Common Widgets

Details
Content
Dependencies
Version History

Frequently used widgets pack.

Automations

Name	Description
RSSWidget	Script Widget - RSS Feed.
MyToDoTasksWidget	A script that creates a table of all the ToDo tasks assigned to the current user.
FeedIntegrationErrorWidget	Returns a table widget of enabled feed integration instances that errors out on indicators fetch.

Widgets

Name	Description
Mean Time to Resolution (Occurred)
My Messages
Mean Time to Triage
Return On Investment (ROI)
SLA by Incident Type
Memory Usage % per Engine (last 24h)	Memory usage percentage per engine in the previous 24 hours
Incident Types by Severity
Failed Automation executions per Incident Types (top 5)	Failed Automation executions per Incident Types (top 5)
Indicators Activity
Manual Verdict Indicators by User
Command execution errors per Instance	Command execution errors per Instance
Unassigned Active Incidents
Detection SLA by Status	The detection SLA status of all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
Active Incidents by Role
Malicious Indicators Activity by Type
Indicators Activity by Type
Failed Playbooks runs	Failed Playbooks runs
Memory Current Usage
Command execution errors	Command execution errors
Running playbooks
Most Active Integrations
Late Incidents
Late Incidents
Incidents Top Close Analysts
Remediation SLA by Status	The remediation SLA status of all incidents that started a remediation process. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
Playbook runs	Playbook runs
Tasks By State
Incidents by Phase
Unit 42 Blog Feed
My Tasks
Average Incident Duration by Role (Avg)
Incidents Dropped in Preprocessing
MTTD by Type	A widget that shows the Mean Time to Detection, by incident type.
CPU Usage % per Engine (last 24h)	CPU usage percentage per engine in the previous 24 hours
CPU Usage % per Engine	Current CPU usage percentage per engine
Latest Messages
Indicators in Related Incidents
Average runtime for Playbooks	Average runtime for Playbooks
Disk Current Usage
Feed Integrations Errors	Feed integrations indicators fetch errors
Command execution type	Command execution type
Average runtime by Incident Type per Playbook (top 5)	Average runtime by Incident Type per Playbook (top 5)
Memory Usage % per Engine	Current memory usage percentage per engine
Feeds Errors
MTTT by Severity
Investigation Activity Timeline
TopMaliciousRatioIndicators	Malicious Ratio indicator widget shows indicator that appear in high ration at bad incidents
Page Break Widget	Use the page break widget in a report to force a page break before the widgets that follow.
Commands executed	Commands executed
Elastic JVM Memory Current Usage	Elastic JVM Memory Current Usage %
Relationship Generating Integrations
MTTD by Severity
Server Memory Usage % (last 24h)	Server memory usage % (previous 24 hours)
Text Widget
Incidents by Role
MTTR by Type (in minutes)	Shows changes in Mean Time to Resolution (in minutes), over time, while differentiating between incident types.
Important Messages
Average runtime by Instance per Command (top 5)	Average runtime by Instance per Command (top 5)
Unassigned Incidents
Malicious/Suspicious Indicators in Incidents
My ToDo Tasks	A widget that presents a table of all the ToDo tasks assigned to the current user.
Command executions per Incident Type	Command executions per Incident Type
Task executions	Task executions
MTTR by Type	Shows changes in Mean Time to Resolution (in hours), over time, while differentiating between incident types.
Late Tasks by User
Command executions per Integration Category	Command executions per Integration Category
Active Indicators Volumes by Feed
Malicious Indicators Activity
Most Active Investigations
Active Incidents - Line chart
Incidents By Close Reason
CPU Current Usage
Within SLA by Type
Least executed Commands per Instance	Least executed Commands per Instance
Command executions errors	Command executions errors
Image
Disk Usage % per Engine (last 24h)	Disk usage percentage per engine in the previous 24 hours
Top 10 Attack Pattern Indicators in Related Incidents
Closed By Dbot	Showing percentage of incidents handled and closed by DBot, without an owner being assigned to, across all incidents in the provided period
Unassigned Closed Incidents
Closed Incidents by Role
Average runtime per Playbook (top 5)	Average runtime per Playbook (top 5)
Busy Workers per Engine (last 24h)	Number of busy workers per engine in the previous 24 hours
Incidents Occurred Per Day
Unassigned Incidents
MTTC by Severity
Active Incidents Assigned by User
Active Incidents - Pie chart
Late Tasks
Disk Usage % per Engine	Current disk usage percentage per engine
Most Active Users
MTTR Occurred by Type
Top Users Closed Manual Tasks	Top Users Closed Manual Tasks
Top Active Playbooks
Elastic CPU Current Usage	Elasticsearch CPU Current Usage %
Mean Time to Detection	The mean time (average time) to detection across all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default.
Incidents in Error Run Status
Late SLA by Type
Mean Time to Containment
Unassigned Pending Incidents
Active vs Expired Indicators
Command execution errors per Integration Category	Command execution errors per Integration Category
Playbook run errors	Playbook run errors
Command average runtime per Instance (top 5)	Command average runtime per Instance (top 5)
Failed Manual Tasks	Failed Manual Tasks
Active Indicators by Verdict
MTTR by Severity
Elastic Disk Current Usage	Elastic Disk Current Usage %
Manual Verdict Indicators
Open Tasks Per User
Average runtime per Automation (top 5)	Average runtime per Automation (top 5)
Executions by status per Automated Tasks (top 5)	Executions by status per Automated Tasks (top 5)
Top executed Commands	Top executed Commands
Incident Severity by Type
Executions by status per Manual Tasks (top 5)	Executions by status per Manual Tasks (top 5)
Errors by Incident Type per Command (top 5)	Errors by Incident Type per Command (top 5)
Busy Workers Count per Engine	Current number of busy workers per engine
Workers per Engine	Current number of workers per engine
Task execution errors	Task execution errors
Server CPU Usage % (last 24h)	Server CPU usage in the previous 24 hours
Manual Command execution errors (top 5)	Manual Command execution errors (top 5)
Least executed Commands	Least executed Commands
Top 10 File Indicators in Related Incidents

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (3)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR

1.2.54 - 3042633 (April 2, 2025)

Scripts

RSSWidget

Metadata and documentation improvements.

FeedIntegrationErrorWidget

Metadata and documentation improvements.

MyToDoTasksWidget

Metadata and documentation improvements.

Related pull requests:
- 39142

Download

1.2.53 - 1718057 (November 28, 2024)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.11.10.115186.

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

1.2.52 - 1673120 (November 19, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.116158.

Related pull requests:
- 37281

Download

1.2.51 - 1085491 (June 11, 2024)

Scripts

MyToDoTasksWidget

Fixed an issue where the incident link was broken in SaaS platforms.
Updated the Docker image to: demisto/python3:3.10.14.97100.

Related pull requests:
- 34768

Download

1.2.50 - 1082615 (June 10, 2024)

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34804

Download

1.2.49 - 998827 (May 6, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34212

Download

1.2.48 - 823153 (February 12, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.87415.

Related pull requests:
- 32840

Download

1.2.47 - 798475 (February 1, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.86612.

Related pull requests:
- 32535

Download

1.2.46 - 778227 (January 22, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 32331

Download

1.2.45 - 760302 (January 14, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84811.

Related pull requests:
- 32154

Download

1.2.44 - 743135 (January 4, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84236.

Related pull requests:
- 31969

Download

1.2.43 - 729445 (January 1, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84025.

Related pull requests:
- 31880

Download

1.2.42 - 722180 (December 28, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.83976.

Related pull requests:
- 31830

Download

1.2.41 - 7209615 (December 19, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.83687.

Related pull requests:
- 31553

Download

1.2.40 - 7149458 (December 13, 2023)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.10.13.83255.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31427

Download

1.2.39 - 7066068 (December 4, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.82341.

Related pull requests:
- 31289

Download

1.2.38 - 7029664 (November 30, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.81890.

Related pull requests:
- 31217

Download

1.2.36 - 6965450 (November 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.80944.

Related pull requests:
- 31027

Download

1.2.35 - 6808171 (November 6, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.79870.

Related pull requests:
- 30671

Download

1.2.34 - 6636841 (October 18, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.77497.

Related pull requests:
- 30237

Download

1.2.33 - 6608983 (October 15, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.77054.

Related pull requests:
- 30136

Download

1.2.32 - 6437102 (September 27, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.75615.

Related pull requests:
- 29871

Download

1.2.31 - 6285754 (September 10, 2023)

CommonWidgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 29466

Download

1.2.30 - 6259960 (September 7, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.73055.

Related pull requests:
- 29532

Download

1.2.29 - 6117817 (August 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.71964.

Related pull requests:
- 29105

Download

1.2.28 - 5969979 (August 6, 2023)

CommonWidgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 28753

Download

1.2.27 - R5866730 (July 25, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.66127.

Related pull requests:
- 28411

Download

1.2.26 - 5720652 (July 9, 2023)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27997

Download

1.2.25 - 5692327 (July 5, 2023)

Scripts

MyToDoTasksWidget

Fixed an issue that prevented the script from showing open tasks for users who had a significant number of closed tasks assigned to them.
Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27856

Download

1.2.24 - 5640115 (June 28, 2023)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 27747

Download

1.2.23 - 5620796 (June 26, 2023)

Scripts

Widget GetLargestInvestigations was removed from this pack.
Widget GetLargestInputsAndOuputsInIncidents was removed from this pack.

Related pull requests:
- 27694

Download

1.2.22 - 5588925 (June 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.64013.

Related pull requests:
- 27630

Download

1.2.21 - R5450895 (June 5, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.61931.

Related pull requests:
- 27174

Download

1.2.20 - 5295992 (May 18, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.59406.

Related pull requests:
- 26597

Download

1.2.19 - R5170573 (May 2, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.56465.

Related pull requests:
- 26175

Download

1.2.18 - 5057113 (April 17, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.54695.

Related pull requests:
- 25875

Download

1.2.17 - 4932445 (March 30, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.52351.

Related pull requests:
- 25602

Download

1.2.16 - 4822012 (March 15, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.49929.

Related pull requests:
- 25242

Download

1.2.15 - 4763226 (March 7, 2023)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.10.48392.

Related pull requests:
- 25111

Download

1.2.14 - R4718798 (March 1, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.48698.

Related pull requests:
- 24729

Download

1.2.13 - R4646022 (February 19, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.47376.

Related pull requests:
- 24316

Download

1.2.12 - 4413860 (January 17, 2023)

Widgets

Incidents Dropped in Preprocessing

Removed from XSOAR 8.x

Related pull requests:
- 23859

Download

1.2.11 - R4372591 (January 11, 2023)

Widgets

MTTR by Type

Improved performance on the type and closeReason fields.

Active Incidents - Line chart

Improved performance on the type and closeReason fields.

MTTR Occurred by Type

Improved performance on the type and closeReason fields.

Within SLA by Type

Improved performance on the type and closeReason fields.

Incident Types by Severity

Improved performance on the type and closeReason fields.

SLA by Incident Type

Improved performance on the type and closeReason fields.

MTTR by Type (in minutes)

Improved performance on the type and closeReason fields.

MTTD by Type

Improved performance on the type and closeReason fields.

Late SLA by Type

Improved performance on the type and closeReason fields.

Incidents By Close Reason

Improved performance on the type and closeReason fields.

Incident Severity by Type

Improved performance on the type and closeReason fields.

Related pull requests:
- 23438

Download

1.2.10 - 4224127 (December 15, 2022)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.41100.

Related pull requests:
- 23058

Download

1.2.9 - R3921089 (October 26, 2022)

Widgets

New: MTTD by Severity

(Available from Cortex XSOAR 6.5.0).

New: Late SLA by Type

(Available from Cortex XSOAR 6.5.0).

New: Within SLA by Type

(Available from Cortex XSOAR 6.5.0).

New: Mean Time to Containment

(Available from Cortex XSOAR 6.5.0).

New: MTTR by Severity

(Available from Cortex XSOAR 6.5.0).

New: MTTT by Severity

(Available from Cortex XSOAR 6.5.0).

New: MTTC by Severity

(Available from Cortex XSOAR 6.5.0).

New: Mean Time to Triage

(Available from Cortex XSOAR 6.5.0).

Related pull requests:
- 20925

Download

1.2.8 - 3305407 (July 21, 2022)

Scripts

MyToDoTasksWidget

Removed excessive error traceback printing.
Updated the Docker image to: demisto/python3:3.10.5.31928.

RSSWidget

Removed excessive error traceback printing.
Updated the Docker image to: demisto/py3-tools:1.0.0.31193.

Related pull requests:
- 19484

Download

1.2.7 - 3096681 (June 15, 2022)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:0.0.1.30715 as demisto/feed-parser image is deprecated.

Related pull requests:
- 19561

Download

1.2.6 - 2674843 (March 30, 2022)

Scripts

MyToDoTasksWidget

Added type validations and other internal code improvements.

FeedIntegrationErrorWidget

Added type validations and other internal code improvements.

Download

1.2.5 - R2233034 (January 10, 2022)

Scripts

MyToDoTasksWidget

Fixed an issue where the script failed to run if there were no To Do tasks assigned to the user.

Download

1.2.4 - R2146019 (December 21, 2021)

Scripts

RSSWidget

Fixed an issue where the RSS feed entries were in ascending order (they are now in descending order).
Updated the Docker image to: demisto/feed-parser:1.0.0.25187.

Download

1.2.3 - 2106314 (December 14, 2021)

Widgets

Unit 42 Blog Feed

Documentation and metadata improvements.

Download

1.2.2 - 2037725 (December 1, 2021)

Scripts

New: MyToDoTasksWidget

A script that creates a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).

Widgets

New: My ToDo Tasks

A widget that presents a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).

Download

1.2.1 - 1941309 (November 12, 2021)

Widgets

New: Unit42 Blog Feed

Available from Cortex XSOAR 6.2.0.

New: Active Indicators Volumes by Feed

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

New: Relationship Generating Integrations

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

New: Malicious/Suspicious Indicators in Incidents

Available from Cortex XSOAR 6.2.0.

New: Feeds Errors

Available from Cortex XSOAR 6.2.0.

New: Active vs Expired Indicators

Available from Cortex XSOAR 6.2.0.

New: Active Indicators by Verdict

Available from Cortex XSOAR 6.2.0.

Download

1.2.0 - 1926804 (November 10, 2021)

Widgets

Mentions

Breaking Change The Mentions widget is not supported on version 6.2 or newer.

Download

1.1.10 - 1882648 (November 2, 2021)

Scripts

GetLargestInputsAndOuputsInIncidents

Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.

GetLargestInvestigations

Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.

Download

PUBLISHER

PLATFORMS

Cortex XSOAR

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	June 30, 2020
Last Release	April 2, 2025

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.