Automations are located in the Cortex XSOAR console on the left menu sidebar. You can filter by Author and sort the automations list.
Selecting an automation brings up the code in the right panel. For example, for the AddEvidence automation script:
Selecting the +New Automation button brings up boilerplate code that can be deleted and replaced with a simpler template.
Select the Script Helper button to display two tabs: API DOCS and HOW TO. The API DOCS tab provides reference documentation for each automation, and the HOW TO tab has code examples. In the API DOCS tab, the Showing only link has two options, Commands and Scripts, for the two types of automation in Cortex XSOAR.
Commands are automations executed by the Cortex XSOAR server or integration and follow the camel case naming convention (commandAutomationName). Script automation names are title case (ScriptAutomationName) and are associated with playbook tasks and fields.
The API DOCS tab shows the arguments for each script or command. Select Copy to Script to insert the automation command template into an automation. The HOW TO tab provides brief code examples for a number of scripts and commands.
Automation Conventions
Automations use these conventions to ease readability:
Python functions are in blue.
Variables and other Python syntax are in black.
Cortex XSOAR functions are in green.
Cortex XSOAR literals when used in functions are in purple.
Dictionary keys use single quotes.
All other strings use double quotes.
For example:
 |