This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4358 Views
  • 0 replies
  • 3 Likes

Host Firewall

Hello Team, We intend to enable the Host Firewall feature in the Cortex XDR. Please give us a brief overview of how this feature works.

Not able to set Proxy for Windows 2012 servers

Hello , We are unable to see few servers in our endpoint list. But the user confirmed it has cortex installed in it and is enabled also particularly For Windows 2012 servers we're not able to set the proxy and for some hosts last seen connected date is being shown for a previous date. Kindly suggest how can we set proxy for these servers.

Agents Intermittently Disappearing in Cortex XDR Then Shows Up

Hi, Some Agents in Cortex DXR disappears then shows up after few days - no pattern at all If my understanding is correct, if the Agents are disconnected or there's a connection lost, the Endpoint Status column will dictate it. But the Agents in question are not. As in they're like "ghosts" that shows up then after some time disappears. Wha...

katiea by L1 Bithead
  • 4609 Views
  • 8 replies
  • 0 Likes

Operational status unprotected with error message running without valid content

Related to Cortex XDR we are observing operational status as unprotected for some endpoints and the error says running without valid content.But at the same time we also observed some of the agents running on the the latest agent version also having this error(running without valid content) . How do get the hosts in protected operational status...

Resolved! A question from the Endpoint Administration Part 2 webinar: Alert ID

We often notice alert_id out of the numerical order, chronologically, sometimes way off. It appears like XDR is detecting something later and assigning an older timestamp but a new alert_id to detection. Can someone provide some detail/explanation on this observed behavior? Note: This question was asked during a customer success webinar: Endpo...

rtsedaka by L6 Presenter
  • 4454 Views
  • 3 replies
  • 0 Likes

Resolved! Exclusion criteria import

Hi all. Does anyone know of a way - or a work around for the following situation. I have a long list (about 700) IPs that I want to create an alert exclusion from. These are external scanners that our firewall blocks and we get a large amount of alerts because of this. I would like to create an alert exclusion so we no longer have to deal wi...

Pop-up Blocked Alert Not Displaying Blocked File

Hello, A client received a pop-up blocked alert because a suspicious executable was found on their machine. When the client went to view more details, the executable that was blocked was never displayed in the details information. Why is that? By the way this was a post detection blocked Cortex XDR alert. I have attached a screenshot of the al...

Cortex XDR agents upgrade

Hello everybody, Is Cortex XDR agents auto upgrade recommended? We enabled agent auto upgrade at the moment. But we worry this can cause some problems in future. Can anybody give suggestions about this situation? Thanks.

[Network location] - too long to check location

Hi community, Does somebody is using Cortex XDR - Network Localtion (from agent settings profile). My problem is that the network location is too long, specifically when users comme back to our office from their own internet connection, internal profile takes about 2 minutes to change from external to internal. External = restricted firew...

Cortex XDR not detecting malicious files

Hi ,Why Cortex XDR is not detecting malicious files which are present in system.for testing purpose I have downloaded a test malware also but it is not reflected after the malware scan.Can anyone please give clarity on this.Does Cortex detects malicious files only when they are executed ?Does Cortex XDR don't detect files which are not executed...

  • 2599 Posts
  • 98 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks