In Cortex XSOAR, integrations and automation scripts run either on the server or in a Docker container.

Integrations and automation scripts that run on the server include native integrations (part of the server binary) and JavaScript integrations. JavaScript integrations run within the Cortex XSOAR server process using a JS virtual environment. These integrations use the same network IPs as the server.

These include integrations written in Python or Powershell. Docker creates its own networking, thus the integrations are using a different networking stack from the Cortex XSOAR server. The source IPs for these integrations are different and provided according to the Docker networking configuration.

When running integrations or automations that run within Docker containers you might encounter cases that networking fails for these integrations. The following are several examples of error messages that indicate a networking issue:

It is recommended that you use the Docker networking stack because it provides networking isolation and to consult the Docker documentation to resolve Docker networking issues.

In cases that running with Docker's networking stack continues to cause issues, there is an option to run Docker containers with the host networking. In this mode, the container will share the host’s network stack and all interfaces from the host will be available to the container. The container’s host name will match the hostname on the host system. To enable host networking, add the following advanced server configuration in Cortex XSOAR:

After you add the server configuration, run the

/reset_containers

command from the Cortex XSOAR CLI to reset all containers and to begin using the new configuration.