A script that creates a table of all the ToDo tasks assigned to the current user.
Common Widgets
- Details
- Content
- Dependencies
- Version History
Frequently used widgets pack.
Automations
| Name | Description |
|---|---|
| MyToDoTasksWidget | |
| FeedIntegrationErrorWidget | Returns a table widget of enabled feed integration instances that errors out on indicators fetch. |
| RSSWidget | Script Widget - RSS Feed. |
Widgets
| Name | Description |
|---|---|
Top executed Commands | Top executed Commands |
Memory Current Usage | |
Closed By Dbot | Showing percentage of incidents handled and closed by DBot, without an owner being assigned to, across all incidents in the provided period |
Malicious/Suspicious Indicators in Incidents | |
Workers per Engine | Current number of workers per engine |
Incidents Dropped in Preprocessing | |
Executions by status per Manual Tasks (top 5) | Executions by status per Manual Tasks (top 5) |
Return On Investment (ROI) | |
Incidents by Phase | |
Indicators Activity | |
MTTT by Severity | |
Least executed Commands | Least executed Commands |
Elastic CPU Current Usage | Elasticsearch CPU Current Usage % |
CPU Current Usage | |
Incidents By Close Reason | |
MTTC by Severity | |
Disk Usage % per Engine (last 24h) | Disk usage percentage per engine in the previous 24 hours |
Late Tasks by User | |
Mean Time to Detection | The mean time (average time) to detection across all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default. |
Late SLA by Type | |
My Messages | |
Average runtime by Instance per Command (top 5) | Average runtime by Instance per Command (top 5) |
Malicious Indicators Activity by Type | |
MTTD by Severity | |
My Tasks | |
Investigation Activity Timeline | |
CPU Usage % per Engine (last 24h) | CPU usage percentage per engine in the previous 24 hours |
Incidents in Error Run Status | |
Command execution errors | Command execution errors |
Closed Incidents by Role | |
MTTR by Type | Shows changes in Mean Time to Resolution (in hours), over time, while differentiating between incident types. |
Server Memory Usage % (last 24h) | Server memory usage % (previous 24 hours) |
Text Widget | |
Errors by Incident Type per Command (top 5) | Errors by Incident Type per Command (top 5) |
Remediation SLA by Status | The remediation SLA status of all incidents that started a remediation process. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes. |
Incident Types by Severity | |
Playbook runs | Playbook runs |
Manual Verdict Indicators by User | |
Command execution type | Command execution type |
MTTR Occurred by Type | |
Least executed Commands per Instance | Least executed Commands per Instance |
Unassigned Pending Incidents | |
Busy Workers per Engine (last 24h) | Number of busy workers per engine in the previous 24 hours |
Incidents Top Close Analysts | |
Server CPU Usage % (last 24h) | Server CPU usage in the previous 24 hours |
Mean Time to Triage | |
My ToDo Tasks | A widget that presents a table of all the ToDo tasks assigned to the current user. |
Command executions errors | Command executions errors |
Failed Automation executions per Incident Types (top 5) | Failed Automation executions per Incident Types (top 5) |
Task execution errors | Task execution errors |
Task executions | Task executions |
Active Incidents by Role | |
Top Active Playbooks | |
Important Messages | |
Within SLA by Type | |
Average runtime per Automation (top 5) | Average runtime per Automation (top 5) |
MTTD by Type | A widget that shows the Mean Time to Detection, by incident type. |
Busy Workers Count per Engine | Current number of busy workers per engine |
Late Incidents | |
Most Active Integrations | |
Failed Manual Tasks | Failed Manual Tasks |
Open Tasks Per User | |
Manual Verdict Indicators | |
Top Users Closed Manual Tasks | Top Users Closed Manual Tasks |
Unassigned Active Incidents | |
CPU Usage % per Engine | Current CPU usage percentage per engine |
Active Incidents - Pie chart | |
MTTR by Type (in minutes) | Shows changes in Mean Time to Resolution (in minutes), over time, while differentiating between incident types. |
Memory Usage % per Engine | Current memory usage percentage per engine |
Image | |
Unit 42 Blog Feed | |
Active Indicators by Verdict | |
Disk Current Usage | |
Late Incidents | |
Elastic Disk Current Usage | Elastic Disk Current Usage % |
Manual Command execution errors (top 5) | Manual Command execution errors (top 5) |
TopMaliciousRatioIndicators | Malicious Ratio indicator widget shows indicator that appear in high ration at bad incidents |
Malicious Indicators Activity | |
Detection SLA by Status | The detection SLA status of all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes. |
Top 10 Attack Pattern Indicators in Related Incidents | |
Tasks By State | |
Playbook run errors | Playbook run errors |
Executions by status per Automated Tasks (top 5) | Executions by status per Automated Tasks (top 5) |
Commands executed | Commands executed |
Relationship Generating Integrations | |
Incidents Occurred Per Day | |
Memory Usage % per Engine (last 24h) | Memory usage percentage per engine in the previous 24 hours |
Feed Integrations Errors | Feed integrations indicators fetch errors |
Feeds Errors | |
Command executions per Integration Category | Command executions per Integration Category |
Average runtime for Playbooks | Average runtime for Playbooks |
Latest Messages | |
Active Indicators Volumes by Feed | |
Active Incidents Assigned by User | |
Disk Usage % per Engine | Current disk usage percentage per engine |
Command execution errors per Integration Category | Command execution errors per Integration Category |
Incident Severity by Type | |
Average Incident Duration by Role (Avg) | |
Running playbooks | |
Unassigned Incidents | |
Indicators Activity by Type | |
Incidents by Role | |
Indicators in Related Incidents | |
SLA by Incident Type | |
Active Incidents - Line chart | |
Command average runtime per Instance (top 5) | Command average runtime per Instance (top 5) |
Top 10 File Indicators in Related Incidents | |
Failed Playbooks runs | Failed Playbooks runs |
Late Tasks | |
Unassigned Closed Incidents | |
Average runtime by Incident Type per Playbook (top 5) | Average runtime by Incident Type per Playbook (top 5) |
Average runtime per Playbook (top 5) | Average runtime per Playbook (top 5) |
Mean Time to Resolution (Occurred) | |
Most Active Users | |
Command executions per Incident Type | Command executions per Incident Type |
Page Break Widget | Use the page break widget in a report to force a page break before the widgets that follow. |
Most Active Investigations | |
Elastic JVM Memory Current Usage | Elastic JVM Memory Current Usage % |
Active vs Expired Indicators | |
Mean Time to Containment | |
Unassigned Incidents | |
MTTR by Severity | |
Command execution errors per Instance | Command execution errors per Instance |
Required Content Packs (2)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (4)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Aggregated Scripts | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
| Cortex REST API | By: Cortex XSOAR |
1.2.11 - R4372591 (January 11, 2023)
- 23438
Download
Widgets
MTTR by Type
- Improved performance on the type and closeReason fields.
Active Incidents - Line chart
- Improved performance on the type and closeReason fields.
MTTR Occurred by Type
- Improved performance on the type and closeReason fields.
Within SLA by Type
- Improved performance on the type and closeReason fields.
Incident Types by Severity
- Improved performance on the type and closeReason fields.
SLA by Incident Type
- Improved performance on the type and closeReason fields.
MTTR by Type (in minutes)
- Improved performance on the type and closeReason fields.
MTTD by Type
- Improved performance on the type and closeReason fields.
Late SLA by Type
- Improved performance on the type and closeReason fields.
Incidents By Close Reason
- Improved performance on the type and closeReason fields.
Incident Severity by Type
- Improved performance on the type and closeReason fields.
- 23438
Download
1.2.9 - R3921089 (October 26, 2022)
- 20925
Download
Widgets
New: MTTD by Severity
- (Available from Cortex XSOAR 6.5.0).
New: Late SLA by Type
- (Available from Cortex XSOAR 6.5.0).
New: Within SLA by Type
- (Available from Cortex XSOAR 6.5.0).
New: Mean Time to Containment
- (Available from Cortex XSOAR 6.5.0).
New: MTTR by Severity
- (Available from Cortex XSOAR 6.5.0).
New: MTTT by Severity
- (Available from Cortex XSOAR 6.5.0).
New: MTTC by Severity
- (Available from Cortex XSOAR 6.5.0).
New: Mean Time to Triage
- (Available from Cortex XSOAR 6.5.0).
- 20925
Download
1.2.8 - 3305407 (July 21, 2022)
1.2.6 - 2674843 (March 30, 2022)
Scripts
MyToDoTasksWidget
- Added type validations and other internal code improvements.
FeedIntegrationErrorWidget
- Added type validations and other internal code improvements.
1.2.5 - R2233034 (January 10, 2022)
Scripts
MyToDoTasksWidget
- Fixed an issue where the script failed to run if there were no To Do tasks assigned to the user.
1.2.4 - R2146019 (December 21, 2021)
Scripts
RSSWidget
- Fixed an issue where the RSS feed entries were in ascending order (they are now in descending order).
- Updated the Docker image to: demisto/feed-parser:1.0.0.25187.
1.2.3 - 2106314 (December 14, 2021)
Widgets
Unit 42 Blog Feed
- Documentation and metadata improvements.
1.2.2 - 2037725 (December 1, 2021)
Scripts
New: MyToDoTasksWidget
- A script that creates a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).
Widgets
New: My ToDo Tasks
- A widget that presents a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).
1.2.1 - 1941309 (November 12, 2021)
Widgets
New: Unit42 Blog Feed
- Available from Cortex XSOAR 6.2.0.
New: Active Indicators Volumes by Feed
- Available from Cortex XSOAR 6.2.0.
New: Top 10 File Indicators in Related Incidents
- Available from Cortex XSOAR 6.2.0.
New: Indicators in Related Incidents
- Available from Cortex XSOAR 6.2.0.
New: Relationship Generating Integrations
- Available from Cortex XSOAR 6.2.0.
New: Top 10 Attack Pattern Indicators in Related Incidents
- Available from Cortex XSOAR 6.2.0.
New: Malicious/Suspicious Indicators in Incidents
- Available from Cortex XSOAR 6.2.0.
New: Feeds Errors
- Available from Cortex XSOAR 6.2.0.
New: Active vs Expired Indicators
- Available from Cortex XSOAR 6.2.0.
New: Active Indicators by Verdict
- Available from Cortex XSOAR 6.2.0.
1.2.0 - 1926804 (November 10, 2021)
Widgets
Mentions
- Breaking Change The Mentions widget is not supported on version 6.2 or newer.
1.1.10 - 1882648 (November 2, 2021)
Scripts
GetLargestInputsAndOuputsInIncidents
- Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.
GetLargestInvestigations
- Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.
PUBLISHER
PLATFORMS
Cortex XSOAR
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | June 30, 2020 | |
| Last Release | January 6, 2026 |