Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Cortex XDR linux agent questions

Hi all, I've a few questions about the linux agent:

- Are there any special permissions that i need to give the agent?

-What to do if i have an agent that doesn't want to checkin with the server? the pc is on, the service is up, and i did a manual chec

...

Cortex Data lake License

Our client has recently purchased the Cortex Data Lake license and we are trying to set this up for them. The firewalls are on version 10.0.7 and have valid certificates but under "Device -> Licenses", we do not see a license for Cortex Data Lake  de

...

cortex.JPG

Possible FP alerts on linux

Hi,

I seemingly have a problem with the xdr agents installed on ubuntu workstations -I get "local malware analysis" alerts on seemingly benign programs and executables such as chrome, VS code, systemd and such.

WF shows either benign or unknown. 

Proble

...

Resolved! Broker VM

Hi everyone

 

From the Ingest Logs from Elasticsearch Filebeat documentation, it mentioned "use the broker VM to proxy Filebeat communication". May I know how to configure the broker VM as proxy for Filebeat communication?

 

 

 

weejh_1-1635231084634.png
weejh by L1 Bithead
  • 4452 Views
  • 5 replies
  • 0 Likes

Can Cortex XDR be installed to be standalone?

We're in a situation where HQ has moved to Cortex XDR, at the satellite facilities, there are PC/Laptops that never touches HQ network and are often standalone systems or is on a competely separate domain and those domain is to never communicate with

...

Vudoo408 by L0 Member
  • 2996 Views
  • 1 replies
  • 0 Likes

Endpoint disconnected - Admin console

I am having issues with an endpoint connecting to the Cortex XDR dashboard,

The Cortex XDR console from within the OS is showing as 'Enabled' however it is disconnected from the endpoint administrator console.

 

I have attempted restart the services usi

...

KirkH by L0 Member
  • 2946 Views
  • 1 replies
  • 0 Likes

Windows version 21H2 - Cortex incompatibility

Hi,

 

We received a PA notification about Microsoft Windows 10 version 21H2 running on specific hardware architectures are incompatible with a security engine in Cortex XDR agent 7.0.0 – 7.4.0.

 

In our case we have the following scenario:
- Cortex agent

...

BigPalo by L4 Transporter
  • 4453 Views
  • 3 replies
  • 0 Likes

Live Terminal over Broker VM

Hello everybody.

 

I want to know if we can initiate a live terminal session over Broker VM ( our agents dont have internet access so they use Broker VM ). 

1) In documentation Palo Alto say that network requirements for Broker VM are these:

     - br-<X

...

Memory Corruption Exploit Alerts - Incidents

Hello LiveCommunity, I wondered if any others are seeing a very high number of recently created (in the last few hours) "Memory Corruption Exploit" alerts in Cortex XDR?

Beginning around 1015 Pacific this morning (11 Oct) thru as recent at 1518 Pacifi

...

  • 2027 Posts
  • 81 Subscriptions
Top Solution Authors
Top Liked Authors