Leave us a Message:

How to use a Grid Field​

Share on facebook
Share on linkedin
Share on twitter
Share on whatsapp
Share on email

How to use a grid field

In this post, our SOAR expert, Mr.Ben Aviv, will demonstrate how to use a grid field in XSOAR (Demisto). This action is a daily activity in every SOC, we intend to help you fully understand how to use and manage the grid field. This post is one of the two-part use cases in SOAR by our expert Ben Aviv.

Let’s start: The Grid field is displaying a JSON array as a table.

In a grid field, the following array will look like the following grid: [{“name”:”Yarin”,”age”:”22”},{“name”:”Yochay”,”age”:”29”},{“name”:”Emily”,”age”:”21”}]









To create a new grid field go to Settings > Advanced > Fields, and click on the “ + New Field” button, and choose in the incident field type “Grid (table)”.

To add or remove a column, click on the “+” or “-” sign on the right side of the table.

Note that you can choose the type of each column by clicking the small gear icon near the column header (for example, if you want the values of a column to be a clickable URL address, choose URL type.)

In order to insert columns to the grid, you will need to run the “setIncident” command like this:
!setIncident =’[{“name”:”Yarin”,”age”:”22”},{“name”:”Yochay”,”age”:”29”}]’
Where each “{}” represents a row in the grid.
When setting the incident field, the name of the column should be in lowercase, and without any special characters or spaces. (“Manager’s Phone” will turn into “managersphone”)

The post was written by Ben Aviv.

This post helped you? Share with us how!

Have an interest in a certain topic? tell us what and we will share our best practice in it

Subscribe and stay tuned for additional tools and tips from Cybersiem’s experts

For more Use Cases, Articles and Tips visit our Blog

Share this post

Share on facebook
Share on linkedin
Share on twitter
Share on whatsapp
Share on email
Ben Aviv

Ben Aviv

Leave a Reply

About Us

We increase the security of organizational information and anticipate threats before they cause damage, and improve the level of protection of organizational information, by providing end-to-end SIEM solution.

Recent Posts

Skip to content