Cortex XDR Discussions

Resolved! Can't uninstall damaged installation of Cortex XDR

Hi all,

On one of our pc we can't uninstall the version 7.3.1.20981 of Cortex XDR.

When we try to uninstall the program appears the popup with the warning "Cortex XDR only supports per-machine installation" and the uninstall process fails.

Cortex X

...

Feature Request: Version Control for Rules

Would anyone else find it beneficial to have version control for rules made in XDR?

I feel like in theory it would be a reasonable lift to incorporate version control for changes made to custom correlation rules, for example.

Resolved! Cortext XDR Agent Version Registry Key

Hello, can I find out the Cortex XDR Agent Version by querying a windows registry key? If so, where is it located?

XQL for Creating Multi-Series Line Timechart Graph

Hi all.

I want to create multi-line graph, and I can create it. But My XQL query is too long and too many manual operation is there.
Do you have good idea for create multi-series line graph? (more shorter one)

Example (Just example. There are no Confide

...

Distributed network scan and Network Location Configuration

Hello,

I need information about these cortex agent capabilities, as far as I can understand:

- Is the agent used as a probe to detect machines without the agent installed, if so, what information is obtained Host name, IP, MAC?
- Network Location Config

...

"Installation directory should be accessible for user traversing make sure all directory components have at least : ------x--x "

while installing cortex XDR i am facing this issue

"Installation directory should be accessible for user traversing make sure all directory components have at least : ------x--x "

Allowed application still blocked

Hello,

I'm trying to allow a program, after whitelisting it is still blocked. Do I need to modify another rule to allow it?

IPv6 feature

Hi,

Prior to the release of the cortex feature update, were IPv6 enpoints not supported by cortex XDR? Have any new IPv6-related components been added?

Where i find PSE-Cortex exam information?

I can't find information about this PSE-Cortex exam on the official site. And yes, how to prepare for this exam, with which practice tests can I prepare for this exam? I have consulted many certified people, and they have mentioned many sources.

XDR 8.2.1 on domain controllers keeps disconnecting from tenant

Hi all, we are observing this behaviour on some domain controllers where xdr agents losing connection to tenant and the only way-out is to remove them via xdr cleaner and reinstall, only to fail again in a bunch of days.

We are out of ideas, obviousl

...

Resolved! Deploying XDR Agent for Mac with InTune

Hi all,

We're trying to bring our few Macs into the systems management fold, and being a Microsoft shop we want to use InTune to manage them.

Most Mac packages install files and then are configured in a separate set of commands after install. The XDR

...

Resolved! distributed network scan - Network Location Configuration - XDR Agent profile

Hello everyone,

Under the prevention profiles XDR agent has the capability to scan your network and find assets not onboarded using ping or nmap.
This setting also requires that you enable network location configuration.

This is from the docs:

"When

...

Resolved! OS Fingerprinting feature in Distributed Network Scan (Pro version)

Hi All,
We are using XDR Pro version with agent version 8.2. I am curious about this OS fingerprinting feature under Distributed Network scan setting in Agent profile. I have already configured Network Location Configuration and also configured other

...

cyvrtrap.dll causing spoolsv.exe crashes?

We updated Cortex XDR agent on a number of VMs and on some of them the Print Spooler service (spoolsv.exe) started crashing repeatedly, causing disruptions to operations.

Is this a known issue? Are there available workarounds or ways to resolve it sh

...

Partially Protected - Operational Status Data

Hi!

I have a machine with Operational Status Data as:

Xdr Data Collection Not Running Or Not Sent

Module is disabled by Adaptive Policy

Btp Not Working

Module is disabled by Adaptive Policy

How can I remediate this machine so that its status

...

Discussions

Resolved! Can't uninstall damaged installation of Cortex XDR

Feature Request: Version Control for Rules

Resolved! Cortext XDR Agent Version Registry Key

XQL for Creating Multi-Series Line Timechart Graph

Distributed network scan and Network Location Configuration

"Installation directory should be accessible for user traversing make sure all directory components have at least : ------x--x "

Allowed application still blocked

IPv6 feature

Where i find PSE-Cortex exam information?

XDR 8.2.1 on domain controllers keeps disconnecting from tenant

Resolved! Deploying XDR Agent for Mac with InTune

Resolved! distributed network scan - Network Location Configuration - XDR Agent profile

Resolved! OS Fingerprinting feature in Distributed Network Scan (Pro version)

cyvrtrap.dll causing spoolsv.exe crashes?

Partially Protected - Operational Status Data

Cortex XDR Certificate enforcement for Windows and macOS endpoints

Cortex XDR Timeline to XQL

XQL insert group into active directory

XQL Query - Machine Custom Reports

Cortex XDR Forensics doesn't display Endpoints

Re: LSASS creating a cache1.bin on appdata

LSASS creating a cache1.bin on appdata

Re: XQL insert group into active directory

Re: Growth of ARM processors in Windows Ecosystem

Re: Cortex XDR Certificate enforcement for Windows and macOS endpoints

Unlock your full community experience!

Resolved! Can't uninstall damaged installation of Cortex XDR

Resolved! Cortext XDR Agent Version Registry Key

Resolved! Deploying XDR Agent for Mac with InTune

Resolved! distributed network scan - Network Location Configuration - XDR Agent profile

Resolved! OS Fingerprinting feature in Distributed Network Scan (Pro version)