topic Re: Cortex XDR alert log notification delay in Cortex XDR Discussions https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-alert-log-notification-delay/m-p/582251#M6443 <P>Hello&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/10081">@RichardChou</a>&nbsp;</P> <P>&nbsp;</P> <P>Thanks for reaching out on LiveCommunity!</P> <P>Delay in alert notification can be due to multiple external and internal factors. A delay in alert data being sent to XDR, delay in stitching of data points by XDR, delay due to communication lag between XDR and log server, grouping timeframe window etc. To find the cause please confirm whether the delay is only in the email/syslog notification you receive or is it also that alerts are getting delayed to reach the XDR console itself?</P> <P>Occasional delay can be expected due to some external factors but if the delay is consistent please open a support case to investigate the cause and rectify it.</P> <P>&nbsp;</P> <P>Please c<SPAN>lick&nbsp;</SPAN><STRONG>Accept as Solution</STRONG><SPAN>&nbsp;to acknowledge that the answer to your question has been provided.</SPAN></P> Mon, 01 Apr 2024 16:08:47 GMT nsinghvirk 2024-04-01T16:08:47Z Cortex XDR alert log notification delay https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-alert-log-notification-delay/m-p/582093#M6438 <P>Hi All:</P> <P>&nbsp;</P> <P>We found that the Alert notification sent by XDR was delayed in delivery.<BR />It often took over a minute to arrive, and on one occasion it took over forty minutes for our log server to receive it.<BR />Does anyone know how to improve this issue, or is this normal?</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>Richard</P> Fri, 29 Mar 2024 05:04:18 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-alert-log-notification-delay/m-p/582093#M6438 RichardChou 2024-03-29T05:04:18Z Re: Cortex XDR alert log notification delay https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-alert-log-notification-delay/m-p/582251#M6443 <P>Hello&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/10081">@RichardChou</a>&nbsp;</P> <P>&nbsp;</P> <P>Thanks for reaching out on LiveCommunity!</P> <P>Delay in alert notification can be due to multiple external and internal factors. A delay in alert data being sent to XDR, delay in stitching of data points by XDR, delay due to communication lag between XDR and log server, grouping timeframe window etc. To find the cause please confirm whether the delay is only in the email/syslog notification you receive or is it also that alerts are getting delayed to reach the XDR console itself?</P> <P>Occasional delay can be expected due to some external factors but if the delay is consistent please open a support case to investigate the cause and rectify it.</P> <P>&nbsp;</P> <P>Please c<SPAN>lick&nbsp;</SPAN><STRONG>Accept as Solution</STRONG><SPAN>&nbsp;to acknowledge that the answer to your question has been provided.</SPAN></P> Mon, 01 Apr 2024 16:08:47 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-alert-log-notification-delay/m-p/582251#M6443 nsinghvirk 2024-04-01T16:08:47Z