Common Widgets

Details
Content
Dependencies
Version History

Frequently used widgets pack.

Automations

Name	Description
FeedIntegrationErrorWidget	Returns a table widget of enabled feed integration instances that errors out on indicators fetch.
RSSWidget	Script Widget - RSS Feed.
MyToDoTasksWidget	A script that creates a table of all the ToDo tasks assigned to the current user.

Widgets

Name	Description
MTTD by Severity
Feed Integrations Errors	Feed integrations indicators fetch errors
Top 10 Attack Pattern Indicators in Related Incidents
Playbook runs	Playbook runs
Average runtime for Playbooks	Average runtime for Playbooks
Average runtime by Incident Type per Playbook (top 5)	Average runtime by Incident Type per Playbook (top 5)
Disk Usage % per Engine	Current disk usage percentage per engine
Feeds Errors
Command execution errors per Integration Category	Command execution errors per Integration Category
My Tasks
Memory Current Usage
MTTR by Type	Shows changes in Mean Time to Resolution (in hours), over time, while differentiating between incident types.
MTTR Occurred by Type
Memory Usage % per Engine (last 24h)	Memory usage percentage per engine in the previous 24 hours
Executions by status per Manual Tasks (top 5)	Executions by status per Manual Tasks (top 5)
Task execution errors	Task execution errors
Tasks By State
Malicious/Suspicious Indicators in Incidents
MTTD by Type	A widget that shows the Mean Time to Detection, by incident type.
Incident Severity by Type
Closed Incidents by Role
Command executions per Integration Category	Command executions per Integration Category
Indicators in Related Incidents
Incidents By Close Reason
Closed By Dbot	Showing percentage of incidents handled and closed by DBot, without an owner being assigned to, across all incidents in the provided period
Page Break Widget	Use the page break widget in a report to force a page break before the widgets that follow.
Unassigned Incidents
Mean Time to Detection	The mean time (average time) to detection across all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default.
Mean Time to Triage
Active Incidents by Role
Least executed Commands per Instance	Least executed Commands per Instance
Investigation Activity Timeline
MTTC by Severity
Running playbooks
Open Tasks Per User
CPU Usage % per Engine	Current CPU usage percentage per engine
Disk Current Usage
Top Users Closed Manual Tasks	Top Users Closed Manual Tasks
Active Incidents - Pie chart
Late Tasks by User
Server CPU Usage % (last 24h)	Server CPU usage in the previous 24 hours
Return On Investment (ROI)
Unassigned Active Incidents
Late Tasks
Command execution type	Command execution type
Relationship Generating Integrations
Command execution errors per Instance	Command execution errors per Instance
Important Messages
Incidents in Error Run Status
Manual Verdict Indicators
Unit 42 Blog Feed
Active vs Expired Indicators
Commands executed	Commands executed
Mean Time to Containment
SLA by Incident Type
Disk Usage % per Engine (last 24h)	Disk usage percentage per engine in the previous 24 hours
Failed Automation executions per Incident Types (top 5)	Failed Automation executions per Incident Types (top 5)
Elastic JVM Memory Current Usage	Elastic JVM Memory Current Usage %
Top 10 File Indicators in Related Incidents
MTTR by Severity
TopMaliciousRatioIndicators	Malicious Ratio indicator widget shows indicator that appear in high ration at bad incidents
Manual Verdict Indicators by User
Incidents Dropped in Preprocessing
Busy Workers Count per Engine	Current number of busy workers per engine
Late Incidents
Elastic Disk Current Usage	Elastic Disk Current Usage %
Remediation SLA by Status	The remediation SLA status of all incidents that started a remediation process. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
My Messages
Incident Types by Severity
Malicious Indicators Activity by Type
Latest Messages
Mean Time to Resolution (Occurred)
Detection SLA by Status	The detection SLA status of all incidents that their severity was determined. The widget takes into account incidents from the last 30 days by default, and inherits new time range when the dashboard time changes.
Indicators Activity by Type
Unassigned Incidents
Indicators Activity
Average Incident Duration by Role (Avg)
Malicious Indicators Activity
Active Incidents - Line chart
Unassigned Pending Incidents
Average runtime per Playbook (top 5)	Average runtime per Playbook (top 5)
Active Incidents Assigned by User
My ToDo Tasks	A widget that presents a table of all the ToDo tasks assigned to the current user.
Late SLA by Type
Playbook run errors	Playbook run errors
Executions by status per Automated Tasks (top 5)	Executions by status per Automated Tasks (top 5)
MTTT by Severity
Errors by Incident Type per Command (top 5)	Errors by Incident Type per Command (top 5)
Image
Average runtime by Instance per Command (top 5)	Average runtime by Instance per Command (top 5)
Unassigned Closed Incidents
Active Indicators Volumes by Feed
Least executed Commands	Least executed Commands
Incidents Occurred Per Day
Failed Playbooks runs	Failed Playbooks runs
Incidents by Phase
Command average runtime per Instance (top 5)	Command average runtime per Instance (top 5)
Within SLA by Type
Task executions	Task executions
Command execution errors	Command execution errors
MTTR by Type (in minutes)	Shows changes in Mean Time to Resolution (in minutes), over time, while differentiating between incident types.
Incidents Top Close Analysts
Failed Manual Tasks	Failed Manual Tasks
CPU Usage % per Engine (last 24h)	CPU usage percentage per engine in the previous 24 hours
Incidents by Role
Active Indicators by Verdict
Late Incidents
Top Active Playbooks
Average runtime per Automation (top 5)	Average runtime per Automation (top 5)
Top executed Commands	Top executed Commands
Command executions errors	Command executions errors
Busy Workers per Engine (last 24h)	Number of busy workers per engine in the previous 24 hours
Memory Usage % per Engine	Current memory usage percentage per engine
Most Active Integrations
Workers per Engine	Current number of workers per engine
Manual Command execution errors (top 5)	Manual Command execution errors (top 5)
Server Memory Usage % (last 24h)	Server memory usage % (previous 24 hours)
Most Active Investigations
CPU Current Usage
Elastic CPU Current Usage	Elasticsearch CPU Current Usage %
Command executions per Incident Type	Command executions per Incident Type
Most Active Users
Text Widget

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (3)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR

1.2.57 - 5538136 (October 23, 2025)

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 41627

Download

1.2.56 - 4096037 (July 8, 2025)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.12.8.3296088.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 40498

Download

1.2.55 - 4049458 (July 3, 2025)

Common Widgets

Documentation and metadata improvements.

Related pull requests:
- 40478

Download

1.2.54 - R3414854 (May 15, 2025)

Scripts

RSSWidget

Metadata and documentation improvements.

FeedIntegrationErrorWidget

Metadata and documentation improvements.

MyToDoTasksWidget

Metadata and documentation improvements.

Related pull requests:
- 39142

Download

1.2.53 - 1718057 (November 28, 2024)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.11.10.115186.

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

1.2.52 - 1673120 (November 19, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.116158.

Related pull requests:
- 37281

Download

1.2.51 - 1085491 (June 11, 2024)

Scripts

MyToDoTasksWidget

Fixed an issue where the incident link was broken in SaaS platforms.
Updated the Docker image to: demisto/python3:3.10.14.97100.

Related pull requests:
- 34768

Download

1.2.50 - 1082615 (June 10, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34804

Download

1.2.49 - 998827 (May 6, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 34212

Download

1.2.48 - 823153 (February 12, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.87415.

Related pull requests:
- 32840

Download

1.2.47 - 798475 (February 1, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.86612.

Related pull requests:
- 32535

Download

1.2.46 - 778227 (January 22, 2024)

Common Widgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 32331

Download

1.2.45 - 760302 (January 14, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84811.

Related pull requests:
- 32154

Download

1.2.44 - 743135 (January 4, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84236.

Related pull requests:
- 31969

Download

1.2.43 - 729445 (January 1, 2024)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.84025.

Related pull requests:
- 31880

Download

1.2.42 - 722180 (December 28, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.83976.

Related pull requests:
- 31830

Download

1.2.41 - 7209615 (December 19, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.83687.

Related pull requests:
- 31553

Download

1.2.40 - 7149458 (December 13, 2023)

Scripts

MyToDoTasksWidget

Updated the Docker image to: demisto/python3:3.10.13.83255.

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31427

Download

1.2.39 - 7066068 (December 4, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.82341.

Related pull requests:
- 31289

Download

1.2.38 - 7029664 (November 30, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.81890.

Related pull requests:
- 31217

Download

1.2.36 - 6965450 (November 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.80944.

Related pull requests:
- 31027

Download

1.2.35 - 6808171 (November 6, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.79870.

Related pull requests:
- 30671

Download

1.2.34 - 6636841 (October 18, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.77497.

Related pull requests:
- 30237

Download

1.2.33 - 6608983 (October 15, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.77054.

Related pull requests:
- 30136

Download

1.2.32 - 6437102 (September 27, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.75615.

Related pull requests:
- 29871

Download

1.2.31 - 6285754 (September 10, 2023)

CommonWidgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 29466

Download

1.2.30 - 6259960 (September 7, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.73055.

Related pull requests:
- 29532

Download

1.2.29 - 6117817 (August 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.71964.

Related pull requests:
- 29105

Download

1.2.28 - 5969979 (August 6, 2023)

CommonWidgets

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 28753

Download

1.2.27 - R5866730 (July 25, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.66127.

Related pull requests:
- 28411

Download

1.2.26 - 5720652 (July 9, 2023)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27997

Download

1.2.25 - 5692327 (July 5, 2023)

Scripts

MyToDoTasksWidget

Fixed an issue that prevented the script from showing open tasks for users who had a significant number of closed tasks assigned to them.
Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27856

Download

1.2.24 - 5640115 (June 28, 2023)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 27747

Download

1.2.23 - 5620796 (June 26, 2023)

Scripts

Widget GetLargestInvestigations was removed from this pack.
Widget GetLargestInputsAndOuputsInIncidents was removed from this pack.

Related pull requests:
- 27694

Download

1.2.22 - 5588925 (June 22, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.64013.

Related pull requests:
- 27630

Download

1.2.21 - R5450895 (June 5, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.61931.

Related pull requests:
- 27174

Download

1.2.20 - 5295992 (May 18, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.59406.

Related pull requests:
- 26597

Download

1.2.19 - R5170573 (May 2, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.56465.

Related pull requests:
- 26175

Download

1.2.18 - 5057113 (April 17, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.54695.

Related pull requests:
- 25875

Download

1.2.17 - 4932445 (March 30, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.52351.

Related pull requests:
- 25602

Download

1.2.16 - 4822012 (March 15, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.49929.

Related pull requests:
- 25242

Download

1.2.15 - 4763226 (March 7, 2023)

Scripts

FeedIntegrationErrorWidget

Updated the Docker image to: demisto/python3:3.10.10.48392.

Related pull requests:
- 25111

Download

1.2.14 - R4718798 (March 1, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.48698.

Related pull requests:
- 24729

Download

1.2.13 - R4646022 (February 19, 2023)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.47376.

Related pull requests:
- 24316

Download

1.2.12 - 4413860 (January 17, 2023)

Widgets

Incidents Dropped in Preprocessing

Removed from XSOAR 8.x

Related pull requests:
- 23859

Download

1.2.11 - R4372591 (January 11, 2023)

Widgets

MTTR by Type

Improved performance on the type and closeReason fields.

Active Incidents - Line chart

Improved performance on the type and closeReason fields.

MTTR Occurred by Type

Improved performance on the type and closeReason fields.

Within SLA by Type

Improved performance on the type and closeReason fields.

Incident Types by Severity

Improved performance on the type and closeReason fields.

SLA by Incident Type

Improved performance on the type and closeReason fields.

MTTR by Type (in minutes)

Improved performance on the type and closeReason fields.

MTTD by Type

Improved performance on the type and closeReason fields.

Late SLA by Type

Improved performance on the type and closeReason fields.

Incidents By Close Reason

Improved performance on the type and closeReason fields.

Incident Severity by Type

Improved performance on the type and closeReason fields.

Related pull requests:
- 23438

Download

1.2.10 - 4224127 (December 15, 2022)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:1.0.0.41100.

Related pull requests:
- 23058

Download

1.2.9 - R3921089 (October 26, 2022)

Widgets

New: MTTD by Severity

(Available from Cortex XSOAR 6.5.0).

New: Late SLA by Type

(Available from Cortex XSOAR 6.5.0).

New: Within SLA by Type

(Available from Cortex XSOAR 6.5.0).

New: Mean Time to Containment

(Available from Cortex XSOAR 6.5.0).

New: MTTR by Severity

(Available from Cortex XSOAR 6.5.0).

New: MTTT by Severity

(Available from Cortex XSOAR 6.5.0).

New: MTTC by Severity

(Available from Cortex XSOAR 6.5.0).

New: Mean Time to Triage

(Available from Cortex XSOAR 6.5.0).

Related pull requests:
- 20925

Download

1.2.8 - 3305407 (July 21, 2022)

Scripts

MyToDoTasksWidget

Removed excessive error traceback printing.
Updated the Docker image to: demisto/python3:3.10.5.31928.

RSSWidget

Removed excessive error traceback printing.
Updated the Docker image to: demisto/py3-tools:1.0.0.31193.

Related pull requests:
- 19484

Download

1.2.7 - 3096681 (June 15, 2022)

Scripts

RSSWidget

Updated the Docker image to: demisto/py3-tools:0.0.1.30715 as demisto/feed-parser image is deprecated.

Related pull requests:
- 19561

Download

1.2.6 - 2674843 (March 30, 2022)

Scripts

MyToDoTasksWidget

Added type validations and other internal code improvements.

FeedIntegrationErrorWidget

Added type validations and other internal code improvements.

Download

1.2.5 - R2233034 (January 10, 2022)

Scripts

MyToDoTasksWidget

Fixed an issue where the script failed to run if there were no To Do tasks assigned to the user.

Download

1.2.4 - R2146019 (December 21, 2021)

Scripts

RSSWidget

Fixed an issue where the RSS feed entries were in ascending order (they are now in descending order).
Updated the Docker image to: demisto/feed-parser:1.0.0.25187.

Download

1.2.3 - 2106314 (December 14, 2021)

Widgets

Unit 42 Blog Feed

Documentation and metadata improvements.

Download

1.2.2 - 2037725 (December 1, 2021)

Scripts

New: MyToDoTasksWidget

A script that creates a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).

Widgets

New: My ToDo Tasks

A widget that presents a table of all the ToDo tasks assigned to the current user. (Available from Cortex XSOAR 6.1.0).

Download

1.2.1 - 1941309 (November 12, 2021)

Widgets

New: Unit42 Blog Feed

Available from Cortex XSOAR 6.2.0.

New: Active Indicators Volumes by Feed

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

New: Relationship Generating Integrations

Available from Cortex XSOAR 6.2.0.

Available from Cortex XSOAR 6.2.0.

New: Malicious/Suspicious Indicators in Incidents

Available from Cortex XSOAR 6.2.0.

New: Feeds Errors

Available from Cortex XSOAR 6.2.0.

New: Active vs Expired Indicators

Available from Cortex XSOAR 6.2.0.

New: Active Indicators by Verdict

Available from Cortex XSOAR 6.2.0.

Download

1.2.0 - 1926804 (November 10, 2021)

Widgets

Mentions

Breaking Change The Mentions widget is not supported on version 6.2 or newer.

Download

1.1.10 - 1882648 (November 2, 2021)

Scripts

GetLargestInputsAndOuputsInIncidents

Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.

GetLargestInvestigations

Added ignore_deprecated argument to allow running the script on 6.2.0+. WARNING: Setting this argument to true might result in CPU and RAM issues.

Download

PUBLISHER

PLATFORMS

Cortex XSOAR

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	June 30, 2020
Last Release	October 23, 2025

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.