This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4402 Views
  • 0 replies
  • 3 Likes

Problems installing Cortex XDR to a user

Hello Palo Alto Team. When installing Cortex XDR on a user, we must disable Windows Anti-Tampering, due to the following error: If Windows Anti-Tampering is disabled, we still have installation problems. Operating system name: Microsoft Windows 10 Pro Operating system version: 10.0.19042 N/D Compilación 19042

irissentinel_0-1637154458742.png
irissentinel_2-1637154670760.png

Cortex XDR high RAM usage

Hello everybody, We have a problem with RAM usage of our Cortex XDR agents. We have seen this issue about 7-8 endpoints for 2 moth. Ram usage of our endpoints increased up to 2 GB. it seems this is not agent version related problem. Because today we also saw this problem in one of our windows servers which RAM usage of xdr was 14 GB ( agent ve...

Resolved! Cortex XDR Broker VM questions

Hi All, Can anyone answer a few questions about Cortex XDR Broker VM? If the Broker VM is being used as a proxy, do the hosts connecting to the Broker VM need to be on the same subnet as the Broker VM or can they communicate with the Broker VM via the default gateway of their VLAN? When defining the proxy server on Broker VM, is the address you ...

Ben-Price by L4 Transporter
  • 4132 Views
  • 1 replies
  • 0 Likes

BrokerVM proxy configuration error

hello, i'm facing this issue when i try to configure the ip addresse of the proxy so i can send logs throught brokerVM: C:\Program Files\Palo Alto Networks\Traps>cytool proxy set "X.X.X.X:YY"Enter supervisor password:RpcClient: SendRequest: Error 13: Cloud Defined proxy 'set' internal error = 4 RPC call for proxy command 'set' failed with er...

NCherbib by L2 Linker
  • 5571 Views
  • 3 replies
  • 0 Likes

Computers do not receive the new update cortex 7.6.0

Hello, everyone,I have 500 computers in the company, every time a new version is released to TRAPS some computers do not receive the update. (About 40 computers). I'm trying to upgrade to the new version of the cortex management interface. But still, the computers don't get the update.It would be great if you can help me.Thank you

Shmuel by L2 Linker
  • 4432 Views
  • 4 replies
  • 0 Likes

Resolved! Is there a good (and quick) explanation out there of how Cortex XDR works on systems?

Hello. I'm looking for a 10,000 foot overview explanation that people may have used in the past or anything written up by Palo Alto? We have a lot of people who are used to the way legacy AV systems work and relied heavily on setting recommended exclusions from 3rd party vendors. Exclusions, I believe, are sort of a last resort but I can't seem ...

CraigV123 by L3 Networker
  • 5410 Views
  • 5 replies
  • 0 Likes

problem with cytool

hello, i'm facing an issue will adding proxy setting using a command cytool i recieve this error "cytool is not recognized as an internal or external command, operable program or batch file." any help please. BR.

NCherbib by L2 Linker
  • 6452 Views
  • 4 replies
  • 0 Likes

Tracking Corrupt Cortex XDR Agents

I am looking for any input on how other customers are handling situations where: 1. The agent is installed on a host and says it is checking in, but it does not appear in the Cortex XDR Console2. The agent is corrupt and has stopped reporting back (due to a failed upgrade or otherwise) I didn't know if anyone has any unique solutions for these s...

XDR Analytics "Failed Connections" alert investigation

Hi all, I am i need of assistance - how should I go about investigating an incident created by the "Failed Connections" alert? I run malware scans on the host that raised the alarm, but what can I do beyond that?I should also mention that whenever such an incident arises, it is not accompanied by a malware alert or anything of the sort.

BrokerVM

Hello, i'm facing an issue after deleting brokerVm from the console management, i'm not able to add it again, any help for this issue?? BR.

NCherbib by L2 Linker
  • 2775 Views
  • 2 replies
  • 0 Likes

Test Custom BIOC Rules

Hi Expert, Please help me to create custom BIOC rules for the testing.My company want to create rules bioc informational if We create/delete spesific file in spesific folder, and the information will appears in incidents.Is it possible? If is it possible, please inform to me How to create that? Thanks Expert, please give me advice

  • 2612 Posts
  • 98 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks