Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
Hello,
We have a server with Veeam Backup, and we are noticing high CPU usage from Cortex.
We have seen that some exceptions might need to be applied:
https://www.veeam.com/kb1999
Would this apply to Cortex?
Best regards.
We wanted to see if we could use XQL to query for if a URL was visited in our environment. Is there a way to structure a working query for this using XQL? We've tried unsuccessfully so far, so we are turning to you, the community.
Thank you for any
...
Hi Team,
How can I create a BIOC rule for large upload activities of more than 1 GB of data in external storage? Please share your input.
I have a field named "ModifiedProperties" and it has values like this below, I cant for the life of me figure out how XQL splits these up, Splunk uses SPAN or MVexpand and it works like a champ but i cant figure out what function does the same thing
...
I kindly ask for your assistance with an XDR XQL query language script to identify devices in the network that do not have the XDR agent installed. Additionally, it would be helpful if the users could be identified from AD or through the DHCP on the
...
below is the query so far but what we are trying to do is get a silent log source detection. For example, one of the log source names has not sent a log in x number of hours then alert. Any suggestions?
dataset = panw_ngfw_traffic_raw | fields log_sou
Hi,
Is it possible to obtain a custom widget like "Vulnerabilities On All Endpoints Over Time" via XQL?
We would like to filter out some endpoint
Is there a dataset with detailed history information?
Thanks
Hi all, we are observing this behaviour on some domain controllers where xdr agents losing connection to tenant and the only way-out is to remove them via xdr cleaner and reinstall, only to fail again in a bunch of days.
We are out of ideas, obviousl
...
Hi. We send Cortex XDR syslog to SIEM. When I check Notification (Settings - Configurations - Notifications) settings, Severity field is available. But on SIEM logs, there is not severity of alert.
Hi Palo Live Community, I'm hoping that someone has worked with Cortex XDR and Azure InTune.
I'm trying to find a dynamic way to apply an extension profile (block USB), in Cortex XDR, targeting specific endpoints that reside in Azure InTune.
Bef
...
Hi all,
In one of our endpoints XDR agent triggerd an alert named '
Dear community,
One of my client is using Google chronicle as their SIEM .
They would like to know and understand what is required on Palo-Alto Cortex XDR side to send their logs to Google Chronicle .
Is there a simple way to do this ?
Do we need
...
Hi, we are experiencing issues with Cortex XDR agent version 8.5 on our PrintServer
We had agents running version 8.4.0 without any errors, but after upgrading to version 8.5, we started encountering printing problems on the servers.
The error is:
Fault
Hi, I'm struggelin' to set a new password. Have tried all kind of combinations. Allways get "Does not meet the requirements."
Please see attached for an example..
I've seen earlier discussions on this. Something does not seem to be working as in
...
Hello PA community,
For all images on customer s OpenShift clusters, they have a policy that all images have to be stored in their RedHat Quay with Clair.
Customer has tried to setup a mirror with the "europe-west4-docker.pkg.dev/xdr-eu-2009645628112
...
