This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 744 Views
  • 0 replies
  • 2 Likes

IPv6 feature

Hi, 

 

Prior to the release of the cortex feature update, were IPv6 enpoints not supported by cortex XDR? Have any new IPv6-related components been added?

Where i find PSE-Cortex exam information?

I can't find information about this PSE-Cortex exam on the official site. And yes, how to prepare for this exam, with which practice tests can I prepare for this exam? I have consulted many certified people, and they have mentioned many sources.

 

Resolved! Deploying XDR Agent for Mac with InTune

Hi all,

 

We're trying to bring our few Macs into the systems management fold, and being a Microsoft shop we want to use InTune to manage them.

 

Most Mac packages install files and then are configured in a separate set of commands after install. The XDR

...

m455954 by L0 Member
  • 16522 Views
  • 13 replies
  • 1 Likes

cyvrtrap.dll causing spoolsv.exe crashes?

We updated Cortex XDR agent on a number of VMs and on some of them the Print Spooler service (spoolsv.exe) started crashing repeatedly, causing disruptions to operations.

Is this a known issue? Are there available workarounds or ways to resolve it sh

...

kindzma by L2 Linker
  • 3010 Views
  • 9 replies
  • 1 Likes

Partially Protected - Operational Status Data

Hi!

 

I have a machine with Operational Status Data as:

 

Xdr Data Collection Not Running Or Not Sent

Module is disabled by Adaptive Policy

 

Btp Not Working

Module is disabled by Adaptive Policy

 

How can I remediate this machine so that its status

...

ndrmndz by L0 Member
  • 7598 Views
  • 4 replies
  • 0 Likes

Resolved! XDR Log and Quarantine Disk Space Retention

Hello-

 

Does anyone know the following details to how the product manages the retention for logs and quarantine?

I understand you can set the log quota to a specific size.  This will leverage that on local disk.  What I am not clear on are the followin

...

Cortex XDR XQL Query


Hi, 
I wanna sort my query as operational_status in (UNPROTECTED, PARTIALLY_PROTECTED) everyday (Like from Monday to Sunday Statistics) 
My query looks like this 
config case_sensitive = false
| dataset = endpoints
| filter operational_status in (UNPROT

...

Resolved! LSASS creating a cache1.bin on appdata

We have an alert on 2 different device that LSASS is creating a cache1.bin on app data.

All are created by NT\SYSTEM

 

Location detected

C:\Users<my username>\AppData\Local\Microsoft\Windows\SFAP\cache1.bin

C:\Windows\ServiceProfiles\UIFlowService\Ap

...

Winget Command

Hello dear Community,

 

I have the following problem: I can’t use the Win-Get command on the XDR terminal in Cortex. Can someone help me to make this command executable on the PowerShell XDR terminal.

 

 

FRafuna_0-1723637086115.png
F.Rafuna by L0 Member
  • 1689 Views
  • 3 replies
  • 1 Likes
  • 2279 Posts
  • 86 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks