Cortex XDR Discussions

Resolved! XDR integrates Fortigate but doesn't see data in dataset

First of all, I have a per TB license, so today I integrated the data of the fortigate firewall, forwarded it to the broker through the log, and opened the syslog applet on the broker. Configured according to the admin guide, the firewall is given to

...

Resolved! What is the relationship between XDR and Datalake

I saw that there is datalake in the official admin guide structure, but I don't know what datalake does. I bought 200 XDR pro licence and found that my account has more datalake, which has 1TB of storage space. I am very confused. What data is it use

...

Resolved! create custom xql widget

Hi

Any guidance to create custom xql widget for ingestion data, such as the screenshot? Thanks in advance

Completely silent XDR install command line switches.

Looking for some insight on how to automatically accept the license during agent installation.

deploy broker vm proxy configuration

hello,

i want to install cortexXDR throught SCCM on my servers but i'm facing an issue with setting the proxy parameters also to type the confirmation password.

How it's possible to do it?

any help please?

BR.

Cortex XdR

Is it possible to set a policy for the file size in cortex Xdr /Cortex Xdr pro?

Requirement: The limited size(configured size if possible to set policy) of file can only be shared between the endpoint

Create a BIOC that doesn't allow a specific folder to be created

Hello,

i want to create a rule that prevent anyone from creating a directory with a specific name in C:\

for example: if we say the folder is named coffee, i don't want this folder directory being created "C:\Coffee" .

i tried to created it, but i could

...

Resolved! Cortex XDR makes visual studio run slower

My users have reported that visual studio is very slow to open, which seriously affects the work of the development team. Of course, after I turned off the malware function of XDR, the user returned to normal. I set the visual studio installation pat

...

Cortex XDR agent is not communicating to console. We are checking from setting up proxy on linux agent but geeting error.

Cortex XDR agent is not communicating to console. We are checking from setting up proxy on linux agent but geeting error.
(./cytool proxy set ......)
RpcClient: SendRequest: Error 14: failed to connect to all addresses
RPC call for proxy command 'query'

...

Cortex XDR

I'm currently writing a Sentinel Cortex XDR connector. Is it possible to get a trial licence for cortex xdr?

Cortex XDR

Resolved! Apples Software Update gets blocked by Cortex XDR

Hello Palo Community,

does anybody know why the Apple SoftwareUpdate.exe got blocked by Cortex XDR today

Or has someone else also encountered this Problem?

In the Community section of VirusTotal I discoverd a comment that Palo Alto apperently changed

...

Resolved! Does Cortex XDR provide protection for WSL running on Windows 10?

Does anyone here know if Cortex XDR is installed on Windows 10 (20H2) if it would protect Windows Subsystem for Linix (WSL)?

Best way to exclude legitimate behaviours

When it comes to excluding legitimate behaviours from BIOC rules, as far as I can see, there are 3 options:

Modify the BIOC rule itself adding "not equal to" logic.
Add BIOC rule exclusion at https://<organisation>.xdr.eu.paloaltonetworks.com/rules/exc

...

Cortex XDR Prevent Specific Questions

We are using Cortex XDR Prevent

1) I see many places the word 'rules' and 'rule exception' is used , I assume this option or feature is not available in Cortex XDR Prevent as I do not see it in the menus/blades .I guess its a 'Pro' edition feature .

...

Modify Alerts Going to An Endpoint Group

Hello all,

I have setup an endpoint group of high profile laptops. I would like the following configured on XDR.

- Prefix all Incident names going to endpoints in that group with "VIP Endpoint [Incident Name] (e.g. VIP Endpoint Wildfire Malware Dete

...

Discussions

Resolved! XDR integrates Fortigate but doesn't see data in dataset

Resolved! What is the relationship between XDR and Datalake

Resolved! create custom xql widget

Completely silent XDR install command line switches.

deploy broker vm proxy configuration

Cortex XdR

Create a BIOC that doesn't allow a specific folder to be created

Resolved! Cortex XDR makes visual studio run slower

Cortex XDR agent is not communicating to console. We are checking from setting up proxy on linux agent but geeting error.

Cortex XDR

Resolved! Apples Software Update gets blocked by Cortex XDR

Resolved! Does Cortex XDR provide protection for WSL running on Windows 10?

Best way to exclude legitimate behaviours

Cortex XDR Prevent Specific Questions

Modify Alerts Going to An Endpoint Group

Sending Cortex XDR incidents to MS Teams

Notification via Mail - Improvement

Updates missing force install via XDR

Cortex XDR Analytics BIOC Rules' Severity

Cortex XDR File Integrity Monitor and PCI-DSS 10.5.5 and 11.5 requirements

Re: Updates missing force install via XDR

Re: cyvrtrap.dll causing spoolsv.exe crashes?

Re: Cortex XDR Analytics BIOC Rules' Severity

Re: cyvrtrap.dll causing spoolsv.exe crashes?

Re: Security Setting - allowed sessions via approved domains

Unlock your full community experience!

Resolved! XDR integrates Fortigate but doesn't see data in dataset

Resolved! What is the relationship between XDR and Datalake

Resolved! create custom xql widget

Resolved! Cortex XDR makes visual studio run slower

Resolved! Apples Software Update gets blocked by Cortex XDR

Resolved! Does Cortex XDR provide protection for WSL running on Windows 10?