This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4322 Views
  • 0 replies
  • 3 Likes

Licence Cortex XDR Pro

Hello dear community, I know now, if you have less licences than installed agents, somehow they are degraded to Prevent. Can we see somewhere which one is degraded to Prevent version? How is degrading happen and where can I see it? BR Rob

RFeyertag by L4 Transporter
  • 1381 Views
  • 1 replies
  • 0 Likes

XQL Query: Finding Location of Public IP based on iploc command.

We are trying to find out ASN number, Organization Name, Location, City, Country for public IPs. Below is our query just in case: Note: The query which we ran is applied on interface which are receiving public facing IPs. We filtered that part of the query. config case_sensitive = false | dataset = panw_ngfw_threat_raw | fields rule_matched...

KanwarSingh01_0-1678149273362.png

Which agent version to be installed on Operating system Windows Server 2008 Version 6.0(Build 6003:Service Pack2)

We are unable to see exact agent version details for the Operating system Windows Server 2008 Version 6.0(Build 6003:Service Pack2) in the compatibility matrix sheet by Palo alto only about Windows Server 2008 Version 6.0(Build 6003:Service Pack1) is mentioned there. Kindly help us with which exact cortex agent version needs to be installed on t...

USB PRINTER

Hi I have a issue, In cortex XDR i have usb block policy in that if i remove the ip address then only usb printer is working. I want to block the USB in that pc and same time i want to use USB Printer also. pls give me solution

Resolved! API Cortex Disable Policy

Dear all, Does anyone knows the specific endpoint to disable Policy Rule through the API? In the API Doc only shows get-policy associated to endpoint. Thanks in advance! https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-API-Reference/Get-Policy

luismianton_0-1677584651879.png

Malware Scan

Hello, For Scans applied through polices for the pending machines how long the scan command remains upon scan initiation. for eg: I enabled scan policy on Monday the system was in disconnected state on that day and it comes back online on Thursday will the policy applied to it and initiate the scan on that system. Note: The policy will be not...

Endpoint scanning

Hello, For Scans applied through polices for the pending machines how long the scan command remains upon scan initiation. for eg: I enabled scan policy on Monday the system was in disconnected state on that day and it comes back online on Thursday will the policy applied to it and initiate the scan on that system. Note: The policy will be not...

Compatibility xdr

Is windows os 2008 compatible for the installation of Cortex XDR ? Windows server 2008 and windows 8, windows 8.1? All Windows 8 variants are supported until January 2023 (Microsoft EOL + 3 years). Release 7.9-CE offers continued support for Windows 8.1.

Endpoints beyond license

Hello, Can you please help with the below query. What happens if we install more agents than the license and do those extra agents not work with maximum capabilities? If yes then what are the capabilities that don't work?

  • 2588 Posts
  • 95 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks