Common Widgets

Details
Content
Dependencies
Version History

Frequently used widgets pack.

Automations

Name	Description
RSSWidget	Script Widget - RSS Feed.
FeedIntegrationErrorWidget	Returns a table widget of enabled feed integration instances that errors out on indicators fetch.
MyToDoTasksWidget	A script that creates a table of all the ToDo tasks assigned to the current user.

Widgets

Name	Description
Command execution errors per Instance	Command execution errors per Instance
MTTR Occurred by Type
Remediation SLA by Status	The remediation SLA status of all incidents that started a remediation process. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
Feeds Errors
Unit 42 Blog Feed
Late Incidents
Command executions per Integration Category	Command executions per Integration Category
Executions by status per Automated Tasks (top 5)	Executions by status per Automated Tasks (top 5)
SLA by Incident Type
Image
Incidents By Close Reason
Average runtime by Instance per Command (top 5)	Average runtime by Instance per Command (top 5)
Detection SLA by Status	The detection SLA status of all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
Command executions errors	Command executions errors
Task execution errors	Task execution errors
Most Active Integrations
Elastic JVM Memory Current Usage	Elastic JVM Memory Current Usage %
Active Incidents - Pie chart
Command average runtime per Instance (top 5)	Command average runtime per Instance (top 5)
Important Messages
Command execution errors per Integration Category	Command execution errors per Integration Category
Failed Playbooks runs	Failed Playbooks runs
Top Users Closed Manual Tasks	Top Users Closed Manual Tasks
Text Widget
Late Incidents
MTTT by Severity
Busy Workers per Engine (last 24h)	Number of busy workers per engine in the previous 24 hours
CPU Usage % per Engine	Current CPU usage percentage per engine
Memory Usage % per Engine	Current memory usage percentage per engine
Top executed Commands	Top executed Commands
Elastic Disk Current Usage	Elastic Disk Current Usage %
Executions by status per Manual Tasks (top 5)	Executions by status per Manual Tasks (top 5)
Incidents Occurred Per Day
Page Break Widget	Use the page break widget in a report to force a page break before the widgets that follow.
Running playbooks
Elastic CPU Current Usage	Elasticsearch CPU Current Usage %
Top Active Playbooks
Active vs Expired Indicators
Least executed Commands	Least executed Commands
Task executions	Task executions
Command execution errors	Command execution errors
Disk Current Usage
Average Incident Duration by Role (Avg)
Top 10 Attack Pattern Indicators in Related Incidents
Playbook run errors	Playbook run errors
Incidents in Error Run Status
Average runtime per Playbook (top 5)	Average runtime per Playbook (top 5)
Unassigned Incidents
Unassigned Incidents
Active Incidents - Line chart
MTTD by Severity
Closed By Dbot	Showing percentage of incidents handled and closed by DBot, without an owner being assigned to, across all incidents in the provided period
MTTR by Severity
My Messages
Average runtime by Incident Type per Playbook (top 5)	Average runtime by Incident Type per Playbook (top 5)
Indicators Activity by Type
Incident Severity by Type
Malicious Indicators Activity
MTTC by Severity
Unassigned Closed Incidents
Within SLA by Type
Tasks By State
Incident Types by Severity
Disk Usage % per Engine	Current disk usage percentage per engine
Average runtime per Automation (top 5)	Average runtime per Automation (top 5)
Server CPU Usage % (last 24h)	Server CPU usage in the previous 24 hours
Command execution type	Command execution type
Disk Usage % per Engine (last 24h)	Disk usage percentage per engine in the previous 24 hours
MTTD by Type	A widget that shows the Mean Time to Detection, by incident type.
CPU Current Usage
Investigation Activity Timeline
Mean Time to Containment
Active Incidents Assigned by User
Manual Command execution errors (top 5)	Manual Command execution errors (top 5)
Least executed Commands per Instance	Least executed Commands per Instance
TopMaliciousRatioIndicators	Malicious Ratio indicator widget shows indicator that appear in high ration at bad incidents
Mean Time to Triage
Memory Current Usage
Mean Time to Resolution (Occurred)
Malicious Indicators Activity by Type
Malicious/Suspicious Indicators in Incidents
Workers per Engine	Current number of workers per engine
My Tasks
Active Indicators by Verdict
Late SLA by Type
MTTR by Type (in minutes)	Shows changes in Mean Time to Resolution (in minutes), over time, while differentiating between incident types.
Mean Time to Detection	The mean time (average time) to detection across all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default.
Unassigned Active Incidents
Feed Integrations Errors	Feed integrations indicators fetch errors
Active Indicators Volumes by Feed
Manual Verdict Indicators by User
Playbook runs	Playbook runs
Most Active Users
Latest Messages
Late Tasks
Failed Manual Tasks	Failed Manual Tasks
Top 10 File Indicators in Related Incidents
Open Tasks Per User
MTTR by Type	Shows changes in Mean Time to Resolution (in hours), over time, while differentiating between incident types.
Incidents by Phase
Active Incidents by Role
Relationship Generating Integrations
Indicators Activity
Most Active Investigations
Failed Automation executions per Incident Types (top 5)	Failed Automation executions per Incident Types (top 5)
Busy Workers Count per Engine	Current number of busy workers per engine
Late Tasks by User
Incidents Top Close Analysts
Manual Verdict Indicators
Indicators in Related Incidents
Unassigned Pending Incidents
CPU Usage % per Engine (last 24h)	CPU usage percentage per engine in the previous 24 hours
Commands executed	Commands executed
Server Memory Usage % (last 24h)	Server memory usage % (previous 24 hours)
My ToDo Tasks	A widget that presents a table of all the ToDo tasks assigned to the current user.
Return On Investment (ROI)
Closed Incidents by Role
Incidents by Role
Command executions per Incident Type	Command executions per Incident Type
Average runtime for Playbooks	Average runtime for Playbooks
Memory Usage % per Engine (last 24h)	Memory usage percentage per engine in the previous 24 hours
Errors by Incident Type per Command (top 5)	Errors by Incident Type per Command (top 5)
Incidents Dropped in Preprocessing

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (3)

Pack Name	Pack By
Cortex REST API	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Base	By: Cortex XSOAR

1.2.59 - 6238358 (December 11, 2025)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.12.12.6204436.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.12.12.6204436.

Related pull requests:
- 42247

Download

1.2.58 - 5940029 (November 20, 2025)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.5475267.

Related pull requests:
- 41956

Download

1.2.57 - 5538136 (October 23, 2025)

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 41627

Download

1.2.56 - 4096037 (July 8, 2025)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.12.8.3296088.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 40498

Download

1.2.55 - 4049458 (July 3, 2025)

Common Widgets

Documentation and metadata improvements.

Related pull requests:
- 40478

Download

1.2.54 - R3414854 (May 15, 2025)

Scripts

RSSWidget

Metadata and documentation improvements.

FeedIntegrationErrorWidget

Metadata and documentation improvements.

MyToDoTasksWidget

Metadata and documentation improvements.

Related pull requests:
- 39142

Download

1.2.53 - 1718057 (November 28, 2024)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.11.10.115186.

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

1.2.52 - 1673120 (November 19, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.116158.

Related pull requests:
- 37281

Download

1.2.51 - 1085491 (June 11, 2024)

Scripts

MyToDoTasksWidget

Fixed an issue where the incident link was broken in SaaS platforms.
Updated the Docker image to: demisto/python3:3.10.14.97100.

Related pull requests:
- 34768

Download

1.2.50 - 1082615 (June 10, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34804

Download

1.2.49 - 998827 (May 6, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34212

Download

1.2.48 - 823153 (February 12, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.87415.

Related pull requests:
- 32840

Download

1.2.47 - 798475 (February 1, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.86612.

Related pull requests:
- 32535

Download

1.2.46 - 778227 (January 22, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 32331

Download

1.2.45 - 760302 (January 14, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84811.

Related pull requests:
- 32154

Download

1.2.44 - 743135 (January 4, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84236.

Related pull requests:
- 31969

Download

1.2.43 - 729445 (January 1, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84025.

Related pull requests:
- 31880

Download

1.2.42 - 722180 (December 28, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.83976.

Related pull requests:
- 31830

Download

1.2.41 - 7209615 (December 19, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.83687.

Related pull requests:
- 31553

Download

1.2.40 - 7149458 (December 13, 2023)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.10.13.83255.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31427

Download

1.2.39 - 7066068 (December 4, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.82341.

Related pull requests:
- 31289

Download

1.2.38 - 7029664 (November 30, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.81890.

Related pull requests:
- 31217

Download

1.2.36 - 6965450 (November 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.80944.

Related pull requests:
- 31027

Download

1.2.35 - 6808171 (November 6, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.79870.

Related pull requests:
- 30671

Download

1.2.34 - 6636841 (October 18, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.77497.

Related pull requests:
- 30237

Download

1.2.33 - 6608983 (October 15, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.77054.

Related pull requests:
- 30136

Download

1.2.32 - 6437102 (September 27, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.75615.

Related pull requests:
- 29871

Download

1.2.31 - 6285754 (September 10, 2023)

CommonWidgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 29466

Download

1.2.30 - 6259960 (September 7, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.73055.

Related pull requests:
- 29532

Download

1.2.29 - 6117817 (August 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.71964.

Related pull requests:
- 29105

Download

1.2.28 - 5969979 (August 6, 2023)

CommonWidgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 28753

Download

1.2.27 - R5866730 (July 25, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.66127.

Related pull requests:
- 28411

Download

1.2.26 - 5720652 (July 9, 2023)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27997

Download

1.2.25 - 5692327 (July 5, 2023)

Scripts

MyToDoTasksWidget

Fixed an issue that prevented the script from showing open tasks for users who had a significant number of closed tasks assigned to them.
Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27856

Download

1.2.24 - 5640115 (June 28, 2023)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 27747

Download

1.2.23 - 5620796 (June 26, 2023)

Scripts

Widget GetLargestInvestigations was removed from this pack.
Widget GetLargestInputsAndOuputsInIncidents was removed from this pack.

Related pull requests:
- 27694

Download

1.2.22 - 5588925 (June 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.64013.

Related pull requests:
- 27630

Download

1.2.21 - R5450895 (June 5, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.61931.

Related pull requests:
- 27174

Download

1.2.20 - 5295992 (May 18, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.59406.

Related pull requests:
- 26597

Download

1.2.19 - R5170573 (May 2, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.56465.

Related pull requests:
- 26175

Download

1.2.18 - 5057113 (April 17, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.54695.

Related pull requests:
- 25875

Download

1.2.17 - 4932445 (March 30, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.52351.

Related pull requests:
- 25602

Download

1.2.16 - 4822012 (March 15, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.49929.

Related pull requests:
- 25242

Download

1.2.15 - 4763226 (March 7, 2023)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.10.48392.

Related pull requests:
- 25111

Download

1.2.14 - R4718798 (March 1, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.48698.

Related pull requests:
- 24729

Download

1.2.13 - R4646022 (February 19, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.47376.

Related pull requests:
- 24316

Download

1.2.12 - 4413860 (January 17, 2023)

Widgets

Incidents Dropped in Preprocessing

Removed from XSOAR 8.x

Related pull requests:
- 23859

Download

1.2.11 - R4372591 (January 11, 2023)

Widgets

MTTR by Type

Improved performance on the type and closeReason fields.

Active Incidents - Line chart

Improved performance on the type and closeReason fields.

MTTR Occurred by Type

Improved performance on the type and closeReason fields.

Within SLA by Type

Improved performance on the type and closeReason fields.

Incident Types by Severity

Improved performance on the type and closeReason fields.

SLA by Incident Type

Improved performance on the type and closeReason fields.

MTTR by Type (in minutes)

Improved performance on the type and closeReason fields.

MTTD by Type

Improved performance on the type and closeReason fields.

Late SLA by Type

Improved performance on the type and closeReason fields.

Incidents By Close Reason

Improved performance on the type and closeReason fields.

Incident Severity by Type

Improved performance on the type and closeReason fields.

Related pull requests:
- 23438

Download

1.2.10 - 4224127 (December 15, 2022)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.41100.

Related pull requests:
- 23058

Download

1.2.9 - R3921089 (October 26, 2022)

Widgets

New: MTTD by Severity

(Available from Cortex XSOAR 6.5.0).

New: Late SLA by Type

(Available from Cortex XSOAR 6.5.0).

New: Within SLA by Type

(Available from Cortex XSOAR 6.5.0).

New: Mean Time to Containment

(Available from Cortex XSOAR 6.5.0).

New: MTTR by Severity

(Available from Cortex XSOAR 6.5.0).

New: MTTT by Severity

(Available from Cortex XSOAR 6.5.0).

New: MTTC by Severity

(Available from Cortex XSOAR 6.5.0).

New: Mean Time to Triage

(Available from Cortex XSOAR 6.5.0).

Related pull requests:
- 20925

Download

1.2.8 - 3305407 (July 21, 2022)

Scripts

MyToDoTasksWidget

Removed excessive error traceback printing.
Updated the Docker image to: demisto/python3:3.10.5.31928.

RSSWidget

Removed excessive error traceback printing.
Updated the Docker image to: demisto/py3-tools:1.0.0.31193.

Related pull requests:
- 19484

Download

1.2.7 - 3096681 (June 15, 2022)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:0.0.1.30715 as demisto/feed-parser image is deprecated.

Related pull requests:
- 19561

Download

1.2.6 - 2674843 (March 30, 2022)

Scripts

MyToDoTasksWidget

Added type validations and other internal code improvements.

FeedIntegrationErrorWidget

Added type validations and other internal code improvements.

Download

1.2.5 - R2233034 (January 10, 2022)

Scripts

MyToDoTasksWidget

Fixed an issue where the script failed to run if there were no To Do tasks assigned to the user.

Download

1.2.4 - R2146019 (December 21, 2021)

Scripts

RSSWidget

Fixed an issue where the RSS feed entries were in ascending order (they are now in descending order).
Updated the Docker image to: demisto/feed-parser:1.0.0.25187.

Download

1.2.3 - 2106314 (December 14, 2021)

Widgets

Unit 42 Blog Feed

Documentation and metadata improvements.

Download

1.2.2 - 2037725 (December 1, 2021)

Scripts

New: MyToDoTasksWidget

A script that creates a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).

Widgets

New: My ToDo Tasks

A widget that presents a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).

Download

1.2.1 - 1941309 (November 12, 2021)

Widgets

New: Unit42 Blog Feed

Available from Cortex XSOAR 6.2.0.

New: Active Indicators Volumes by Feed

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

New: Relationship Generating Integrations

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

New: Malicious/Suspicious Indicators in Incidents

Available from Cortex XSOAR 6.2.0.

New: Feeds Errors

Available from Cortex XSOAR 6.2.0.

New: Active vs Expired Indicators

Available from Cortex XSOAR 6.2.0.

New: Active Indicators by Verdict

Available from Cortex XSOAR 6.2.0.

Download

1.2.0 - 1926804 (November 10, 2021)

Widgets

Mentions

Breaking Change The Mentions widget is not supported on version 6.2 or newer.

Download

1.1.10 - 1882648 (November 2, 2021)

Scripts

GetLargestInputsAndOuputsInIncidents

Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.

GetLargestInvestigations

Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.

Download

PUBLISHER

PLATFORMS

Cortex XSOAR

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	June 30, 2020
Last Release	December 11, 2025

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.