Common Scripts to use in Automations - Administrator Guide - 6.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.5
Creation date
2022-09-28
Last date published
2024-03-21
End_of_Life
EoL
Category
Administrator Guide
Abstract

Common scripts available to use in Cortex XSOAR automations.

Cortex XSOAR comes out of the box with a number of common scripts, which can be used in playbooks and commands, the majority of which are contained in the Base and Common Scripts content packs.

The Common Scripts content pack includes scripts that are commonly used, such as EmailReputation, RunDockerCommand, ConvertXMLToJson, etc.

The Base content pack is a core pack, which helps you get started and includes various scripts including the common scripts, which can be used in other JavaScript, Python and PowerShell scripts.

Common Scripts

Common scripts contain common code (functions, variables, etc.) that can be used across scripts and can be embedded, when writing your own scripts and integrations. They are used to enhance the API in other scripts and integrations. For example, the tableToMarkdown function in the CommonServer script, takes a JSON and transforms it to markdown. You can call this function from integrations and scripts that you author.

In the Scripts page you can view/edit the following common scripts:

  • CommonServer

    The Common Server script contains JavaScript functions and variables that can be in other scripts when writing your own scripts and integrations.

    The script contains nearly 200 functions/variables , such as tabletoMarkdown, closeInvestigation, SetSeverity, etc.

    You can copy the script and add new functions/variables or add your own functions to the CommonUserServer script. You can also use this script to override the existing scripts in the CommonServer script.

  • CommonServerPython

    The CommonServerPython script contains Python functions that can be in other scripts when writing your own scripts and integrations.

    The script contains over 400 functions, such as appendContext, vtCountPositives (which counts the number of detected URLs in the War Room entry), datetime_to_string, (which converts a datetime object into a string), etc.

    You can copy the script and add new functions/variables or add your own functions to the CommonServerUserPython script. You can also use this script to override the existing scripts in the CommonServerPython script.

  • CommonServerPowerShell

    The CommonServerPowerShell script contains PowerShell arguments/functions that can be in other scripts when writing your own scripts and integrations.

    The script contains many arguments/functions, etc. such as SetIntegrationContext, Write-HostToLog (which writes to the demisto.log), ReturnOutputs (which returns results to the user more intuitively), etc.

    You can copy the script and add new arguments/functions or add your own to the CommonServerUserPowerShell script. You can also use this script to override the existing scripts in the CommonServerPowerShell script.