Common Widgets

Details
Content
Dependencies
Version History

Frequently used widgets pack.

Automations

Name	Description
RSSWidget	Script Widget - RSS Feed.
FeedIntegrationErrorWidget	Returns a table widget of enabled feed integration instances that errors out on indicators fetch.
MyToDoTasksWidget	A script that creates a table of all the ToDo tasks assigned to the current user.

Widgets

Name	Description
Incidents Occurred Per Day
Incident Severity by Type
Malicious Indicators Activity
CPU Usage % per Engine	Current CPU usage percentage per engine
Open Tasks Per User
Disk Current Usage
Busy Workers per Engine (last 24h)	Number of busy workers per engine in the previous 24 hours
MTTR by Type (in minutes)	Shows changes in Mean Time to Resolution (in minutes), over time, while differentiating between incident types.
Incidents by Phase
My Messages
Elastic JVM Memory Current Usage	Elastic JVM Memory Current Usage %
Detection SLA by Status	The detection SLA status of all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
Executions by status per Automated Tasks (top 5)	Executions by status per Automated Tasks (top 5)
Relationship Generating Integrations
MTTC by Severity
Elastic CPU Current Usage	Elasticsearch CPU Current Usage %
Remediation SLA by Status	The remediation SLA status of all incidents that started a remediation process. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
Unassigned Pending Incidents
Active Incidents Assigned by User
Task executions	Task executions
Playbook runs	Playbook runs
Disk Usage % per Engine (last 24h)	Disk usage percentage per engine in the previous 24 hours
Most Active Integrations
Feeds Errors
Active Incidents - Line chart
Command execution errors per Integration Category	Command execution errors per Integration Category
Unassigned Closed Incidents
Manual Verdict Indicators
Average Incident Duration by Role (Avg)
Average runtime per Automation (top 5)	Average runtime per Automation (top 5)
Memory Current Usage
Image
Incident Types by Severity
Closed By Dbot	Showing percentage of incidents handled and closed by DBot, without an owner being assigned to, across all incidents in the provided period
Investigation Activity Timeline
Active Indicators Volumes by Feed
Indicators Activity
Command executions per Incident Type	Command executions per Incident Type
Failed Automation executions per Incident Types (top 5)	Failed Automation executions per Incident Types (top 5)
Active Incidents - Pie chart
SLA by Incident Type
MTTR by Severity
Incidents By Close Reason
Most Active Users
Incidents Dropped in Preprocessing
Manual Verdict Indicators by User
My Tasks
Malicious/Suspicious Indicators in Incidents
MTTR Occurred by Type
Commands executed	Commands executed
Active Indicators by Verdict
My ToDo Tasks	A widget that presents a table of all the ToDo tasks assigned to the current user.
Unassigned Incidents
Command average runtime per Instance (top 5)	Command average runtime per Instance (top 5)
Late Incidents
Executions by status per Manual Tasks (top 5)	Executions by status per Manual Tasks (top 5)
Active vs Expired Indicators
Errors by Incident Type per Command (top 5)	Errors by Incident Type per Command (top 5)
Page Break Widget	Use the page break widget in a report to force a page break before the widgets that follow.
Average runtime for Playbooks	Average runtime for Playbooks
Unassigned Active Incidents
Late Incidents
Memory Usage % per Engine	Current memory usage percentage per engine
Return On Investment (ROI)
TopMaliciousRatioIndicators	Malicious Ratio indicator widget shows indicator that appear in high ration at bad incidents
Within SLA by Type
Mean Time to Containment
Indicators Activity by Type
Elastic Disk Current Usage	Elastic Disk Current Usage %
Incidents in Error Run Status
Failed Playbooks runs	Failed Playbooks runs
Closed Incidents by Role
Top 10 File Indicators in Related Incidents
Feed Integrations Errors	Feed integrations indicators fetch errors
Tasks By State
Average runtime per Playbook (top 5)	Average runtime per Playbook (top 5)
Indicators in Related Incidents
Top executed Commands	Top executed Commands
CPU Current Usage
Disk Usage % per Engine	Current disk usage percentage per engine
CPU Usage % per Engine (last 24h)	CPU usage percentage per engine in the previous 24 hours
MTTD by Severity
Incidents Top Close Analysts
Busy Workers Count per Engine	Current number of busy workers per engine
Average runtime by Instance per Command (top 5)	Average runtime by Instance per Command (top 5)
Mean Time to Resolution (Occurred)
Latest Messages
Top 10 Attack Pattern Indicators in Related Incidents
Least executed Commands per Instance	Least executed Commands per Instance
Late Tasks by User
Command executions per Integration Category	Command executions per Integration Category
Top Active Playbooks
Running playbooks
MTTD by Type	A widget that shows the Mean Time to Detection, by incident type.
Least executed Commands	Least executed Commands
Manual Command execution errors (top 5)	Manual Command execution errors (top 5)
Most Active Investigations
Command executions errors	Command executions errors
Top Users Closed Manual Tasks	Top Users Closed Manual Tasks
MTTR by Type	Shows changes in Mean Time to Resolution (in hours), over time, while differentiating between incident types.
Text Widget
Mean Time to Triage
Task execution errors	Task execution errors
Server Memory Usage % (last 24h)	Server memory usage % (previous 24 hours)
Malicious Indicators Activity by Type
Active Incidents by Role
MTTT by Severity
Server CPU Usage % (last 24h)	Server CPU usage in the previous 24 hours
Late SLA by Type
Command execution errors	Command execution errors
Average runtime by Incident Type per Playbook (top 5)	Average runtime by Incident Type per Playbook (top 5)
Memory Usage % per Engine (last 24h)	Memory usage percentage per engine in the previous 24 hours
Command execution type	Command execution type
Incidents by Role
Failed Manual Tasks	Failed Manual Tasks
Unit 42 Blog Feed
Command execution errors per Instance	Command execution errors per Instance
Important Messages
Mean Time to Detection	The mean time (average time) to detection across all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default.
Unassigned Incidents
Workers per Engine	Current number of workers per engine
Late Tasks
Playbook run errors	Playbook run errors

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (3)

Pack Name	Pack By
Base	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

1.2.54 - R3414854 (May 15, 2025)

Scripts

RSSWidget

Metadata and documentation improvements.

FeedIntegrationErrorWidget

Metadata and documentation improvements.

MyToDoTasksWidget

Metadata and documentation improvements.

Related pull requests:
- 39142

Download

1.2.53 - 1718057 (November 28, 2024)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.11.10.115186.

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

1.2.52 - 1673120 (November 19, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.116158.

Related pull requests:
- 37281

Download

1.2.51 - 1085491 (June 11, 2024)

Scripts

MyToDoTasksWidget

Fixed an issue where the incident link was broken in SaaS platforms.
Updated the Docker image to: demisto/python3:3.10.14.97100.

Related pull requests:
- 34768

Download

1.2.50 - 1082615 (June 10, 2024)

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34804

Download

1.2.49 - 998827 (May 6, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34212

Download

1.2.48 - 823153 (February 12, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.87415.

Related pull requests:
- 32840

Download

1.2.47 - 798475 (February 1, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.86612.

Related pull requests:
- 32535

Download

1.2.46 - 778227 (January 22, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 32331

Download

1.2.45 - 760302 (January 14, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84811.

Related pull requests:
- 32154

Download

1.2.44 - 743135 (January 4, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84236.

Related pull requests:
- 31969

Download

1.2.43 - 729445 (January 1, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84025.

Related pull requests:
- 31880

Download

1.2.42 - 722180 (December 28, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.83976.

Related pull requests:
- 31830

Download

1.2.41 - 7209615 (December 19, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.83687.

Related pull requests:
- 31553

Download

1.2.40 - 7149458 (December 13, 2023)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.10.13.83255.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31427

Download

1.2.39 - 7066068 (December 4, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.82341.

Related pull requests:
- 31289

Download

1.2.38 - 7029664 (November 30, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.81890.

Related pull requests:
- 31217

Download

1.2.36 - 6965450 (November 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.80944.

Related pull requests:
- 31027

Download

1.2.35 - 6808171 (November 6, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.79870.

Related pull requests:
- 30671

Download

1.2.34 - 6636841 (October 18, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.77497.

Related pull requests:
- 30237

Download

1.2.33 - 6608983 (October 15, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.77054.

Related pull requests:
- 30136

Download

1.2.32 - 6437102 (September 27, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.75615.

Related pull requests:
- 29871

Download

1.2.31 - 6285754 (September 10, 2023)

CommonWidgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 29466

Download

1.2.30 - 6259960 (September 7, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.73055.

Related pull requests:
- 29532

Download

1.2.29 - 6117817 (August 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.71964.

Related pull requests:
- 29105

Download

1.2.28 - 5969979 (August 6, 2023)

CommonWidgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 28753

Download

1.2.27 - R5866730 (July 25, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.66127.

Related pull requests:
- 28411

Download

1.2.26 - 5720652 (July 9, 2023)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27997

Download

1.2.25 - 5692327 (July 5, 2023)

Scripts

MyToDoTasksWidget

Fixed an issue that prevented the script from showing open tasks for users who had a significant number of closed tasks assigned to them.
Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27856

Download

1.2.24 - 5640115 (June 28, 2023)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 27747

Download

1.2.23 - 5620796 (June 26, 2023)

Scripts

Widget GetLargestInvestigations was removed from this pack.
Widget GetLargestInputsAndOuputsInIncidents was removed from this pack.

Related pull requests:
- 27694

Download

1.2.22 - 5588925 (June 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.64013.

Related pull requests:
- 27630

Download

1.2.21 - R5450895 (June 5, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.61931.

Related pull requests:
- 27174

Download

1.2.20 - 5295992 (May 18, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.59406.

Related pull requests:
- 26597

Download

1.2.19 - R5170573 (May 2, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.56465.

Related pull requests:
- 26175

Download

1.2.18 - 5057113 (April 17, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.54695.

Related pull requests:
- 25875

Download

1.2.17 - 4932445 (March 30, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.52351.

Related pull requests:
- 25602

Download

1.2.16 - 4822012 (March 15, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.49929.

Related pull requests:
- 25242

Download

1.2.15 - 4763226 (March 7, 2023)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.10.48392.

Related pull requests:
- 25111

Download

1.2.14 - R4718798 (March 1, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.48698.

Related pull requests:
- 24729

Download

1.2.13 - R4646022 (February 19, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.47376.

Related pull requests:
- 24316

Download

1.2.12 - 4413860 (January 17, 2023)

Widgets

Incidents Dropped in Preprocessing

Removed from XSOAR 8.x

Related pull requests:
- 23859

Download

1.2.11 - R4372591 (January 11, 2023)

Widgets

MTTR by Type

Improved performance on the type and closeReason fields.

Active Incidents - Line chart

Improved performance on the type and closeReason fields.

MTTR Occurred by Type

Improved performance on the type and closeReason fields.

Within SLA by Type

Improved performance on the type and closeReason fields.

Incident Types by Severity

Improved performance on the type and closeReason fields.

SLA by Incident Type

Improved performance on the type and closeReason fields.

MTTR by Type (in minutes)

Improved performance on the type and closeReason fields.

MTTD by Type

Improved performance on the type and closeReason fields.

Late SLA by Type

Improved performance on the type and closeReason fields.

Incidents By Close Reason

Improved performance on the type and closeReason fields.

Incident Severity by Type

Improved performance on the type and closeReason fields.

Related pull requests:
- 23438

Download

1.2.10 - 4224127 (December 15, 2022)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.41100.

Related pull requests:
- 23058

Download

1.2.9 - R3921089 (October 26, 2022)

Widgets

New: MTTD by Severity

(Available from Cortex XSOAR 6.5.0).

New: Late SLA by Type

(Available from Cortex XSOAR 6.5.0).

New: Within SLA by Type

(Available from Cortex XSOAR 6.5.0).

New: Mean Time to Containment

(Available from Cortex XSOAR 6.5.0).

New: MTTR by Severity

(Available from Cortex XSOAR 6.5.0).

New: MTTT by Severity

(Available from Cortex XSOAR 6.5.0).

New: MTTC by Severity

(Available from Cortex XSOAR 6.5.0).

New: Mean Time to Triage

(Available from Cortex XSOAR 6.5.0).

Related pull requests:
- 20925

Download

1.2.8 - 3305407 (July 21, 2022)

Scripts

MyToDoTasksWidget

Removed excessive error traceback printing.
Updated the Docker image to: demisto/python3:3.10.5.31928.

RSSWidget

Removed excessive error traceback printing.
Updated the Docker image to: demisto/py3-tools:1.0.0.31193.

Related pull requests:
- 19484

Download

1.2.7 - 3096681 (June 15, 2022)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:0.0.1.30715 as demisto/feed-parser image is deprecated.

Related pull requests:
- 19561

Download

1.2.6 - 2674843 (March 30, 2022)

Scripts

MyToDoTasksWidget

Added type validations and other internal code improvements.

FeedIntegrationErrorWidget

Added type validations and other internal code improvements.

Download

1.2.5 - R2233034 (January 10, 2022)

Scripts

MyToDoTasksWidget

Fixed an issue where the script failed to run if there were no To Do tasks assigned to the user.

Download

1.2.4 - R2146019 (December 21, 2021)

Scripts

RSSWidget

Fixed an issue where the RSS feed entries were in ascending order (they are now in descending order).
Updated the Docker image to: demisto/feed-parser:1.0.0.25187.

Download

1.2.3 - 2106314 (December 14, 2021)

Widgets

Unit 42 Blog Feed

Documentation and metadata improvements.

Download

1.2.2 - 2037725 (December 1, 2021)

Scripts

New: MyToDoTasksWidget

A script that creates a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).

Widgets

New: My ToDo Tasks

A widget that presents a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).

Download

1.2.1 - 1941309 (November 12, 2021)

Widgets

New: Unit42 Blog Feed

Available from Cortex XSOAR 6.2.0.

New: Active Indicators Volumes by Feed

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

New: Relationship Generating Integrations

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

New: Malicious/Suspicious Indicators in Incidents

Available from Cortex XSOAR 6.2.0.

New: Feeds Errors

Available from Cortex XSOAR 6.2.0.

New: Active vs Expired Indicators

Available from Cortex XSOAR 6.2.0.

New: Active Indicators by Verdict

Available from Cortex XSOAR 6.2.0.

Download

1.2.0 - 1926804 (November 10, 2021)

Widgets

Mentions

Breaking Change The Mentions widget is not supported on version 6.2 or newer.

Download

1.1.10 - 1882648 (November 2, 2021)

Scripts

GetLargestInputsAndOuputsInIncidents

Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.

GetLargestInvestigations

Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.

Download

PUBLISHER

PLATFORMS

Cortex XSOAR

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	June 30, 2020
Last Release	May 15, 2025

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.