Common Widgets

Details
Content
Dependencies
Version History

Frequently used widgets pack.

Automations

Name	Description
MyToDoTasksWidget	A script that creates a table of all the ToDo tasks assigned to the current user.
FeedIntegrationErrorWidget	Returns a table widget of enabled feed integration instances that errors out on indicators fetch.
RSSWidget	Script Widget - RSS Feed.

Widgets

Name	Description
Elastic CPU Current Usage	Elasticsearch CPU Current Usage %
Indicators in Related Incidents
Elastic JVM Memory Current Usage	Elastic JVM Memory Current Usage %
Failed Manual Tasks	Failed Manual Tasks
Memory Usage % per Engine	Current memory usage percentage per engine
Busy Workers Count per Engine	Current number of busy workers per engine
My Messages
Memory Usage % per Engine (last 24h)	Memory usage percentage per engine in the previous 24 hours
Return On Investment (ROI)
Playbook runs	Playbook runs
MTTR by Type (in minutes)	Shows changes in Mean Time to Resolution (in minutes), over time, while differentiating between incident types.
Command execution errors per Integration Category	Command execution errors per Integration Category
Average runtime per Playbook (top 5)	Average runtime per Playbook (top 5)
Within SLA by Type
Investigation Activity Timeline
Most Active Integrations
Command execution errors per Instance	Command execution errors per Instance
Executions by status per Automated Tasks (top 5)	Executions by status per Automated Tasks (top 5)
Mean Time to Detection	The mean time (average time) to detection across all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default.
Mean Time to Triage
Incidents by Role
CPU Usage % per Engine (last 24h)	CPU usage percentage per engine in the previous 24 hours
Playbook run errors	Playbook run errors
Failed Automation executions per Incident Types (top 5)	Failed Automation executions per Incident Types (top 5)
MTTR by Type	Shows changes in Mean Time to Resolution (in hours), over time, while differentiating between incident types.
Active Indicators Volumes by Feed
Command executions errors	Command executions errors
Average Incident Duration by Role (Avg)
Manual Verdict Indicators
Average runtime for Playbooks	Average runtime for Playbooks
Least executed Commands per Instance	Least executed Commands per Instance
Incidents by Phase
My Tasks
Server CPU Usage % (last 24h)	Server CPU usage in the previous 24 hours
Command executions per Integration Category	Command executions per Integration Category
Image
TopMaliciousRatioIndicators	Malicious Ratio indicator widget shows indicator that appear in high ration at bad incidents
Incidents Top Close Analysts
MTTD by Type	A widget that shows the Mean Time to Detection, by incident type.
Feeds Errors
Top Users Closed Manual Tasks	Top Users Closed Manual Tasks
Late Incidents
Detection SLA by Status	The detection SLA status of all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
Most Active Investigations
Least executed Commands	Least executed Commands
Unassigned Pending Incidents
Failed Playbooks runs	Failed Playbooks runs
Command execution type	Command execution type
Top Active Playbooks
Late Incidents
Unassigned Active Incidents
Incident Severity by Type
Errors by Incident Type per Command (top 5)	Errors by Incident Type per Command (top 5)
Closed Incidents by Role
Text Widget
MTTD by Severity
Average runtime by Instance per Command (top 5)	Average runtime by Instance per Command (top 5)
Memory Current Usage
Incidents Occurred Per Day
Open Tasks Per User
Command executions per Incident Type	Command executions per Incident Type
Average runtime per Automation (top 5)	Average runtime per Automation (top 5)
Incidents By Close Reason
Disk Current Usage
Latest Messages
Mean Time to Resolution (Occurred)
Workers per Engine	Current number of workers per engine
Running playbooks
Incidents Dropped in Preprocessing
Command average runtime per Instance (top 5)	Command average runtime per Instance (top 5)
MTTC by Severity
Feed Integrations Errors	Feed integrations indicators fetch errors
CPU Usage % per Engine	Current CPU usage percentage per engine
Executions by status per Manual Tasks (top 5)	Executions by status per Manual Tasks (top 5)
Remediation SLA by Status	The remediation SLA status of all incidents that started a remediation process. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
MTTR Occurred by Type
Tasks By State
Malicious/Suspicious Indicators in Incidents
Important Messages
Active Indicators by Verdict
Commands executed	Commands executed
SLA by Incident Type
Unit 42 Blog Feed
Late SLA by Type
Closed By Dbot	Showing percentage of incidents handled and closed by DBot, without an owner being assigned to, across all incidents in the provided period
Relationship Generating Integrations
MTTT by Severity
Late Tasks
Average runtime by Incident Type per Playbook (top 5)	Average runtime by Incident Type per Playbook (top 5)
Incidents in Error Run Status
CPU Current Usage
Active Incidents by Role
MTTR by Severity
Task execution errors	Task execution errors
Manual Verdict Indicators by User
Top 10 Attack Pattern Indicators in Related Incidents
Disk Usage % per Engine (last 24h)	Disk usage percentage per engine in the previous 24 hours
Unassigned Closed Incidents
Malicious Indicators Activity
Active vs Expired Indicators
Most Active Users
My ToDo Tasks	A widget that presents a table of all the ToDo tasks assigned to the current user.
Late Tasks by User
Top 10 File Indicators in Related Incidents
Busy Workers per Engine (last 24h)	Number of busy workers per engine in the previous 24 hours
Active Incidents Assigned by User
Command execution errors	Command execution errors
Mean Time to Containment
Server Memory Usage % (last 24h)	Server memory usage % (previous 24 hours)
Task executions	Task executions
Unassigned Incidents
Elastic Disk Current Usage	Elastic Disk Current Usage %
Malicious Indicators Activity by Type
Active Incidents - Line chart
Top executed Commands	Top executed Commands
Active Incidents - Pie chart
Indicators Activity by Type
Unassigned Incidents
Disk Usage % per Engine	Current disk usage percentage per engine
Page Break Widget	Use the page break widget in a report to force a page break before the widgets that follow.
Manual Command execution errors (top 5)	Manual Command execution errors (top 5)
Incident Types by Severity
Indicators Activity

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (3)

Pack Name	Pack By
Base	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

1.2.58 - 5940029 (November 20, 2025)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.5475267.

Related pull requests:
- 41956

Download

1.2.57 - 5538136 (October 23, 2025)

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 41627

Download

1.2.56 - 4096037 (July 8, 2025)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.12.8.3296088.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 40498

Download

1.2.55 - 4049458 (July 3, 2025)

Common Widgets

Documentation and metadata improvements.

Related pull requests:
- 40478

Download

1.2.54 - R3414854 (May 15, 2025)

Scripts

RSSWidget

Metadata and documentation improvements.

FeedIntegrationErrorWidget

Metadata and documentation improvements.

MyToDoTasksWidget

Metadata and documentation improvements.

Related pull requests:
- 39142

Download

1.2.53 - 1718057 (November 28, 2024)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.11.10.115186.

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

1.2.52 - 1673120 (November 19, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.116158.

Related pull requests:
- 37281

Download

1.2.51 - 1085491 (June 11, 2024)

Scripts

MyToDoTasksWidget

Fixed an issue where the incident link was broken in SaaS platforms.
Updated the Docker image to: demisto/python3:3.10.14.97100.

Related pull requests:
- 34768

Download

1.2.50 - 1082615 (June 10, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34804

Download

1.2.49 - 998827 (May 6, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34212

Download

1.2.48 - 823153 (February 12, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.87415.

Related pull requests:
- 32840

Download

1.2.47 - 798475 (February 1, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.86612.

Related pull requests:
- 32535

Download

1.2.46 - 778227 (January 22, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 32331

Download

1.2.45 - 760302 (January 14, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84811.

Related pull requests:
- 32154

Download

1.2.44 - 743135 (January 4, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84236.

Related pull requests:
- 31969

Download

1.2.43 - 729445 (January 1, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84025.

Related pull requests:
- 31880

Download

1.2.42 - 722180 (December 28, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.83976.

Related pull requests:
- 31830

Download

1.2.41 - 7209615 (December 19, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.83687.

Related pull requests:
- 31553

Download

1.2.40 - 7149458 (December 13, 2023)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.10.13.83255.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31427

Download

1.2.39 - 7066068 (December 4, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.82341.

Related pull requests:
- 31289

Download

1.2.38 - 7029664 (November 30, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.81890.

Related pull requests:
- 31217

Download

1.2.36 - 6965450 (November 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.80944.

Related pull requests:
- 31027

Download

1.2.35 - 6808171 (November 6, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.79870.

Related pull requests:
- 30671

Download

1.2.34 - 6636841 (October 18, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.77497.

Related pull requests:
- 30237

Download

1.2.33 - 6608983 (October 15, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.77054.

Related pull requests:
- 30136

Download

1.2.32 - 6437102 (September 27, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.75615.

Related pull requests:
- 29871

Download

1.2.31 - 6285754 (September 10, 2023)

CommonWidgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 29466

Download

1.2.30 - 6259960 (September 7, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.73055.

Related pull requests:
- 29532

Download

1.2.29 - 6117817 (August 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.71964.

Related pull requests:
- 29105

Download

1.2.28 - 5969979 (August 6, 2023)

CommonWidgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 28753

Download

1.2.27 - R5866730 (July 25, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.66127.

Related pull requests:
- 28411

Download

1.2.26 - 5720652 (July 9, 2023)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27997

Download

1.2.25 - 5692327 (July 5, 2023)

Scripts

MyToDoTasksWidget

Fixed an issue that prevented the script from showing open tasks for users who had a significant number of closed tasks assigned to them.
Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27856

Download

1.2.24 - 5640115 (June 28, 2023)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 27747

Download

1.2.23 - 5620796 (June 26, 2023)

Scripts

Widget GetLargestInvestigations was removed from this pack.
Widget GetLargestInputsAndOuputsInIncidents was removed from this pack.

Related pull requests:
- 27694

Download

1.2.22 - 5588925 (June 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.64013.

Related pull requests:
- 27630

Download

1.2.21 - R5450895 (June 5, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.61931.

Related pull requests:
- 27174

Download

1.2.20 - 5295992 (May 18, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.59406.

Related pull requests:
- 26597

Download

1.2.19 - R5170573 (May 2, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.56465.

Related pull requests:
- 26175

Download

1.2.18 - 5057113 (April 17, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.54695.

Related pull requests:
- 25875

Download

1.2.17 - 4932445 (March 30, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.52351.

Related pull requests:
- 25602

Download

1.2.16 - 4822012 (March 15, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.49929.

Related pull requests:
- 25242

Download

1.2.15 - 4763226 (March 7, 2023)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.10.48392.

Related pull requests:
- 25111

Download

1.2.14 - R4718798 (March 1, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.48698.

Related pull requests:
- 24729

Download

1.2.13 - R4646022 (February 19, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.47376.

Related pull requests:
- 24316

Download

1.2.12 - 4413860 (January 17, 2023)

Widgets

Incidents Dropped in Preprocessing

Removed from XSOAR 8.x

Related pull requests:
- 23859

Download

1.2.11 - R4372591 (January 11, 2023)

Widgets

MTTR by Type

Improved performance on the type and closeReason fields.

Active Incidents - Line chart

Improved performance on the type and closeReason fields.

MTTR Occurred by Type

Improved performance on the type and closeReason fields.

Within SLA by Type

Improved performance on the type and closeReason fields.

Incident Types by Severity

Improved performance on the type and closeReason fields.

SLA by Incident Type

Improved performance on the type and closeReason fields.

MTTR by Type (in minutes)

Improved performance on the type and closeReason fields.

MTTD by Type

Improved performance on the type and closeReason fields.

Late SLA by Type

Improved performance on the type and closeReason fields.

Incidents By Close Reason

Improved performance on the type and closeReason fields.

Incident Severity by Type

Improved performance on the type and closeReason fields.

Related pull requests:
- 23438

Download

1.2.10 - 4224127 (December 15, 2022)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.41100.

Related pull requests:
- 23058

Download

1.2.9 - R3921089 (October 26, 2022)

Widgets

New: MTTD by Severity

(Available from Cortex XSOAR 6.5.0).

New: Late SLA by Type

(Available from Cortex XSOAR 6.5.0).

New: Within SLA by Type

(Available from Cortex XSOAR 6.5.0).

New: Mean Time to Containment

(Available from Cortex XSOAR 6.5.0).

New: MTTR by Severity

(Available from Cortex XSOAR 6.5.0).

New: MTTT by Severity

(Available from Cortex XSOAR 6.5.0).

New: MTTC by Severity

(Available from Cortex XSOAR 6.5.0).

New: Mean Time to Triage

(Available from Cortex XSOAR 6.5.0).

Related pull requests:
- 20925

Download

1.2.8 - 3305407 (July 21, 2022)

Scripts

MyToDoTasksWidget

Removed excessive error traceback printing.
Updated the Docker image to: demisto/python3:3.10.5.31928.

RSSWidget

Removed excessive error traceback printing.
Updated the Docker image to: demisto/py3-tools:1.0.0.31193.

Related pull requests:
- 19484

Download

1.2.7 - 3096681 (June 15, 2022)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:0.0.1.30715 as demisto/feed-parser image is deprecated.

Related pull requests:
- 19561

Download

1.2.6 - 2674843 (March 30, 2022)

Scripts

MyToDoTasksWidget

Added type validations and other internal code improvements.

FeedIntegrationErrorWidget

Added type validations and other internal code improvements.

Download

1.2.5 - R2233034 (January 10, 2022)

Scripts

MyToDoTasksWidget

Fixed an issue where the script failed to run if there were no To Do tasks assigned to the user.

Download

1.2.4 - R2146019 (December 21, 2021)

Scripts

RSSWidget

Fixed an issue where the RSS feed entries were in ascending order (they are now in descending order).
Updated the Docker image to: demisto/feed-parser:1.0.0.25187.

Download

1.2.3 - 2106314 (December 14, 2021)

Widgets

Unit 42 Blog Feed

Documentation and metadata improvements.

Download

1.2.2 - 2037725 (December 1, 2021)

Scripts

New: MyToDoTasksWidget

A script that creates a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).

Widgets

New: My ToDo Tasks

A widget that presents a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).

Download

1.2.1 - 1941309 (November 12, 2021)

Widgets

New: Unit42 Blog Feed

Available from Cortex XSOAR 6.2.0.

New: Active Indicators Volumes by Feed

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

New: Relationship Generating Integrations

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

New: Malicious/Suspicious Indicators in Incidents

Available from Cortex XSOAR 6.2.0.

New: Feeds Errors

Available from Cortex XSOAR 6.2.0.

New: Active vs Expired Indicators

Available from Cortex XSOAR 6.2.0.

New: Active Indicators by Verdict

Available from Cortex XSOAR 6.2.0.

Download

1.2.0 - 1926804 (November 10, 2021)

Widgets

Mentions

Breaking Change The Mentions widget is not supported on version 6.2 or newer.

Download

1.1.10 - 1882648 (November 2, 2021)

Scripts

GetLargestInputsAndOuputsInIncidents

Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.

GetLargestInvestigations

Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.

Download

PUBLISHER

PLATFORMS

Cortex XSOAR

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	June 30, 2020
Last Release	November 20, 2025

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.