user more intuitively), etc.

    You can copy the script and add new arguments/functions or add your own to the CommonServerUserPowerShell script. You can also use this script to override the existing scripts in the CommonServerPowerShell script.