The Aggregated Scripts pack contains scripts that execute multiple commands, significantly streamlining playbook creation and execution.
What does this pack do?
- File indicator enrichment using an array file hashes.
A pack containing all aggregated scripts.
The Aggregated Scripts pack contains scripts that execute multiple commands, significantly streamlining playbook creation and execution.
The Aggregated Scripts pack contains scripts that execute multiple commands, significantly streamlining playbook creation and execution.
Name | Description |
---|---|
get-endpoint-data | This script gathers endpoint data from multiple integrations and returns an endpoint entity with consolidated information to the context. |
domain-enrichment | This script enriches Domains data with information from multiple integrations and returns a "DomainEnrichment" object with consolidated information in the context output. |
isolate-endpoint | This script isolates endpoints using multiple integrations and returns a success or failure message. |
url-enrichment | This script gathers URL reputation data from multiple integrations and returns a "URLEnrichment" object with consolidated information in the context output. |
ip-enrichment | This script gathers IP reputation data from multiple integrations and returns an IP entity with consolidated information in the context. |
disable-user | This script disables users for multiple services. |
file-enrichment | This script gathers file reputation data from multiple integrations and returns a "FileEnrichment" object with consolidated information to the context output. |
block-external-ip | The script blocks a list of IP addresses in supported integrations. |
get-user-data | This script gathers user data from multiple integrations and returns an Account entity with consolidated information to the context. |
clear-user-session | This script clears user sessions across multiple integrations for a list of usernames. |
quarantine-file | This script executes the 'quarantine-file' command on a specified file via the appropriate agent. This script is used to isolate files identified as suspicious. |
Name | Description |
---|---|
get-endpoint-data | This script gathers endpoint data from multiple integrations and returns an endpoint entity with consolidated information to the context. |
ip-enrichment | This script gathers IP reputation data from multiple integrations and returns an IP entity with consolidated information in the context. |
quarantine-file | This script executes the 'quarantine-file' command on a specified file via the appropriate agent. This script is used to isolate files identified as suspicious. |
file-enrichment | This script gathers file reputation data from multiple integrations and returns a "FileEnrichment" object with consolidated information to the context output. |
clear-user-session | This script clears user sessions across multiple integrations for a list of usernames. |
url-enrichment | This script gathers URL reputation data from multiple integrations and returns a "URLEnrichment" object with consolidated information in the context output. |
domain-enrichment | This script enriches Domains data with information from multiple integrations and returns a "DomainEnrichment" object with consolidated information in the context output. |
get-user-data | This script gathers user data from multiple integrations and returns an Account entity with consolidated information to the context. |
isolate-endpoint | This script isolates endpoints using multiple integrations and returns a success or failure message. |
disable-user | This script disables users for multiple services. |
block-external-ip | The script blocks a list of IP addresses in supported integrations. |
Pack Name | Pack By |
---|---|
Base | By: Cortex XSOAR |
Pack Name | Pack By |
---|---|
WildFire by Palo Alto Networks | By: Cortex XSOAR |
Pack Name | Pack By |
---|---|
Base | By: Cortex XSOAR |
file-enrichment
script to not fail when encountering an unknown file hash.Added the quarantine-file script, which executes the quarantine-file command on a specified file via the appropriate agent.
This script is used to isolate files identified as suspicious. The integration used to perform the quarantine action is selected either by user input (the brands argument) or based on the available configured instances.
A pack containing all aggregated scripts.
file-enrichment
script to not fail when encountering an unknown file hash.Added the quarantine-file script, which executes the quarantine-file command on a specified file via the appropriate agent.
This script is used to isolate files identified as suspicious. The integration used to perform the quarantine action is selected either by user input (the brands argument) or based on the available configured instances.
A pack containing all aggregated scripts.
Certification | Certified | Read more |
Supported By | Cortex | |
Created | June 18, 2025 | |
Last Release | September 30, 2025 |