From the Incidents page to the Alerts table, can you use/share those filters to make Automation rules?

I have created some filters (via the Alerts table) while doing some investigations. It ended up being useful and needing an automation rule. However, when I went to the automation page and looked at the filters, they were blank. I shared the filters

Cortex XDR Agent Cloud Compliance

Hi Community,

We are using Nessus scanners. Why should I enable cloud compliance in Cortex XDR agent, and what is the main difference between Cortex XDR cloud compliance and Nessus scanners?

Alert generation / Test cases/samples for Cortex XDR protection module testing

Hello Team, 

Could anyone assist with generating alerts and creating test cases or samples for testing the Cortex XDR protection module?

We successfully generated an alert using a WildFire PE file, but we now need to generate alerts for each policy

Cortex XDR XQL Query

Hi, 
I wanna sort my query as operational_status in (UNPROTECTED, PARTIALLY_PROTECTED) everyday (Like from Monday to Sunday Statistics) 
My query looks like this 
config case_sensitive = false
| dataset = endpoints
| filter operational_status in (UNPROT

XQL Query to find all Mac_OS endpoints and return the version of Netskope installed on the hosts.

I am new to using xql and I am having trouble getting the information I need using a search query. I need to pull a list of all Mac_OS hosts and then within the applications field return the version of NetSkope installed on the client. I have started

Winget Command

Hello dear Community,

I have the following problem: I can’t use the Win-Get command on the XDR terminal in Cortex. Can someone help me to make this command executable on the PowerShell XDR terminal.

Cloud Identity Engine

Hi Community,

We have integrated the Cloud Identity Engine into the environment. Currently, the Palo Alto Hub page shows the Cloud Identity certificate expiring in a month.

We checked the Palo Alto article https://docs.paloaltonetworks.com/cloud-

AWS CloudFormation preset template for Cortex XDR

Hi Cortex XDR community,

We are trying to set up Cortex XDR to ingest cloud assets from AWS. It mentioned that aws clouldformation stack needs to be created using preset Cortext XDR template. Where this template can be found? Is there a link to dow

Why is the interface of my conter xdr different from everyone's

My brother once activated the XDR interface, but I found that their XDR interface was different from mine when I sought help from the documentation.

my:

People in the community:

Why is that, urgent

XDR Agent 8.5.0.2457 on macos 14.5

Hi community,

After my laptop upgrade to the last version of xdr agent i get the following:

Randomly the system looks as if it's loading and after a few seconds it's back to normal. the machine doesn't crash but the mouse keeps showing the hourgl