Resolved! Create notification/alerts for failed upgrade and outdated endpoint

Hello,

I would like to be notify when an endpoint is outdated or when an upgrade failed.

I'm aware there is the notifications pages,

LIVEcommunity - Notification if Cortex XDR agent fails to upgrade - LIVEcommunity - 531271 (paloaltonetworks.com)

Resolved! Cortex XDR IOC Incidents Query

Hi Team,

We have detected several IOC incidents in the Cortex XDR console. The action status for these incidents is marked as 'detected,' but upon further investigation, we found that the internal network team had prevented these incidents in the P

Resolved! XDR on Kali Linux

Hi All,

Can we install XDR on Kali Linux?

Regards,

Shahwaz

Resolved! External Application - Fowarding incidents generated in XDR to Microsoft Sentinel

Hello,

Currently we are sending all the incidents generated in XDR to Microsoft Sentinel and a new incident will be created in Sentinel. When we close an incident in XDR console, we are closing that incident in Sentinel manually.

We would like to k

Resolved! Cancel bulk scanning in progress

How to cancel a bulk scanning initiated which is showing in progress state. Even "cancel for pending endpoint" is also no longer working.

Resolved! Cortex XDR 7.4.1 crashing server

After the installation of xdr 7.4.1, our domain controllers began crashing, and even after a reboot they would lock up.  Has anyone had any issues with the 7.4.1 release on Windows Server 2012 R2?

Based on a Windows Dump, Microsoft reported the follo

Resolved! Post detected by Wildfire

Hello dear community, 

what means Detected (Post Detected)? 

In our case, we see pdfpower.exe incidents popping up, the user says he didn't download anything to the incident time.

I think, the agent is scanning the OS, when there is allready a quaran

Resolved! Event Logs That Are being Gathered With Cortex XDR - Windows

Hi Everyone,

I was doing some research on Event IDs that are being gathered by Cortex XDR and I came to the conclusion that the Event ID needs to be enabled on the Windows first so XDR is being able to gather them.
XDR probably does not overrule th

Resolved! ShroudedSnooper targets security components of Palo Alto Networks Cortex XDR

Hi All.

There is a malware that is targeting the components of Cortex XDR, I checked the security advisories page from Palo Alto but did not find anything related to it.

Can someone help me find out if there's anything from PA regarding the same an

Resolved! Events That Cortex XDR is Logging

Hi everyone,

Does anyone have a list or any reference to a document where I can see which logs Cortex XDR is gathering from a Windows endpoint? For example, to clearly know, that XDR is gathering all file event types, process creations, gathering even

Resolved! C:\ProgramData\Cyvera\Ransomware folder

Hello there,

What is the purpose of this folder(C:\ProgramData\Cyvera\Ransomware) for Cyvera? Couldn't find even a mention for it so it decided to ask the community.

Thanks