Export Indicators Integrations - Threat Intel Management Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Threat Intel Management Guide

Product
Cortex XSOAR
Version
8
Creation date
2024-09-18
Last date published
2024-09-23
Category
Threat Intel Management Guide
Solution
Cloud
Retire_Doc
Retiring
Link_to_new_Doc
/r/Cortex-XSOAR/8/Cortex-XSOAR-Cloud-Documentation
Abstract

There are several outbound-feed integrations that exports indicators to a file or list from Cortex XSOAR.

You can export indicators from Cortex XSOAR using the Generic Export Indicators Service integration. Exported indicators can be used for firewall block lists, allow lists, monitoring and analysis in Splunk, etc.

The Generic Export Indicators Service can be configured to export specific fields in different output formats. Multiple instances of the integration can be configured for different indicator queries, and the output can be customized to work with a variety of third-party services.