Customize and Configure Cortex XSOAR - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
8
Creation date
2023-11-02
Last date published
2024-02-28
Category
Administrator Guide
Abstract

Customize and configure your Cortex XSOAR deployment.

In this section, the administrator can customize and configure the following:

  • Dashboards: Includes how to create, edit, and share a dashboard, etc.

  • Reports: Includes how to create, schedule, and edit a report, configure the timezone, etc.

  • Widgets: Includes how to create a widget from the widget builder, using a JSON file and script, etc.

  • Marketplace: Includes an overview of Marketplace and the content pack lifecycle, and how to access Marketplace, search and navigate, install contact packs, etc.

  • Incidents: Includes how to automatically de-duplicate incidents, add pre-process and post processing rules, customizing incidents, layouts, access control, etc.

    For day-to-day tasks such as investigating incidents, see Incident Management.

  • Indicators: Includes how to customize indicator types and layouts, extract indicators, configure indicator scripts and timeline, export indicators, etc.

    For day-to-day tasks, such as extracting indicators in the CLI, export indicators, add to an exclusion list, see Indicator Management.

  • Playbooks: Includes how to create tasks, debug a playbook, version control, extend context, playbook polling, etc.

  • Jobs: Includes how to create a time triggered job and a job triggered by delta in a feed, etc.

  • Lists: Includes how to use and create lists, etc.

  • SLAs: Includes how to create and manage SLAs.