System Diagnostics and Health Check

Details
Content
Dependencies
Version History

CS Health Check

The XSOAR Health Check pack automatically reviewing the current server and content for issues and best practices.
The pack goal is to identify potential issues and remediate them before they become a real issue.

The resulting layout tabs will provide the current system status and system diagnostics to identify issues to resolve.
The actionable items report will contain recommendations based on errors found or best practices.

Prerequisites

Single Server Deployment

Configure "Core REST API" Integration Instance with Admin user

Multi-Tenants Deployment

Create API Key on Main Tenant
Create Core REST API integration on Main Tenant and use the API Key you created in previous step.
On instance settings define in URL field https://127.0.0.1
make sure not to set the tenant name in the URL.
Propogate Core REST API instance to All tenants or to the required tenant using propogation labels.

How to:

Create new manual Incident
pick System Diagnostics and Health Check incident type and create new incident.
Once the playbook is completed, the incident layout will contain the collected data and some improvement suggestions.

Prerequisites

Single Server Deployment

Configure "Core REST API" Integration Instance with Admin user

Multi-Tenants Deployment

Create API Key on Main Tenant
Create Core REST API integration on Main Tenant and use the API Key you created in previous step.
On instance settings define in URL field https://127.0.0.1
make sure not to set the tenant name in the URL.
Propogate Core REST API instance to All tenants or to the required tenant using propogation labels.

How to:

Create new manual Incident
pick System Diagnostics and Health Check incident type and create new incident.
Once the playbook is completed, the incident layout will contain the collected data and some improvement suggestions.

Automations

Name	Description
getSystemHealthStatus	Get the count of slow searches, web socket disconnects(in last 12hrs).
HealthCheckIncidentTypes	Identify custom and detached system incidents type Checking if 'Auto Extraction' is turned on for: Extract from all Extract from specific indicators doesn't have any settings.
HealthCheckNumberOfDroppedIncidents	Number of dropped incidents.
HealthCheckOutdatedPacks	Presenting Outdated Packs
HealthCheckNumberOfLargeIncidents	Widget Script to present the number of large incidents.
getDiskSpaceStatus	Get the Disk Space details.
HealthCheckDiskUsage	Present or parse Disk usage stats.
HealthCheckGetLargestInputsAndOutputsInIncidents	Returns inputs and outputs larger than 1 MB from all Cortex XSOAR investigations in the last 1 / 2 months.
HealthCheckMemory	Present or analyze memory usage.
HealthCheckIncidentsCreatedDaily	Trend graph for incidents created per day.
HealthCheckAPIvalidation	Validate if API Integration was defined correctly. If not detect what is the problem and warn about it.
HealthCheckIntegrations	Collect integrations name and count number of engines.
HealthCheckWorkers	Present or analyze workers usage.
HealthCheckUnpack	Extract files from log bundle - supports tar.gz & tar handle unsupported use cases and unextracted files.
HealthCheckPanicLog	Read panic log file line by line and display warnings, fatal errors and keyword results in a table in the War Room.
getInvHealthStatus	Get the count of big incidents, incidents with big context and big indicators.
getDetachedPlaybooks	Get the list of detached OOTB playbooks.
HealthCheckPlaybookAnalysis	Parsing playbooks.
getDetachedAutomations	Get the list of detached automations.
HealthCheckIncidentsCreatedWeekly	Trend graph for incident creation.
getDockerContainersCount	Get the count of docker containers.
getPlaybooksHealthStatus	Get the count of big workplan, big tasks playbooks and the playbooks which automatically turned in to quiet mode.
HealthCheckNumberOfPartitions	Widget Script to present the number of BoltDB partitions.
HealthCheckCommonIndicators	Reports on common indicators.
getDeprecatedAutomations	Get the list of deprecated automations.
HealthCheckFileSystem	read and parse filesystem.log
HealthCheckNumberOfEngines	Presenting Number of engines
HealthCheckFields	Parsing custom fields to detect indexed fields for risky field types.
HealthCheckPacksInstalled	Presenting numbers of packs installed
HealthCheckLicenseData	Read the license_data.log file extracted from the log bundle.
getPlaybooksCount	Get the count of custom, OOTB and deprecated playbooks.
HealthCheckInstalledPacks	Read the installedpacks.json. Count and get packs names.
HealthCheckReadTemeletryLog	Read Telemtry log.
HealthCheckSystemDiagnostics	Collect data from System Diagnostics tool.
HealthCheckServerConfiguration	Collect server configurations and save that into a table field.
HealthCheckContainersStatus	Containers status.
getWorkersCount	Get the count of Available, Busy and Total workers.
getAutomationsCount	Get the count of OOTB, custom and deprecated automations.
HealthCheckServerLog	Read server log file line by line and display warnings, fatal errors and keyword results in a table to the war room.
getCustomAutomations	Get the list of custom automations modified in last 30 days.
HealthCheckExportSummary	Export all Incident, Context and Widget data into Json format output.
HealthCheckDiskUsageLine	Present Disk usage stats line widget.
HealthCheckDockerLog	Read Docker log file.
getCustomPlaybooks	Get the list of custom playbooks created in last 30 days.
HealthCheckAnalyzeLargeInvestigations	Analyze large incidents.
HealthCheckReadConf	Read the license_data.log file extracted from the log bundle.
getDeprecatedIntegrations	Get the list of deprecated integrations.
getContentPackStatus	Get the count of Marketplace content packs update status.
getDeprecatedPlaybooks	Get the list of deprecated playbooks.
HealthCheckNumberOfLargeIOIncidents	Widget Script to present the number of incidents with large input and outputs.
HealthCheckReadVC	Read the version_control.log file extracted from the log bundle.
HealthCheckIncidentsCreatedMonthly	Trend graph for incidents created per month.
HealthCheckCPU	Present or parse CPU usage stats.
HealthCheckExportSummaryData	Export all Incident, Context and Widget data into Json format output.

Dashboards

Name	Description
XSOAR Status Review Dashboard v6

Incident Fields

Name	Description
Health Check Used Users
XSOAR Dev-Prod
XSOAR OS
XSOAR Dev-Prod Mode
XSOAR Server Configuration
Health Check Number Of Dropped Incidents
Health Check Number of investigations bigger than 1MB
Health Check Total Outdated Packs
Health Check Docker Images
Health Check Large Investigations
Health Check Docker Paused
XSOAR Architecture
XSOAR License Valid Till
Health Check Log Since
Health Check Actionable Items
Health Check Workers Busy
Health Check Incidents Large Number Of Entries
Health Check Log Until
XSOAR Customer Name
XSOAR Version
Health Check Panics
Health Check Docker Running
XSOAR CPU
XSOAR License
Health Check Investigations With Large Input / Output
Health Check Top Used Playbooks
Health Check Docker Containers
Health Check Permitted Users
Health Check Restart Count
XSOAR Telemetry Status
Health Check Number Of Engines
Health Check Auto Extraction based Incident Type
XSOAR Elastic Search
XSOAR Content Version
Health Check Number of investigations input / output bigger than 1MB
XSOAR Build
Health Check Installed Packs
XSOAR Memory
Health Check Enabled Instances
XSOAR Number Of DB Partitions
XSOAR Multi-Tenant
Health Check File System Directories	Filesystem directory non empty paths
Health Check Docker Stop
Health Check Large Files
Health Check Total Packs Installed
XSOAR Multi-Repo	XSOAR Multi Repo Flag
Health Check Workers Total
XSOAR DR
Health Check Risky Indexed Fields
Health Check Docker Containers Stats
Health Check Docker Version

Incident Types

Name	Description
System Diagnostics and Health Check

Layouts

Name	Description
System Diagnostics and Health Check

Playbooks

Name	Description
HealthCheck	New version for HealthCheck main playbook.
Health Check - Log Analysis Read All files	Parse files from log bundle output.
Health Check - Collect Log Bundle	Collect Log bundle and parse data.

Automations

Name	Description
HealthCheckIncidentsCreatedDaily	Trend graph for incidents created per day.
HealthCheckAlertsCreatedDaily	Trend graph for alerts created per day.
getDiskSpaceStatus	Get the Disk Space details.
getCustomAutomations	Get the list of custom automations modified in last 30 days.
HealthCheckNumberOfDroppedIncidents	Number of dropped incidents.
HealthCheckNumberOfDroppedAlerts	Number of dropped alerts.
HealthCheckPlaybookAnalysis	Parsing playbooks.
getInvHealthStatus	Get the count of big incidents, incidents with big context and big indicators.
HealthCheckIntegrations	Collect integrations name and count number of engines.
getDeprecatedAutomations	Get the list of deprecated automations.
getPlaybooksHealthStatus	Get the count of big workplan, big tasks playbooks and the playbooks which automatically turned in to quiet mode.
getWorkersCount	Get the count of Available, Busy and Total workers.
getPlaybooksCount	Get the count of custom, OOTB and deprecated playbooks.
HealthCheckOutdatedPacks	Presenting Outdated Packs
HealthCheckPacksInstalled	Presenting numbers of packs installed
HealthCheckNumberOfEngines	Presenting Number of engines
HealthCheckAPIvalidation	Validate if API Integration was defined correctly. If not detect what is the problem and warn about it.
getCustomPlaybooks	Get the list of custom playbooks created in last 30 days.
HealthCheckInstalledPacks	Read the installedpacks.json. Count and get packs names.
getAutomationsCount	Get the count of OOTB, custom and deprecated automations.
getDetachedPlaybooks	Get the list of detached OOTB playbooks.
HealthCheckCommonIndicators	Reports on common indicators.
getDeprecatedPlaybooks	Get the list of deprecated playbooks.
HealthCheckIncidentsCreatedMonthly	Trend graph for incidents created per month.
HealthCheckAlertsCreatedMonthly	Trend graph for alerts created per month.
HealthCheckIncidentTypes	Identify custom and detached system incidents type Checking if 'Auto Extraction' is turned on for: Extract from all Extract from specific indicators doesn't have any settings.
HealthCheckAlertTypes	Identify custom and detached system alerts type Checking if 'Auto Extraction' is turned on for: Extract from all Extract from specific indicators doesn't have any settings.
getDetachedAutomations	Get the list of detached automations.
getSystemHealthStatus	Get the count of slow searches, web socket disconnects(in last 12hrs).
HealthCheckExportSummaryData	Export all Incident, Context and Widget data into Json format output.
HealthCheckIncidentsCreatedWeekly	Trend graph for incident creation.
HealthCheckAlertsCreatedWeekly	Trend graph for alert creation.
getDockerContainersCount	Get the count of docker containers.
getContentPackStatus	Get the count of Marketplace content packs update status.
HealthCheckFields	Parsing custom fields to detect indexed fields for risky field types.
getDeprecatedIntegrations	Get the list of deprecated integrations.

Incident Fields

Name	Description
XSOAR Dev-Prod
Health Check Incidents Large Number Of Entries
Health Check Docker Version
XSOAR Memory
Health Check Panics
XSOAR Customer Name
XSOAR License Valid Till
Health Check Number Of Dropped Incidents
Health Check Number of investigations bigger than 1MB
Health Check Actionable Items
XSOAR Content Version
XSOAR Build
Health Check Docker Running
XSOAR Multi-Repo	XSOAR Multi Repo Flag
Health Check Docker Paused
Health Check Workers Total
Health Check File System Directories	Filesystem directory non empty paths
XSOAR License
Health Check Docker Images
XSOAR CPU
Health Check Log Until
Health Check Investigations With Large Input / Output
Health Check Installed Packs
XSOAR Elastic Search
XSOAR Architecture
Health Check Used Users
Health Check Auto Extraction based Incident Type
Health Check Top Used Playbooks
Health Check Enabled Instances
Health Check Log Since
Health Check Number Of Engines
Health Check Number of investigations input / output bigger than 1MB
Health Check Permitted Users
Health Check Large Files
XSOAR Multi-Tenant
Health Check Workers Busy
Health Check Docker Stop
Health Check Large Investigations
Health Check Docker Containers
Health Check Docker Containers Stats
XSOAR Server Configuration
XSOAR DR
Health Check Restart Count
XSOAR Number Of DB Partitions
XSOAR Version
XSOAR OS
XSOAR Dev-Prod Mode
Health Check Total Outdated Packs
Health Check Total Packs Installed
Health Check Risky Indexed Fields
XSOAR Telemetry Status

Required Content Packs (3)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR

Optional Content Packs (1)

Pack Name	Pack By
Zendesk	By: Cortex XSOAR

All level dependencies (3)

Pack Name	Pack By
Base	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

3.1.0 - 5933565 (November 19, 2025)

Layouts

New: System Diagnostics and Health Check
New: Added a new layout- System Diagnostics and Health Check for dedicated for v8

Playbooks

Health Check - Collect Log Bundle

The 'Health Check - Collect Log Bundle' playbook has been updated to run only on specific versions and is no longer available in Cortex XSOAR 8 by default.

New: HealthCheck

New version for HealthCheck main playbook

Health Check - Log Analysis Read All files

Updated the Health Check - Log Analysis Read All files playbook for v6

Scripts

HealthCheckCommonIndicators

Updated the Docker image to: demisto/python3:3.12.11.4819260.

HealthCheckIncidentTypes

Updated the Docker image to: demisto/python3:3.12.11.4819260.

HealthCheckAnalyzeLargeInvestigations

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckCPU

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckContainersStatus

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckDiskUsage

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckDiskUsageLine

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckDockerLog

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckExportSummary

Updated the HealthCheckExportSummary script for v6
Updated the Docker image to: demisto/python3:3.12.11.4819260.

New: HealthCheckExportSummaryData

New: Added a new script- HealthCheckExportSummaryData for XSOAR x8, export the collected data to provide the CS team.

HealthCheckFileSystem

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckGetLargestInputsAndOutputsInIncidents

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckLicenseData

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckMemory

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckNumberOfLargeIOIncidents

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckNumberOfLargeIncidents

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckNumberOfPartitions

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckPanicLog

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckReadConf

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckReadTemeletryLog

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckReadVC

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckServerLog

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckSystemDiagnostics

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckUnpack

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckWorkers

Updated the Docker image to: demisto/python3:3.12.12.5490952.

Related pull requests:
- 41821
- 41970

Download

3.0.7 - 5636304 (October 29, 2025)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 41629

Download

3.0.6 - 4847835 (September 11, 2025)

Scripts

getAutomationsCount

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckNumberOfLargeIncidents

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckInstalledPacks

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckNumberOfDroppedIncidents

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckServerConfiguration

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckFileSystem

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckAnalyzeLargeInvestigations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckCPU

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckSystemDiagnostics

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckMemory

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getCustomAutomations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckNumberOfLargeIOIncidents

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckIncidentsCreatedMonthly

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDiskSpaceStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckServerLog

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckIncidentsCreatedWeekly

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getInvHealthStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckNumberOfEngines

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDeprecatedIntegrations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckPlaybookAnalysis

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckCommonIndicators

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckIntegrations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckReadConf

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getCustomPlaybooks

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckWorkers

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getSystemHealthStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckUnpack

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckOutdatedPacks

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckDiskUsage

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getPlaybooksCount

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckExportSummary

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getPlaybooksHealthStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckReadVC

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckReadTemeletryLog

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckNumberOfPartitions

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckIncidentTypes

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDeprecatedAutomations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getWorkersCount

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDockerContainersCount

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckDiskUsageLine

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDeprecatedPlaybooks

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckContainersStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckGetLargestInputsAndOutputsInIncidents

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDetachedAutomations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckAPIvalidation

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckFields

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getContentPackStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckPanicLog

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckDockerLog

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDetachedPlaybooks

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckPacksInstalled

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckIncidentsCreatedDaily

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckLicenseData

Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 41193

Download

3.0.5 - R3980324 (June 26, 2025)

Scripts

HealthCheckDiskUsage

Metadata and documentation improvements.

HealthCheckDockerLog

Metadata and documentation improvements.

getDetachedAutomations

Metadata and documentation improvements.

getPlaybooksHealthStatus

Metadata and documentation improvements.

HealthCheckNumberOfPartitions

Metadata and documentation improvements.

HealthCheckContainersStatus

Metadata and documentation improvements.

getWorkersCount

Metadata and documentation improvements.

HealthCheckPanicLog

Metadata and documentation improvements.

HealthCheckExportSummary

Metadata and documentation improvements.

HealthCheckUnpack

Metadata and documentation improvements.

getDeprecatedPlaybooks

Metadata and documentation improvements.

getPlaybooksCount

Metadata and documentation improvements.

HealthCheckSystemDiagnostics

Metadata and documentation improvements.

getAutomationsCount

Metadata and documentation improvements.

getCustomAutomations

Metadata and documentation improvements.

HealthCheckAPIvalidation

Metadata and documentation improvements.

HealthCheckServerConfiguration

Metadata and documentation improvements.

HealthCheckServerLog

Metadata and documentation improvements.

HealthCheckNumberOfEngines

Metadata and documentation improvements.

HealthCheckLicenseData

Metadata and documentation improvements.

HealthCheckWorkers

Metadata and documentation improvements.

getCustomPlaybooks

Metadata and documentation improvements.

HealthCheckOutdatedPacks

Metadata and documentation improvements.

HealthCheckFileSystem

Metadata and documentation improvements.

HealthCheckReadVC

Metadata and documentation improvements.

HealthCheckPlaybookAnalysis

Metadata and documentation improvements.

HealthCheckReadTemeletryLog

Metadata and documentation improvements.

getSystemHealthStatus

Metadata and documentation improvements.

HealthCheckDiskUsageLine

Metadata and documentation improvements.

getDeprecatedAutomations

Metadata and documentation improvements.

getContentPackStatus

Metadata and documentation improvements.

getInvHealthStatus

Metadata and documentation improvements.

HealthCheckPacksInstalled

Metadata and documentation improvements.

getDetachedPlaybooks

Metadata and documentation improvements.

getDockerContainersCount

Metadata and documentation improvements.

HealthCheckCPU

Metadata and documentation improvements.

HealthCheckIncidentTypes

Metadata and documentation improvements.

HealthCheckReadConf

Metadata and documentation improvements.

HealthCheckIntegrations

Metadata and documentation improvements.

HealthCheckGetLargestInputsAndOutputsInIncidents

Metadata and documentation improvements.

HealthCheckNumberOfLargeIncidents

Metadata and documentation improvements.

getDeprecatedIntegrations

Metadata and documentation improvements.

HealthCheckNumberOfLargeIOIncidents

Metadata and documentation improvements.

HealthCheckMemory

Metadata and documentation improvements.

getDiskSpaceStatus

Metadata and documentation improvements.

HealthCheckNumberOfDroppedIncidents

Metadata and documentation improvements.

HealthCheckCommonIndicators

Metadata and documentation improvements.

Related pull requests:
- 39088

Download

3.0.4 - R2988527 (March 26, 2025)

Scripts

HealthCheckSystemDiagnostics

Code functionality improvements.
Updated the Docker image to: demisto/python3:3.11.10.116949.

Related pull requests:
- 38058

Download

3.0.3 - 1809308 (December 15, 2024)

Scripts

HealthCheckUnpack

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckOutdatedPacks

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckNumberOfEngines

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckReadConf

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckServerLog

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckReadTemeletryLog

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckReadVC

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckPacksInstalled

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37567
- 37564
- 37565

Download

3.0.2 - 1748140 (December 4, 2024)

Scripts

getPlaybooksHealthStatus

Updated the Docker image to: demisto/python3:3.11.10.115186.

getPlaybooksCount

Updated the Docker image to: demisto/python3:3.11.10.115186.

getDiskSpaceStatus

Updated the Docker image to: demisto/python3:3.11.10.115186.

getCustomAutomations

Updated the Docker image to: demisto/python3:3.11.10.115186.

getDetachedAutomations

Updated the Docker image to: demisto/python3:3.11.10.115186.

getAutomationsCount

Updated the Docker image to: demisto/python3:3.11.10.115186.

getWorkersCount

Updated the Docker image to: demisto/python3:3.11.10.115186.

getSystemHealthStatus

Updated the Docker image to: demisto/python3:3.11.10.115186.

getDetachedPlaybooks

Updated the Docker image to: demisto/python3:3.11.10.115186.

getInvHealthStatus

Updated the Docker image to: demisto/python3:3.11.10.115186.

getDockerContainersCount

Updated the Docker image to: demisto/python3:3.11.10.115186.

getCustomPlaybooks

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37528
- 37524
- 37525
- 37526
- 37527

Download

3.0.1 - 1731907 (December 1, 2024)

Scripts

HealthCheckExportSummary

Fix export for XSOAR v8

Related pull requests:
- 37434
- 37478

Download

3.1.0 - 5933565 (November 19, 2025)

Playbooks

Health Check - Collect Log Bundle

The 'Health Check - Collect Log Bundle' playbook has been updated to run only on specific versions and is no longer available in Cortex XSOAR 8 by default.

Health Check - Log Analysis Read All files

Updated the Health Check - Log Analysis Read All files playbook for v6

Scripts

HealthCheckCommonIndicators

Updated the Docker image to: demisto/python3:3.12.11.4819260.

HealthCheckIncidentTypes

Updated the Docker image to: demisto/python3:3.12.11.4819260.

HealthCheckCPU

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckContainersStatus

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckDiskUsage

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckDiskUsageLine

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckDockerLog

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckExportSummary

Updated the HealthCheckExportSummary script for v6
Updated the Docker image to: demisto/python3:3.12.11.4819260.

New: HealthCheckExportSummaryData

New: Added a new script- HealthCheckExportSummaryData for XSOAR x8, export the collected data to provide the CS team.

HealthCheckFileSystem

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckLicenseData

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckMemory

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckNumberOfLargeIOIncidents

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckNumberOfLargeIncidents

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckNumberOfPartitions

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckPanicLog

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckReadConf

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckReadTemeletryLog

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckReadVC

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckServerLog

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckSystemDiagnostics

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckUnpack

Updated the Docker image to: demisto/python3:3.12.12.5490952.

HealthCheckWorkers

Updated the Docker image to: demisto/python3:3.12.12.5490952.

Related pull requests:
- 41821
- 41970

Download

3.0.7 - 5636304 (October 29, 2025)

Changes are not relevant for XSIAM marketplace.

Related pull requests:
- 41629

Download

3.0.6 - 4847835 (September 11, 2025)

Scripts

getAutomationsCount

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckNumberOfLargeIncidents

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckInstalledPacks

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckNumberOfDroppedIncidents

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckFileSystem

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckCPU

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckSystemDiagnostics

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckMemory

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getCustomAutomations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckNumberOfLargeIOIncidents

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckIncidentsCreatedMonthly

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDiskSpaceStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckServerLog

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckIncidentsCreatedWeekly

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getInvHealthStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckNumberOfEngines

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDeprecatedIntegrations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckPlaybookAnalysis

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckCommonIndicators

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckIntegrations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckReadConf

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getCustomPlaybooks

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckWorkers

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getSystemHealthStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckUnpack

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckOutdatedPacks

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckDiskUsage

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getPlaybooksCount

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckExportSummary

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getPlaybooksHealthStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckReadVC

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckReadTemeletryLog

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckNumberOfPartitions

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckIncidentTypes

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDeprecatedAutomations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getWorkersCount

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDockerContainersCount

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckDiskUsageLine

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDeprecatedPlaybooks

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckContainersStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDetachedAutomations

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckAPIvalidation

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckFields

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getContentPackStatus

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckPanicLog

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckDockerLog

Updated the Docker image to: demisto/python3:3.12.8.3296088.

getDetachedPlaybooks

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckPacksInstalled

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckIncidentsCreatedDaily

Updated the Docker image to: demisto/python3:3.12.8.3296088.

HealthCheckLicenseData

Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 41193

Download

3.0.5 - R3980324 (June 26, 2025)

Scripts

HealthCheckDiskUsage

Metadata and documentation improvements.

HealthCheckDockerLog

Metadata and documentation improvements.

getDetachedAutomations

Metadata and documentation improvements.

getPlaybooksHealthStatus

Metadata and documentation improvements.

HealthCheckNumberOfPartitions

Metadata and documentation improvements.

HealthCheckContainersStatus

Metadata and documentation improvements.

getWorkersCount

Metadata and documentation improvements.

HealthCheckPanicLog

Metadata and documentation improvements.

HealthCheckExportSummary

Metadata and documentation improvements.

HealthCheckUnpack

Metadata and documentation improvements.

getDeprecatedPlaybooks

Metadata and documentation improvements.

getPlaybooksCount

Metadata and documentation improvements.

HealthCheckSystemDiagnostics

Metadata and documentation improvements.

getAutomationsCount

Metadata and documentation improvements.

getCustomAutomations

Metadata and documentation improvements.

HealthCheckAPIvalidation

Metadata and documentation improvements.

HealthCheckServerLog

Metadata and documentation improvements.

HealthCheckNumberOfEngines

Metadata and documentation improvements.

HealthCheckLicenseData

Metadata and documentation improvements.

HealthCheckWorkers

Metadata and documentation improvements.

getCustomPlaybooks

Metadata and documentation improvements.

HealthCheckOutdatedPacks

Metadata and documentation improvements.

HealthCheckFileSystem

Metadata and documentation improvements.

HealthCheckReadVC

Metadata and documentation improvements.

HealthCheckPlaybookAnalysis

Metadata and documentation improvements.

HealthCheckReadTemeletryLog

Metadata and documentation improvements.

getSystemHealthStatus

Metadata and documentation improvements.

HealthCheckDiskUsageLine

Metadata and documentation improvements.

getDeprecatedAutomations

Metadata and documentation improvements.

getContentPackStatus

Metadata and documentation improvements.

getInvHealthStatus

Metadata and documentation improvements.

HealthCheckPacksInstalled

Metadata and documentation improvements.

getDetachedPlaybooks

Metadata and documentation improvements.

getDockerContainersCount

Metadata and documentation improvements.

HealthCheckCPU

Metadata and documentation improvements.

HealthCheckIncidentTypes

Metadata and documentation improvements.

HealthCheckReadConf

Metadata and documentation improvements.

HealthCheckIntegrations

Metadata and documentation improvements.

HealthCheckNumberOfLargeIncidents

Metadata and documentation improvements.

getDeprecatedIntegrations

Metadata and documentation improvements.

HealthCheckNumberOfLargeIOIncidents

Metadata and documentation improvements.

HealthCheckMemory

Metadata and documentation improvements.

getDiskSpaceStatus

Metadata and documentation improvements.

HealthCheckNumberOfDroppedIncidents

Metadata and documentation improvements.

HealthCheckCommonIndicators

Metadata and documentation improvements.

Related pull requests:
- 39088

Download

3.0.4 - R2988527 (March 26, 2025)

Scripts

HealthCheckSystemDiagnostics

Code functionality improvements.
Updated the Docker image to: demisto/python3:3.11.10.116949.

Related pull requests:
- 38058

Download

3.0.3 - 1809308 (December 15, 2024)

Scripts

HealthCheckUnpack

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckOutdatedPacks

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckNumberOfEngines

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckReadConf

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckServerLog

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckReadTemeletryLog

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckReadVC

Updated the Docker image to: demisto/python3:3.11.10.115186.

HealthCheckPacksInstalled

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37567
- 37564
- 37565

Download

3.0.2 - 1748140 (December 4, 2024)

Scripts

getPlaybooksHealthStatus

Updated the Docker image to: demisto/python3:3.11.10.115186.

getPlaybooksCount

Updated the Docker image to: demisto/python3:3.11.10.115186.

getDiskSpaceStatus

Updated the Docker image to: demisto/python3:3.11.10.115186.

getCustomAutomations

Updated the Docker image to: demisto/python3:3.11.10.115186.

getDetachedAutomations

Updated the Docker image to: demisto/python3:3.11.10.115186.

getAutomationsCount

Updated the Docker image to: demisto/python3:3.11.10.115186.

getWorkersCount

Updated the Docker image to: demisto/python3:3.11.10.115186.

getSystemHealthStatus

Updated the Docker image to: demisto/python3:3.11.10.115186.

getDetachedPlaybooks

Updated the Docker image to: demisto/python3:3.11.10.115186.

getInvHealthStatus

Updated the Docker image to: demisto/python3:3.11.10.115186.

getDockerContainersCount

Updated the Docker image to: demisto/python3:3.11.10.115186.

getCustomPlaybooks

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37528
- 37524
- 37525
- 37526
- 37527

Download

3.0.1 - 1731907 (December 1, 2024)

Scripts

HealthCheckExportSummary

Fix export for XSOAR v8

Related pull requests:
- 37434
- 37478

Download

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Supported By	Community
Created	July 6, 2021
Last Release	November 19, 2025

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.