Common Widgets

Details
Content
Dependencies
Version History

Frequently used widgets pack.

Automations

Name	Description
FeedIntegrationErrorWidget	Returns a table widget of enabled feed integration instances that errors out on indicators fetch.
WidgetNoOp	A no-op placeholder script used by visual-only widgets (e.g. Page Break, Text Widget) that require a script dataType but do not need to query any data source. Returns a mock result to prevent unnecessary database queries.
RSSWidget	Script Widget - RSS Feed.
MyToDoTasksWidget	A script that creates a table of all the ToDo tasks assigned to the current user.

Widgets

Name	Description
Indicators in Related Incidents
Server CPU Usage % (last 24h)	Server CPU usage in the previous 24 hours
Unassigned Pending Incidents
Late Tasks
Active Incidents by Role
Incidents by Phase
Closed Incidents by Role
Command execution errors	Command execution errors
Average runtime for Playbooks	Average runtime for Playbooks
Least executed Commands per Instance	Least executed Commands per Instance
MTTR by Type (in minutes)	Shows changes in Mean Time to Resolution (in minutes), over time, while differentiating between incident types.
Average runtime by Instance per Command (top 5)	Average runtime by Instance per Command (top 5)
Manual Command execution errors (top 5)	Manual Command execution errors (top 5)
Active Indicators by Verdict
MTTD by Type	A widget that shows the Mean Time to Detection, by incident type.
Within SLA by Type
Unassigned Incidents
Task executions	Task executions
Errors by Incident Type per Command (top 5)	Errors by Incident Type per Command (top 5)
Latest Messages
Disk Usage % per Engine (last 24h)	Disk usage percentage per engine in the previous 24 hours
Playbook runs	Playbook runs
Return On Investment (ROI)
My Messages
Active Incidents - Pie chart
Malicious/Suspicious Indicators in Incidents
My Tasks
Incidents Occurred Per Day
Active Incidents - Line chart
Command executions per Integration Category	Command executions per Integration Category
Mean Time to Containment
Active Incidents Assigned by User
Incidents By Close Reason
Top executed Commands	Top executed Commands
Command executions errors	Command executions errors
Busy Workers Count per Engine	Current number of busy workers per engine
Executions by status per Manual Tasks (top 5)	Executions by status per Manual Tasks (top 5)
Command execution errors per Instance	Command execution errors per Instance
Unassigned Active Incidents
Open Tasks Per User
Incidents in Error Run Status
Image
Elastic CPU Current Usage	Elasticsearch CPU Current Usage %
Task execution errors	Task execution errors
Malicious Indicators Activity
Average runtime per Automation (top 5)	Average runtime per Automation (top 5)
Remediation SLA by Status	The remediation SLA status of all incidents that started a remediation process. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
Average runtime per Playbook (top 5)	Average runtime per Playbook (top 5)
Incidents Top Close Analysts
MTTR by Severity
Most Active Users
Feeds Errors
Disk Current Usage
Most Active Integrations
Busy Workers per Engine (last 24h)	Number of busy workers per engine in the previous 24 hours
MTTD by Severity
Malicious Indicators Activity by Type
Failed Automation executions per Incident Types (top 5)	Failed Automation executions per Incident Types (top 5)
Late Incidents
Command average runtime per Instance (top 5)	Command average runtime per Instance (top 5)
Most Active Investigations
Memory Current Usage
Incident Types by Severity
Relationship Generating Integrations
Mean Time to Resolution (Occurred)
Failed Manual Tasks	Failed Manual Tasks
Mean Time to Triage
Unassigned Incidents
Disk Usage % per Engine	Current disk usage percentage per engine
MTTC by Severity
Manual Verdict Indicators by User
Detection SLA by Status	The detection SLA status of all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
Command execution errors per Integration Category	Command execution errors per Integration Category
Executions by status per Automated Tasks (top 5)	Executions by status per Automated Tasks (top 5)
Unassigned Closed Incidents
MTTR by Type	Shows changes in Mean Time to Resolution (in hours), over time, while differentiating between incident types.
SLA by Incident Type
Page Break Widget	Use the page break widget in a report to force a page break before the widgets that follow.
Average runtime by Incident Type per Playbook (top 5)	Average runtime by Incident Type per Playbook (top 5)
My ToDo Tasks	A widget that presents a table of all the ToDo tasks assigned to the current user.
Active Indicators Volumes by Feed
CPU Usage % per Engine (last 24h)	CPU usage percentage per engine in the previous 24 hours
Tasks By State
Feed Integrations Errors	Feed integrations indicators fetch errors
Indicators Activity by Type
MTTR Occurred by Type
Investigation Activity Timeline
Incidents by Role
Running playbooks
Late SLA by Type
Command executions per Incident Type	Command executions per Incident Type
Mean Time to Detection	The mean time (average time) to detection across all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default.
Playbook run errors	Playbook run errors
MTTT by Severity
Late Tasks by User
Server Memory Usage % (last 24h)	Server memory usage % (previous 24 hours)
Elastic JVM Memory Current Usage	Elastic JVM Memory Current Usage %
Unit 42 Blog Feed
Command execution type	Command execution type
Manual Verdict Indicators
Active vs Expired Indicators
Late Incidents
Memory Usage % per Engine	Current memory usage percentage per engine
Average Incident Duration by Role (Avg)
Least executed Commands	Least executed Commands
CPU Current Usage
Top Users Closed Manual Tasks	Top Users Closed Manual Tasks
Elastic Disk Current Usage	Elastic Disk Current Usage %
Incident Severity by Type
Text Widget
Incidents Dropped in Preprocessing
Memory Usage % per Engine (last 24h)	Memory usage percentage per engine in the previous 24 hours
Commands executed	Commands executed
Closed By Dbot	Showing percentage of incidents handled and closed by DBot, without an owner being assigned to, across all incidents in the provided period
Workers per Engine	Current number of workers per engine
Top 10 File Indicators in Related Incidents
TopMaliciousRatioIndicators	Malicious Ratio indicator widget shows indicator that appear in high ration at bad incidents
Top 10 Attack Pattern Indicators in Related Incidents
Top Active Playbooks
Important Messages
Failed Playbooks runs	Failed Playbooks runs
Indicators Activity
CPU Usage % per Engine	Current CPU usage percentage per engine

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (4)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Aggregated Scripts	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR

1.3.3 - 8994397 (May 13, 2026)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.12.13.8428455.

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.12.13.8428455.

Related pull requests:
- 44128

Download

1.3.2 - 8668717 (May 3, 2026)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.8544956.

Related pull requests:
- 44120

Download

1.3.1 - 8382811 (April 20, 2026)

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 43976

Download

1.3.0 - 8009783 (March 30, 2026)

Scripts

New: WidgetNoOp

Added a new no-op placeholder script used by visual-only widgets (e.g. Page Break, Text Widget) that require a script dataType but do not need to query any data source. Returns an empty result to prevent unnecessary database queries.

Widgets

Changed the dataType from incidents to scripts and set query to WidgetNoOp to prevent unnecessary database queries against the incidents table when the widget is rendered.

Changed the dataType from incidents to scripts and set query to WidgetNoOp to prevent unnecessary database queries against the incidents table when the widget is rendered.

Related pull requests:
- 43572

Download

1.2.60 - 6580350 (January 6, 2026)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 42564

Download

1.2.59 - 6238358 (December 11, 2025)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.12.12.6204436.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.12.12.6204436.

Related pull requests:
- 42247

Download

1.2.58 - 5940029 (November 20, 2025)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.5475267.

Related pull requests:
- 41956

Download

1.2.57 - 5538136 (October 23, 2025)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 41627

Download

1.2.56 - 4096037 (July 8, 2025)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.12.8.3296088.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 40498

Download

1.2.55 - 4049458 (July 3, 2025)

Common Widgets

Documentation and metadata improvements.

Related pull requests:
- 40478

Download

1.2.54 - R3414854 (May 15, 2025)

Scripts

RSSWidget

Metadata and documentation improvements.

FeedIntegrationErrorWidget

Metadata and documentation improvements.

MyToDoTasksWidget

Metadata and documentation improvements.

Related pull requests:
- 39142

Download

PUBLISHER

PLATFORMS

Cortex XSOAR

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	June 30, 2020
Last Release	May 13, 2026

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.

Common Widgets

Scripts

FeedIntegrationErrorWidget

MyToDoTasksWidget

Scripts

RSSWidget

Common Widgets

Scripts

New: WidgetNoOp

Widgets

Page Break Widget

Text Widget

Common Widgets

Scripts

MyToDoTasksWidget

FeedIntegrationErrorWidget

Scripts

RSSWidget

Common Widgets

Scripts

MyToDoTasksWidget

FeedIntegrationErrorWidget

Common Widgets

Scripts

RSSWidget

FeedIntegrationErrorWidget

MyToDoTasksWidget

PUBLISHER

PLATFORMS

INFO

DISCLAIMER