Hello ,
How much disk space should be ideally assigned in cortex XDR agent setting for XDR agent logs? by default it seems palo alto has set 5000 Mb space . does reducing this space affects the performance of the system or functionality of cortex
...
Hello ,
is there anyone aware for the methods to apply and remove the tags to multiple endpoints in cortex xdr without using any filters.
Cortex XDR
If anything needed executable are blocked by the XDR previous we used to add that ***.exe in malware profile. But now we faced that issue that client has connected the clickshare(PC Screen Share) Equipment as it's an external equipment connected to U
...
Hello All:
Our host_names are formatted the same across our fleet. I'd like to pull out the 5-8 characters in the hostname. We've tried using trim, ltrim and rtrim, and even with them nested. Any suggestions?
In this example WX260920162Q2R
we
...
Hi,
Would changing the default password change the installer password as well?
Thanks
Does Palo Alto perform any testing on minor content updates for Cortex before publishing them?
I'm looking for any documentation that outlines this testing (if any) to support a compliance requirement.
Hello dear community,
how do we delete the collected forensic data? Is there a option to do this? I was testing around with the forensics addon and collected from some agents, but now I want to get rid off.
Example Screenshot
Thanks
BR
...
We have written a query to get certain files types being downloaded from browser process and get its parent process details etc. When we try to add the field event_sub_type we start receiving and error. If we exclude the field from the query we get p
...
What are the differences between Exclusions and Exceptions and related best practices?
Cortex XDR
Hello,
For firewalls managed with Panorama there's a setting in Panorama "Buffered Log Forwarding from Device" which tells the firewall to buffer it's log in the case of loss of connectivity with Panorama.
Does anyone know if there is an equivale
...
How do I filter out excluded=Yes Alerts. I'm getting emails about alerts that are already excluded?
Recently i have noticed that there is another folder which has been created under PA Cortex folder as below:
"C:\Program Files\Palo Alto Networks\Cortex XDR Health Helper"
Inside the Folder there is PE which is xdrhealth.exe, what is the purpose of t
...
Hi,
I need to get the correlation between url that are being access and found through url filtering in PA FW and xdr agent that shows me which machine are accessing this url.
In Cortex XDR I can see the the log from PA Firewall, source ip it is our
...
Alerts(incidents) are getting generated from the machines which are Not showing in the endpoints(Not reporting to console)list. what would the issue or backend path
Hi to everyone.
We have anti-ransomware feature set in "aggressive mode"
The aggresive mode files cause the backup software of PCs to fail, and thousands of "There was a general error processing this file. Please retry it and if the problem pers
...
