Abstract
Add a custom script based widget in the War Room using an automation script in Cortex XSOAR.
You can add a custom widget in the War Room using an automation script. After creating the script in the Automation page, to add a custom script based widget, you need to run a command in the War Room.
Go to the War Room and run the following command:
!<scriptName>
where scriptName is the name of the automation script you created in step 1.
In the following example, you need to add a custom widget that shows you the severity of the indicators in an incident, as a bar chart.
Use the following script:
commonfields: id: ee3b9604-324b-4ab5-8164-15ddf6e428ab version: 49 name: IndicatorWidgetBar script: |- # Constants HIGH = 3 SUSPICIOUS = 2 LOW = 1 NONE = 0 indicators = [] scores = {HIGH: 0, SUSPICIOUS: 0, LOW: 0, NONE: 0} incident_id = demisto.incidents()[0].get('id') foundIndicators = demisto.executeCommand("findIndicators", {"query":'investigationIDs:{}'.format(incident_id), 'size':999999})[0]['Contents'] for indicator in foundIndicators: scores[indicator['score']] += 1 data = { "Type": 17, "ContentsFormat": "bar", "Contents": { "stats": [ { "data": [ scores[HIGH] ], "groups": None, "name": "high", "label": "incident.severity.high", "color": "rgb(255, 23, 68)" }, { "data": [ scores[SUSPICIOUS] ], "groups": None, "name": "medium", "label": "incident.severity.medium", "color": "rgb(255, 144, 0)" }, { "data": [ scores[LOW] ], "groups": None, "name": "low", "label": "incident.severity.low", "color": "rgb(0, 205, 51)" }, { "data": [ scores[NONE] ], "groups": None, "name": "unknown", "label": "incident.severity.unknown", "color": "rgb(197, 197, 197)" } ], "params": { "layout": "horizontal" } } } demisto.results(data) type: python tags: - dynamic-section enabled: true scripttarget: 0 subtype: python3 runonce: false dockerimage: demisto/python3:3.7.3.286 runas: DBotWeakRole
Create a new automation by adding the script and then in the War Room run the !IndicatorWidgetBar
command.
The custom widget appears in the War Room.