This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Resolved! Cortex XDR client preventing Windows boot

Our organization has started using Azure AD and Intune for managing PCs, and the enrollment include the deployment of Cortex XDR client. So far, we've had no issues during our (slow but surely) transition.

But last week I encountered a strange problem

...

XDR Client version 7.5.0 High Memory Usage

We recently upgraded our XDR Clients from 7.4.2 to 7.5.0. Since the upgrade a lot of our Windows Servers seem to be using a lot more memory that what I recall other client versions using. For example, older versions where like 200-400MB of usage but

...

mbahen by L2 Linker
  • 13036 Views
  • 13 replies
  • 0 Likes

Alert USB activity

Hi community,

 

Can I check is there any one create a alert if a user copied more than a certain number of files into a USB drive?

Thank You, Cheers!

BoonHwee by L1 Bithead
  • 2719 Views
  • 1 replies
  • 0 Likes

Resolved! Cortex XDR Live Terminal problem

Hello.

 

We have a problem about live terminal. When we we initiate live terminal session in endpoints ( all endpoints have same problem ) notification pops up ( about live terminal ) but we see 'operation time out' error in Cortex XDR web UI. Can anyb

...

remove users Cortex XDR

Hi,

 

I'm trying to remove user from "Access Management" in Cortex XDR but I cant find a way to do so.

What is the best way to preform this task?

Thanks on advance,

Ronnie.

 

Resolved! Cortex XDR supervisor password

Hi Team,

 

Some cytool commands were asking to enter supervisor password to proceed, Is this the uninstall password had to set while creating the package? or the Login account password?

 

 

Need to extract installed application.

Hi,

 

I have queries regarding cortex XDR,

 

Does the cortex xdr provide application inventory counts?

 

We want to extract each and every application which is installed in all our network systems but with IP.

 

for e.g, 10.10.10.10 is a system IP, I want to

...

Problem uninstalling Cortex XDR Agent

I often have the problem that the host loses connection to Cortex console due to a failed agent update and I cannot uninstall the agent on it and reinstalling the agent results in a rollback. There is a file named "tdevflt.sys" left in the "C:\Progra

...

Scott103 by L0 Member
  • 4782 Views
  • 2 replies
  • 0 Likes

Query Builder to XQL

I have built queries within builder that I cannot replicate in a xql query

Is there a way to convert them quickly?

The example below was built with the builder, a search for files within removable media for the previous 24 hours

I need it in xql syntax

...

Resolved! Cortex XDR Agent and system logs

Hello All,

 

I am trying to get logs for cortex XDR agent of more than 1 month old, from system and tech support file however not getting any success. Does anyone knows any method by which we can retieve agent logs/tech support logs for more than 1 mon

...

tejasp04 by L1 Bithead
  • 12092 Views
  • 1 replies
  • 0 Likes

XDR agent quota exceeded

We're running 7.4.x currently and we've been seeing a ton of these alerts lately, and it seems to be for the same four or so machines out of several thousand. It is just alert after alert. I checked the log folders on the machines and they aren't any

...

enewman by L1 Bithead
  • 3676 Views
  • 2 replies
  • 0 Likes

Trying to setup Cortex Data Lake

Hi all,  I am new to this forum and new to the job where I am having this issue so please forgive me if this is an easy question that has been answered, I could not find the info I was looking for. I am trying to setup a Cortex Data Lake for my Corte

...

All Cygwin apps see the decoy files

Hi. My organization forced the installation of Cortex XDR 7.4.2.35695 on my workstation and When I use Cygwin it lists the anti-ransomware decoy files. It's especially troublesome when I copy directories because real files are created then.

ncdu 1.10 ...

Resolved! Cortex XDR Forensics Addon

Hello everybody.

I have a question about Cortex XDR Forensic addon. When we enable Forensic addon from Agent Settings profile we see "Interval Hours" for each section. But we can not understand what it is. Also we can not find anything about it in any

...

  • 2010 Posts
  • 80 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks