As you can see that there is no data in wildfire api key. So where is it because I want to integrate my XDR Wildfire to other products. So How can i find it or How can I generate it? Please explain me well.
How to make BIOC rule in cortex xdr if an attacker tries to upload data to aws from PowerShell CLI? Cortex XDR
Hi All,
We have a few Palo Alto BIOCs that are disabled in our console, does Palo alto disables those rules by themselves if yes where can we find more details about it like why it was disabled in the first place.
Regards,
Shahwaz
Hi all,
My client is facing issues deploying the agent with intune, the agent gets deployed as expected but additional arguments such as ENDPOINT_TAGS="blah" added to msiexec seem to be lost as they can't see them post install when browsing through
...
Hello team,
I have query regarding Cortex XDR Linux agent memory consumption and management.
We have seen multiple cases where Cortex XDR memory consumption is high, however whenever we raise a case we got to know that memory consumption is norma
...
Hi All,
We are using XDR Pro version with agent version 8.2. I am curious about this OS fingerprinting feature under Distributed Network scan setting in Agent profile. I have already configured Network Location Configuration and also configured other
Hello to all,
I am experiencing a problem on a machine where scans are pushing the overall CPU load to 100% for several minutes to several hours and only slowly decreasing.
This causes problems for the use of the Syngo.Via software installed on thi
...
Hi,
As a part of Cortex XDR , I would like to know some benefits of Broker VM
I have gone through some of the docs and it looks like a Separate image that need to be installed. So,
1. Do we have to install it on every endpoint (Ex: 10,000 servers) that
...
Hello Team,
Actually we have exceeded the license quota, i'm wondering how can revoke certificate from unused endpoints and return unused licenses to the pool of available licenses.
Thank you in advance.
Br,
Aymen
I have an issue with CortexXDR. I get errors in the logs every minute from something trying to use an API key that was deleted when one of our security guys left. The source IP for it is our external NAT address that all our internal to external tr
...
Is there a way to take a list and apply as a filter, without adding each one separately
For example, below pasting in a list of endpoint names. instead of typing each one individually
Is there an API in XDR for Policy Management?
I'm trying to get the list of policies, profiles and their rules.
There is /public_api/v1/endpoints/get_policy (Get Policy • Cortex XDR REST API • Reader • Palo Alto Networks documentation portal)
Howeve
...
Hi ,
Some of the mac devices operational status is "partially protected" & we are getting the below error
Xdr Data Collection Not Running Or Not Sent
Agent is not running due to disk space
How to resolve this issue?
Hello and sorry for my bad english,
I want to retrieve informations about RDP connection to computers.
When computer A connect to computer B with RDP, on computer B (destination) windows log this event :
Event Security with ID 4624 et logon type 10
H
regarding our log retention policy on Cortex. Since we have a 30-day log retention period, is it possible to download the logs for the past 30 days from the console each month as a backup?
