This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4319 Views
  • 0 replies
  • 3 Likes

XDR Broker VM Security: Antivirus Scan/Software and Audit Log Reporting

What is the recommended practice for collecting XDR Broker Virtual Machine logs and sending them to a central repository and performing anti-virus scans? I was advised not to install any software on the Broker VM and if I cannot install software on the Broker VM to handle these security requirements is there a Palo Alto document which states no...

Resolved! Looking for some advice on Java Deserialization Protection and Jetbrains IDEA

Hello,I need some advice regarding the "Known Vulnerable Processes Protection" for Linux. This protection seems to prevent the jetbrains IDE IntelliJ IDEA (version 2023.3 build 223.7571.182) from running because of the Java Deserialisation Protection module (regarding log4j https://blog.jetbrains.com/platform/2022/02/removing-log4j-from-the-inte...

Decio_VD by L0 Member
  • 2302 Views
  • 1 replies
  • 0 Likes

Resolved! Rules for new install server

I would like to set a detect rule for the servers which installed the agent in the last 30days. After 30 days, Those servers will be applied for block rule. The current setting is to select the server in the target and remove it from the target after 30days. In Edit Policy, Target, I can't add install date in the filter. Is there any other w...

File and folders collector

Hi community, I have questions about setting up file and folder collector.I do not understand what the inclusion of logs of this collector gives us.How can I view all files of any formats that are in the folder?What is the vendor and product responsible for?I ask you to bring an example, in the official guide it is written very briefly Cortex XDR

Resolved! XDR DNS Query Non-Existant Domain (Internal domain)

Hi Community, Hope fellows can provide some insights. I have received a suspected DGA alert from my MSSP and upon validating with XDR, it shows Network Services is making such queries. As the domain is my internal domain with gibberish sub-domain, I'm fairly confident this is not a positive DGA incident. What might cause such behavior?Please n...

Full path not always available for mouse capture

Good morning. The provided image is a screencap which appears when I select a single Result in an Incident. Notice that I used the mouse to select the entirety of the path which appears in the browser, while the hover shows that there's much more path that's unavailable for mouse selection. There doesn't seem to be any tools which make the w...

export/view information about Windows endpoints missing with KB

Hi, I'd like to know how I can export/view information about Windows endpoints that do not apply with specific KB by specific ENDPOINT GROUPS. I can only filter by CVES or ENDPOINTS from the Vulnerability Assessment but not with KBs. My second question is there a way to query if, for example, a Windows endpoint is not applied with the latest c...

Resolved! Regarding agent upgradation.

There are few workstations and servers that are still running on 7.5 and we cannot upgrade them to the latest version as the package is unavailable and saying removed by Palo Alto Networks. Can anyone please suggest how we can upgrade those systems to the latest agent version.

  • 2583 Posts
  • 95 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks