Arcon Onboarding of Broker VM's

Hi Team,

We are planning to on-board the broker vm's to arcon for which we need the hostname and the user id of these broker vm's. Could you please assist how to get these details for the broker vm's to get it onboarded to arcon. These broker vm's are

UNKNOWN USB DEVICE tdevflt.sys

Hi, i´ve a USB port problem.

I´ve already update all the lenovo drivers both automatically and manually and it didn't work. The PC keeps blocking me the USB ports.

When i was looking for the solution, we tried to disable the cortex agent and after a

Broker Link

Hi, I need a method to identify endpoints in my environment that are not communicating or linked the broker but Cortex is installed, noting that those machines do not have internet access.

Thanks,

URL & Application level blocking possibilities in Cortex XDR.

Hi All,

Hope you all are doing good.

Can anyone help me to understand the possibilities of url and application-level blocking in XDR?

Following are my scenarios,

1. Blocking of URLs in XDR. 

2. Blocking of execution/installation of specific app

XDR Agent Auto Upgrade installer has timed out.

Hi everyone,

I have a customer who has configured the automatic upgrade of XDR Agent, when the new version is released, only a small number of Agents have completed the upgrade, a large number of Linux hosts have failed to upgrade, and the Last Upg

XDR Grafana Auth error

Hi everyone,

i need your help, i've see all posts related with grafana and Cortex XDR and i've one problem.

When i try authenticate with API , using postman, and set enviroment, the post for get endpoints works...but grafana not work.

but when

Unable to retrive downloaded exe's

Hello everyone,

I was trying to check all the downloaded exe's via firewall on all the endpoints in past 24hrs. I tried retrieving all downloaded exe's in downloads folder with the help of this query below. 

dataset = xdr_data
| filter event_type =

XDR & Java installs

With the upcoming Oracle Java license changes, I'm looking into using XQL to report on existing installs, and potentially a process based BIOC to block new installs which would incur a licensing fee. 

Anyone familiar with Java know how to differentiat

SearchHost.exe

Hello Everyone,

I am new to Cortex XDR. I wanted to ask what is searchHost.exe? and if it is safe when it generates alarm (level Medium) in Cortex XDR? If not then any recommendations?

Thanks

Uninstall Cortex XDR Agents from endpoints programmatically

Hi, 

I would like to programmatically uninstall agents from endpoints but are running into dead ends. 

Currently, based on the documentation (https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Prevent-Administrator-Guide/Uninstall-the-Cor

Cortex XDR VDI_ENABLED=1 and TS_ENABLED=1

I want to know about how TS_ENABLED=1 and VDI_ENABLED=1 command works during installation.

And how Temporary sessions are managed by Cortex XDR Agent.