Palo Alto Cortex XSIAM
Palo Alto Cortex XSIAM is Palo Alto Networks’ security analytics platform that unifies SIEM, XDR, threat intelligence and SOAR for real-time detection and response.
Configuration
This module accepts no configuration.
Actions
STIX to XSIAM
Convert STIX objects to XSIAM objects
Arguments
| Name | Type | Description |
|---|---|---|
stix_objects |
array |
STIX objects |
stix_objects_path |
string |
STIX objects file path |
reliability_mapping |
array |
Overriding reliability mapping for XSIAM objects |
severity_mapping |
array |
Overriding severity mapping for XSIAM objects |
comment |
string |
Comment to add to the XSIAM objects |
class_override |
string |
Override the class of the XSIAM objects |
Outputs
| Name | Type | Description |
|---|---|---|
data |
array |
XSIAM objects list |
Extra
Module Palo Alto Cortex XSIAM v1.0.0