Contact sales
Details

This workflows runs a (scheduled) "Cisco XDR Integration Module Healthcheck" and posts a message to Webex if such a healthcheck fails. You may want to remove the Webex notification, and change this to another messaging platform like Slack, or send an email.

Description

  1. Make sure you have the Cisco Webex integration module configured in your Cisco XDR org.
  2. Click install. If you have multiple Webex Integrations, please choose the Bot you would like to use. Skip this if you don't want to use Webex, it will make the Workflow invalid, but you can edit it later after installing.
  3. Enter a Webex Space name, make sure that your Bot is in the selected Space. Skip this if you don't want to use Webex, it will make the Workflow invalid, but you can edit it later after installing.
  4. Optionally you can configure a Scheduled Automation Rule, for example to run this Workflow every hour. Be mindful of rate limits, as it will connect to every module in your org.
  5. Make sure the Workflow is "validated" (should happen automatically during installation), otherwise it will not be able to run.
Required targets

This workflow requires the following targets to be available before it can be run.

Integration targets

  • Cisco XDR
  • Webex
About
Author
Christopher van der Made
Version
v1.0
Integration
Average rating
5.0 out of 5
Authorship
Community
Contact and support information
chrivand@cisco.com
External links

Content Licensing

Developer Community

Related workflows
Logo for Secure Malware Analytics
Cisco Secure Malware Analytics - XDR incident and notification
Community
This scheduled workflow executes a search query in Cisco Secure Malware Analytics for new private samples submitted and convinced as malicious.
Learn more
Logo for Orbital
Orbital - Alert on New AV
Community
When triggered, this workflow will review the Secure Endpoint machines about installed antivirus (AV) applications in Orbital and send a Webex Alert on new non-approved AV app.
Learn more
Logo for Orbital
Orbital - Alert on New Local User
Community
When triggered, this workflow will review the Secure Endpoint machines and local admin users in Orbital and send a Webex Alert on new non-approved admin user.
Learn more
Logo for Webex
Scheduled Cisco XDR Integration Health Check with Cisco Webex
Community
This workflows runs a (scheduled) "Cisco XDR Integration Module Healthcheck" and posts a message to Webex if such a healthcheck fails.
Learn more
Logo for Webex
Webex - Create Room for New Incident
Cisco Managed
This workflow works with an incident automation rule or playbook to create a Webex room when incidents are created in Cisco XDR.
Incident Response
Learn more
Logo for Webex
Webex - Send Message for New Incidents
Cisco Managed
This workflow works with an incident automation rule to send Webex messages when a new incident is created in Cisco XDR.
Learn more