Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Resolved! XQL Query to Help Create Correlations Rules

Hello i'm trying to do query for the specific fields in the datasets, im trying to do regextract to filter out some specific value in the fields then i use alter to move it to the new fields. But the problem is the value of the fields that im trying

...

F.Triaji by L0 Member
  • 405 Views
  • 2 replies
  • 0 Likes

Legacy Agent Exception

Hello, 

I have a file and when I run it, Cortex XDR blocks it and shows me some information:
"""

Application information:
Application name:  Windows Explorer
Application version:  10.0.22621.3007
Application publisher:  Microsoft Corporation
Process ID:  

...

Resolved! Cortex XDR alert log notification delay

Hi All:

 

We found that the Alert notification sent by XDR was delayed in delivery.
It often took over a minute to arrive, and on one occasion it took over forty minutes for our log server to receive it.
Does anyone know how to improve this issue, or i

...

Resolved! Periodic Endpoint Scanning Report

Hi All,

 

We have configured periodic endpoint scanning in all the malware profiles in our infrastructure. We needed to get the scanning report, or at the very least, the scan's status, such as how many systems got scanned or failed. How and where ca

...

MithunKT by L2 Linker
  • 2898 Views
  • 6 replies
  • 0 Likes

Secshow.net

Hi All,

 

can you help for information i need

attach the picture.

what are the meaning thread id tunneling:secshow.net ?

 

thanks

1000003980.jpg
ade.reza by L0 Member
  • 3796 Views
  • 12 replies
  • 1 Likes

Notification when alerts/Incident is resolved

Hi Community

I am trying to get notifications when alerts or incidents are resolved but it doesnt seem that there is a direct way to do so.
So is there a way to send a notification (Syslog or Email) when an alert or an incident is resolved?
Thanks in ad

...

Belhaj_a by L0 Member
  • 213 Views
  • 1 replies
  • 0 Likes

Resolved! Automatic retrive alert data on VDI XDR

Hello,
In my company, we have many non-persistent VDIs, and sometimes an alert arises and I couldn't perform the 'Retrieve alert data' because when i see alert the user has already logged out of the VDI.

My question is, is it possible in the Cortex X

...

  • 1763 Posts
  • 79 Subscriptions
Top Liked Authors