This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 1246 Views
  • 0 replies
  • 3 Likes

bulk broker vm modifications

Hello,

we did a tenant migration and for some reason a lot of broker VM settings are still pointing to the old one.

We were wondering if it was possible to change the settings for it in bulk.

Thank you for your inputs.

Liosan by L0 Member
  • 352 Views
  • 2 replies
  • 0 Likes

Resolved! Delay in launching in-house apps

Our users have noticed there are delay in launching in-house developed apps (20+ apps) for the first time, the delay would take 10-20 seconds, once the app initally launched, the later, it would take 2-3 seconds to launch. The apps are located from s

...

Resolved! Rare Login Query Not Working

 

Hi team, 
I made a correlation query that looks for logins that haven't been seen on the servers in the last 7 days. This filters all successful login to endpoint type servers.

preset = xdr_login_events | join type = inner (dataset=endpoints | fiel...

a2123k1 by L1 Bithead
  • 1016 Views
  • 1 replies
  • 0 Likes

Cortex XDR Process Exclusions

We are deploying Cortex XDR to Windows servers initially in Report only mode and seeing memory Utiliziation on some servers ranging 500 MB- 1.2 GB. Is this considered to be normal?

 

Advise we receive was that we don't need to exclude ceritan process

...

Namalw by L1 Bithead
  • 467 Views
  • 1 replies
  • 0 Likes

Code signed executables

A colleague raised a query with regards code signing certificates?

 

For example if files are created, remodified and recompiled, the Sha256 will change every time, and these would need to be Whitelisted every time.

 

The question asked is if we are

...

custom scan with xdr agent for linux

Hi,

i would like to know if it's possible to do a custom scan for a specific file like we can with the cortex agent for windows but i would like to do it for linux.

 

I just see how to launch a global scan under linux but not a specific file.

Thanks

...

Groche by L0 Member
  • 362 Views
  • 1 replies
  • 0 Likes

Cortex XDR on Windows 10 LTSC

Hello,

We have not been able to install cortex XDR on a windows 10 LTSC machine. It starts to install but then fails. Is there a separate installation for Windows 10 LTSC machines?

M.Mills by L0 Member
  • 351 Views
  • 1 replies
  • 0 Likes

Split nested JSON

I have a field named "ModifiedProperties" and it has values like this below, I cant for the life of me figure out how XQL splits these up, Splunk uses SPAN or MVexpand and it works like a champ but i cant figure out what function does the same thing

...

Resolved! How to check powershell version at cortex XDR

Hi everyone,

 

I'm a beginner of Cortex XDR.

 

I need to confirm what devices have older versions of powershell installed and when I search for apps named powershell using host inventory I can only get 300+ results for powershell 7.

I changed some ke

...

  • 2405 Posts
  • 89 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks