Incident Fields
Breaking Change: Removed the following incident fields:
Health Check Number of investigations input / output bigger than 10MB, Health Check Number of investigations with more than 500 entries.
Changed Health Check Investigations bigger than 10MB to Health Check Docker Images,
Health Check Investigations bigger than 1MB to Health Check Incidents Large Number Of Entries,
Health Check Investigations input / output bigger than 10MB to Health Check Investigations With Large Input / Output,
Health Check Investigations input / output bigger than 1MB to Health Check Large Investigations,
Health Check Number of investigations bigger than 10MB to Health Check Number Of Dropped Incidents.
- Health Check Docker Paused
- Health Check Docker Running
- Health Check Docker Stop
- Health Check Docker Version
- Health Check Workers Busy
- Health Check Workers Total
- XSOAR Dev-Prod
- XSOAR Memory
- XSOAR OS
- Health Check Docker Containers Stats
- Health Check Large Files
- Health Check Panics
- Health Check Risky Indexed Fields
- Health Check Top Used Playbooks
- XSOAR Server Configuration
- Health Check File System Directories
- XSOAR Number Of DB Partitions
Playbooks
Health Check - Log Analysis Read All files
- Parse files from log bundle output.
Scripts
HealthCheckAnalyzeLargeInvestigations
- Parse files from log bundle output.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckCPU
- Present or parse CPU usage stats.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckCommonIndicators
- Reports on common indicators.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
- Widget shows docker container status.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckDiskUsage
- Present or parse Disk usage stats.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckDiskUsageLine
- Present Disk usage stats line widget.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckDockerLog
- Read docker log file.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckFileSystem
- read and parse filesystem.log.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
- Returns inputs and outputs larger than 1 MB from all Cortex XSOAR investigations in the last 1 / 2 months.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckIncidentsCreatedDaily
- Trend graph for incidents created per day.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckIncidentsCreatedMonthly
- Trend graph for incidents created per month.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckIncidentsCreatedWeekly
- Trend graph for incident creation.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckInstalledPacks
- Count and get packs names.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckIntegrations
- Collect integrations name and count number of engines.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckLicenseData
- Read the license_data.log file extracted from the log bundle.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckMemory
- Present or analyze memory usage.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckNumberOfDroppedIncidents
- Number of dropped incidents.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckNumberOfEngines
- Presenting Number of engines.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckOutdatedPacks
- Presenting Outdated Packs.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckPacksInstalled
- Presenting numbers of packs installed.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckPlaybookAnalysis
- Parsing playbooks to detect wrong useage and suggest best practises.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckReadConf
- Read the license_data.log file extracted from the log bundle.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckReadTemeletryLog
- Read Telemtry log.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckReadVC
- Read the version_control.log file extracted from the log bundle.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckServerConfiguration
- Collect server configurations and save that into a table field.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckServerLog
- Read server log file line by line and display warnings, fatal errors and keyword results in a table to the war room.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckUnpack
- Extract files from log bundle - supports tar.gz & tar.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
HealthCheckWorkers
- Present or analyze workers usage.
- Updated the Docker image to: demisto/python3:3.10.1.27636.
New: HealthCheckFields
- Parsing custom fields to detect indexed fields for risky field types.
New: HealthCheckNumberOfLargeIOIncidents
- Widget Script to present the number of incidents with large input and outputs.
New: HealthCheckNumberOfLargeIncidents
- Widget Script to present the number of large incidents.
New: HealthCheckNumberOfPartitions
- Widget Script to present the number of BoltDB partitions.
New: HealthCheckSystemDiagnostics
- Collect data from System Diagnostics tool.
New: HealthCheckPanicLog
- Read panic log file line by line and display warnings, fatal errors and keyword results in a table to the war room.
New: HealthCheckAPIvalidation
- Validate if API Integration was defined correctly.
If not detect what is the problem and warn about it.
New: HealthCheckExportSummary
- Export all Incident, Context and Widget data into Json format output.
Layouts
System Diagnostics and Health Check
- New layout design, now the values looks better.
- New grid fields were exposed and some were merged.
Download