https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-ticket-system-integration-or-linking-options/m-p/476892#M1797 <P>Hi there,</P><P>&nbsp;</P><P>I am just getting started into what Cortex XDR can do. One item I cannot find a clear answer to so far is how XDR handles alerts forwarding or some API integration between it and, for example, Freshdesk/ServiceNow/Autotask etc.</P><P>&nbsp;</P><P>Is this possible with Cortex XDR?</P><P>&nbsp;</P><P>If you have any links to further reading please point me in the right direction. Thanks.</P><P>&nbsp;</P><P>Kind regards</P><P>Phil</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 30 Mar 2022 13:39:14 GMT IREPhil 2022-03-30T13:39:14Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-ticket-system-integration-or-linking-options/m-p/476892#M1797 <P>Hi there,</P><P>&nbsp;</P><P>I am just getting started into what Cortex XDR can do. One item I cannot find a clear answer to so far is how XDR handles alerts forwarding or some API integration between it and, for example, Freshdesk/ServiceNow/Autotask etc.</P><P>&nbsp;</P><P>Is this possible with Cortex XDR?</P><P>&nbsp;</P><P>If you have any links to further reading please point me in the right direction. Thanks.</P><P>&nbsp;</P><P>Kind regards</P><P>Phil</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 30 Mar 2022 13:39:14 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-ticket-system-integration-or-linking-options/m-p/476892#M1797 IREPhil 2022-03-30T13:39:14Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-ticket-system-integration-or-linking-options/m-p/476901#M1798 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/214415">@IREPhil</a>&nbsp;,&nbsp;</P><P>you can forward your notifications to syslog receiver, email, or even slack. Please check the following doc on how to do it</P><P>&nbsp;</P><P><A href="https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/logs/create-notifications" target="_blank">https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/logs/create-notifications</A></P><P>&nbsp;</P><P>So you need also this doc to configure it:&nbsp;</P><P><A href="https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/logs/integrate-a-syslog-receiver-for-outbound-notifications.html#forward-logs-to-a-syslog-receiver" target="_blank">https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/logs/integrate-a-syslog-receiver-for-outbound-notifications.html#forward-logs-to-a-syslog-receiver</A></P><P>&nbsp;</P><P>Additionally you can use API, please check the following doc:&nbsp;</P><P><A href="https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-api/cortex-xdr-apis/incident-management/get-incidents.html#id990df1b2-5bca-4c61-8e12-0f0bae5194b8" target="_blank">https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-api/cortex-xdr-apis/incident-management/get-incidents.html#id990df1b2-5bca-4c61-8e12-0f0bae5194b8</A></P><P>&nbsp;</P><P>The difference is that you can be more granular/selective via API and might more informative sending the alerts/incidents than just a notification. Depends on your scenario/use case.&nbsp;</P><P>Please if this was helpful feel free to like, rate it or mark it as a solution.</P><P>KR,<BR />Luis</P><P>&nbsp;</P> Wed, 30 Mar 2022 14:01:38 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-ticket-system-integration-or-linking-options/m-p/476901#M1798 eluis 2022-03-30T14:01:38Z