If we keep Agent Status Configure the Cortex XDR Agent license revocation and deletion period connection lost as 30 days and Agent Deletion days as180 days will the entry be deleted from the console will it delete logs also for the deleted entries be
...
Does anyone know a way to search DNS requests from an Endpoint? Seems like it should be possible with XQL Query but I can't find the right fields.
Hello,
Looking to set up FIM using the Cortex XDR agent and from what I have found so far, it seems unsupported. Has anyone set up FIM using any method?
The only possible option I have found so far is maybe using an auditbeat with the FIM module:
...
I have witelistet choesity agent but i keeps trigger
PowerShell script executing with iex from suspicious script source - Behavioral threat detected (rule: dotnet_iex_suspicious_source)
Sep 30th 2022 16:04:40 SYSTEM powershell.exe 25384 29488 Proc
Hello,
Generally what is the resource utilization (memory, CPU, etc. ) by the XDR agents during the scans.
