Script Widget - RSS Feed.
Common Widgets
- Details
- Content
- Dependencies
- Version History
Frequently used widgets pack.
Automations
| Name | Description |
|---|---|
| RSSWidget | |
| FeedIntegrationErrorWidget | Returns a table widget of enabled feed integration instances that errors out on indicators fetch. |
| MyToDoTasksWidget | A script that creates a table of all the ToDo tasks assigned to the current user. |
| WidgetNoOp | A no-op placeholder script used by visual-only widgets (e.g. Page Break, Text Widget) that require a script dataType but do not need to query any data source. Returns a mock result to prevent unnecessary database queries. |
Widgets
| Name | Description |
|---|---|
MTTR by Type (in minutes) | Shows changes in Mean Time to Resolution (in minutes), over time, while differentiating between incident types. |
Least executed Commands | Least executed Commands |
Active Indicators by Verdict | |
Manual Verdict Indicators by User | |
Unassigned Incidents | |
MTTD by Type | A widget that shows the Mean Time to Detection, by incident type. |
CPU Usage % per Engine (last 24h) | CPU usage percentage per engine in the previous 24 hours |
Incidents Occurred Per Day | |
Mean Time to Detection | The mean time (average time) to detection across all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default. |
Malicious/Suspicious Indicators in Incidents | |
Command executions per Incident Type | Command executions per Incident Type |
Incident Types by Severity | |
Active vs Expired Indicators | |
Elastic CPU Current Usage | Elasticsearch CPU Current Usage % |
Command average runtime per Instance (top 5) | Command average runtime per Instance (top 5) |
Active Incidents Assigned by User | |
Top 10 File Indicators in Related Incidents | |
Command executions errors | Command executions errors |
Late Incidents | |
Memory Usage % per Engine | Current memory usage percentage per engine |
Latest Messages | |
CPU Current Usage | |
Least executed Commands per Instance | Least executed Commands per Instance |
Indicators in Related Incidents | |
Most Active Integrations | |
Top Users Closed Manual Tasks | Top Users Closed Manual Tasks |
Memory Current Usage | |
Closed By Dbot | Showing percentage of incidents handled and closed by DBot, without an owner being assigned to, across all incidents in the provided period |
Unit 42 Blog Feed | |
My Tasks | |
Server Memory Usage % (last 24h) | Server memory usage % (previous 24 hours) |
Late Tasks | |
MTTD by Severity | |
Image | |
My ToDo Tasks | A widget that presents a table of all the ToDo tasks assigned to the current user. |
Active Incidents - Pie chart | |
Incidents by Role | |
Disk Usage % per Engine | Current disk usage percentage per engine |
Running playbooks | |
Server CPU Usage % (last 24h) | Server CPU usage in the previous 24 hours |
Active Incidents by Role | |
Active Indicators Volumes by Feed | |
Manual Command execution errors (top 5) | Manual Command execution errors (top 5) |
Busy Workers Count per Engine | Current number of busy workers per engine |
Feeds Errors | |
Average runtime by Incident Type per Playbook (top 5) | Average runtime by Incident Type per Playbook (top 5) |
Top executed Commands | Top executed Commands |
Detection SLA by Status | The detection SLA status of all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes. |
Command execution errors per Instance | Command execution errors per Instance |
Mean Time to Containment | |
Incident Severity by Type | |
Unassigned Closed Incidents | |
Page Break Widget | Use the page break widget in a report to force a page break before the widgets that follow. |
Command execution errors per Integration Category | Command execution errors per Integration Category |
Late Incidents | |
Unassigned Pending Incidents | |
MTTC by Severity | |
Malicious Indicators Activity by Type | |
MTTR Occurred by Type | |
Incidents in Error Run Status | |
Top Active Playbooks | |
Average Incident Duration by Role (Avg) | |
Command executions per Integration Category | Command executions per Integration Category |
Disk Usage % per Engine (last 24h) | Disk usage percentage per engine in the previous 24 hours |
Within SLA by Type | |
Failed Playbooks runs | Failed Playbooks runs |
Average runtime by Instance per Command (top 5) | Average runtime by Instance per Command (top 5) |
Commands executed | Commands executed |
Malicious Indicators Activity | |
Incidents by Phase | |
Disk Current Usage | |
Relationship Generating Integrations | |
Late SLA by Type | |
Failed Automation executions per Incident Types (top 5) | Failed Automation executions per Incident Types (top 5) |
Feed Integrations Errors | Feed integrations indicators fetch errors |
Workers per Engine | Current number of workers per engine |
Active Incidents - Line chart | |
Indicators Activity by Type | |
Executions by status per Manual Tasks (top 5) | Executions by status per Manual Tasks (top 5) |
Top 10 Attack Pattern Indicators in Related Incidents | |
Busy Workers per Engine (last 24h) | Number of busy workers per engine in the previous 24 hours |
Incidents Top Close Analysts | |
Mean Time to Triage | |
Elastic JVM Memory Current Usage | Elastic JVM Memory Current Usage % |
Tasks By State | |
Elastic Disk Current Usage | Elastic Disk Current Usage % |
Open Tasks Per User | |
Failed Manual Tasks | Failed Manual Tasks |
CPU Usage % per Engine | Current CPU usage percentage per engine |
Playbook runs | Playbook runs |
Late Tasks by User | |
Manual Verdict Indicators | |
SLA by Incident Type | |
Incidents Dropped in Preprocessing | |
Most Active Users | |
Playbook run errors | Playbook run errors |
Important Messages | |
Mean Time to Resolution (Occurred) | |
Task execution errors | Task execution errors |
Most Active Investigations | |
Return On Investment (ROI) | |
Command execution errors | Command execution errors |
Incidents By Close Reason | |
Text Widget | |
Memory Usage % per Engine (last 24h) | Memory usage percentage per engine in the previous 24 hours |
Executions by status per Automated Tasks (top 5) | Executions by status per Automated Tasks (top 5) |
Errors by Incident Type per Command (top 5) | Errors by Incident Type per Command (top 5) |
MTTR by Type | Shows changes in Mean Time to Resolution (in hours), over time, while differentiating between incident types. |
MTTT by Severity | |
Unassigned Incidents | |
My Messages | |
MTTR by Severity | |
Task executions | Task executions |
Average runtime for Playbooks | Average runtime for Playbooks |
Unassigned Active Incidents | |
Average runtime per Playbook (top 5) | Average runtime per Playbook (top 5) |
Remediation SLA by Status | The remediation SLA status of all incidents that started a remediation process. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes. |
Closed Incidents by Role | |
TopMaliciousRatioIndicators | Malicious Ratio indicator widget shows indicator that appear in high ration at bad incidents |
Investigation Activity Timeline | |
Average runtime per Automation (top 5) | Average runtime per Automation (top 5) |
Command execution type | Command execution type |
Indicators Activity |
Required Content Packs (2)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (4)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Cortex REST API | By: Cortex XSOAR |
| Aggregated Scripts | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
1.3.0 - 8009783 (March 30, 2026)
- 43572
Download
Scripts
New: WidgetNoOp
- Added a new no-op placeholder script used by visual-only widgets (e.g. Page Break, Text Widget) that require a script dataType but do not need to query any data source. Returns an empty result to prevent unnecessary database queries.
Widgets
Page Break Widget
- Changed the dataType from incidents to scripts and set query to WidgetNoOp to prevent unnecessary database queries against the incidents table when the widget is rendered.
Text Widget
- Changed the dataType from incidents to scripts and set query to WidgetNoOp to prevent unnecessary database queries against the incidents table when the widget is rendered.
- 43572
Download
PUBLISHER
PLATFORMS
Cortex XSOAR
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | June 30, 2020 | |
| Last Release | April 20, 2026 |