Contact sales
Details

This workflow works with an incident automation rule to send Webex messages when a new incident is created in Cisco XDR.

Description

This workflow works with an incident automation rule to send Webex messages when a new incident is created in Cisco XDR. You can limit the incidents you send messages for by adding criteria to your incident automation rule. After importing this workflow, be sure to add it to an incident automation rule.

This workflow sends a Webex message with a card. If you want to change the card's content, you can edit the "Build the card JSON" activity. Alternatively, you can build your own message in the "Webex - Post Message to Room" activity's "Markdown Message" or "Plain Text Message" inputs and remove the card variable from the "Attachments" input.

Target: Webex

Steps:

  • Search for the configured Webex room
  • Check if the room was found (if not, end the workflow)
  • Extract the short incident ID
  • Build the Webex card JSON payload
  • Send the Webex message
  • Check if sending the message was successful:
    • If it was, set the workflow result
    • If it wasn't, output an error
Required targets

This workflow requires the following targets to be available before it can be run.

Integration targets

  • Webex
About
Author
Cisco
Version
v1.4
Integration
Average rating
5.0 out of 5
Authorship
Cisco Managed
Contact and support information
https://support.cisco.com
External links

Content Licensing

Developer Community

Related workflows
Logo for Secure Malware Analytics
Cisco Secure Malware Analytics - XDR incident and notification
Community
This scheduled workflow executes a search query in Cisco Secure Malware Analytics for new private samples submitted and convinced as malicious.
Learn more
Logo for Orbital
Orbital - Alert on New AV
Community
When triggered, this workflow will review the Secure Endpoint machines about installed antivirus (AV) applications in Orbital and send a Webex Alert on new non-approved AV app.
Learn more
Logo for Orbital
Orbital - Alert on New Local User
Community
When triggered, this workflow will review the Secure Endpoint machines and local admin users in Orbital and send a Webex Alert on new non-approved admin user.
Learn more
Logo for Webex
Scheduled Cisco XDR Integration Health Check with Cisco Webex
Community
This workflows runs a (scheduled) "Cisco XDR Integration Module Healthcheck" and posts a message to Webex if such a healthcheck fails.
Learn more
Logo for Webex
Webex - Create Room for New Incident
Cisco Managed
This workflow works with an incident automation rule or playbook to create a Webex room when incidents are created in Cisco XDR.
Incident Response
Learn more
Logo for Webex
Webex - Send Message for New Incidents
Cisco Managed
This workflow works with an incident automation rule to send Webex messages when a new incident is created in Cisco XDR.
Learn more