Cortex install fails on the Machines with Traps

the Cortex install fails on the systems which already has Traps (previous EPP)

I have tried this command (below) which was recommended by Palo Alto, was working previously for few systems, but isn't the same now

msiexec /i \\fps01\Users\rinesh.nanu.2\

News about CPATR-10685? This bug is disrupting production

Hello Everyone,

Does anyone know where I find more information about this bug: CPATR-10685? We reported an issue where if the malware scan is running a dll cannot be loaded twice because Cortex XDR will block it and were given this bug number, but I

Cortex XDR - False positive - Cloud2Model Manager 1.005

hi,

Some of the users of Cloud2Model are resporting that Cortex XDR is blocking the installer "Cloud2Model Manager 1.005 x64 setup.exe" with this Cortex XDR code: c0400055. This is a legitimate application and the installer is signed with a EV code ce

Pro Per TB License Not Used for 14+ days

Hello LIVEcommunity received the following email from Cortex Customer Success <noreply@paloaltonetworks.com>, but I am a contact on several different customers/tenants of Cortex.  How does one know which customer this is for?  
May I suggest that a Te

Filtering by Endpoint groups

I am trying to write an XQL query that will only focus on the endpoints that I have defined in my endpoint groups and not all endpoints in the xdr_data dataset.  

How can I filter the xdr_data dataset by endpoint groups?

Block md5 hashes

Dear team,

is it possible to block IOC based md5 hashes in cortex xdr?

admin applied agent tags

I have a few XDR deployments I manage and one this I miss is the ability to tag objects like I can on firewalls.

This would be useful for a number of tasks from:

- filtering views/dashboards/reports

- adding agents to dynamic agent groups

- assigning po

Status Cortex XDR

Hello community

Do you know where can i see the percentaje uptime of CortexXDR service?

I know about this link: Palo Alto Networks Cloud Services Status but it did not help me.

Cortex is not revoking non-persistent VDI license after user logout

Hi Community,

We have one golden image and non-persistent VDIs are spawning from it. we installed traps in the golden image with VDI enabled=1.  I can see the golden image install type is coming as a golden image, but the VDI generated from this has

Inconsistent XQL search results

When carrying out XQL search...."dataset = xdr_data | fields action_country | dedup action_country"

I receive a set of results with different action_country values as expected.

If I then take one of these values ie Switzerland and run "dataset = xdr_da