This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

XDR API for Policy Management

Is there an API in XDR for Policy Management?

I'm trying to get the list of policies, profiles and their rules.

There is /public_api/v1/endpoints/get_policy (Get Policy • Cortex XDR REST API • Reader • Palo Alto Networks documentation portal)

Howeve

...

RishitShah_0-1703167831594.png

Resolved! retrieve RDP informations

Hello and sorry for my bad english,

 

I want to retrieve informations about RDP connection to computers. 

When computer A connect to computer B with RDP, on computer B (destination) windows log this event :
Event Security with ID 4624 et logon type 10

H

...

LECORRE by L0 Member
  • 1151 Views
  • 2 replies
  • 0 Likes

Resolved! Connect New XDR Tenant with Existing Broker VM

Hello

We are migrating our existing XDR tenant due to region issue. We have got our new tenant and Basic configurations are done. 
I have a question regarding the BrokerVM. Do we need to create new broker VM for the new tenant or we can use our existi

...

Cortex XDR Software Inventory

Hello,

I am curious as to what data Cortex XDR pulls to put together a software inventory list. I am trying to create a script to uninstall a program on an endpoint and the last resort method the script does is deleting all program files (both in Pro

...

Turn on Bitlocker?

We are in the process of rolling out Cortex XDR to our organization. I saw the new BItlocker status screen/policies.

I'm struggling to understand if I can enable Bitlocker with this policy, or if this is just a way to ensure the devices are complaint

...

pkawula by L1 Bithead
  • 9639 Views
  • 9 replies
  • 0 Likes

Cortex XDR linux memory usage

Hello ,

 

Can someone please help me to understand the Cortex XDR logs for memory usage by cortex XDR service.

 

below are the consumption details in logs.

 

"trapsd_memory_private_usage": 606146560,
 "trapsd_memory_working_set": 4232118272

which memo

...

Resolved! How to retrieve an incident related file

Hi,

I want to download an incident related files in Cortex XDR, but one of them is already quarantined so when I try to retrieve it nothing happens since it's not in the original location anymore. Is there any way to download it without restoring it

...

Upgrading from Cortex XDR prevent to XDR pro

Hi All,

 

Finally we will be upgrading our Cortex xdr prevent to the pro version. Though we would be getting professional services support on this, I need to understand the entire project plan for this Can anyone help me understand as I would be leadin

...

AsifSid by L2 Linker
  • 5970 Views
  • 3 replies
  • 0 Likes

Resolved! IOC Upload through API - Security Level Advanced

Hello dear community, 

 

my ps script is ready to upload IOCs with least privilege. 

But I want to know, what kind of security risks we have if we don't use the Advanced security level? 

Has anybody of you a ps snippet where the api key is hased like

...

RFeyertag by L4 Transporter
  • 1581 Views
  • 2 replies
  • 0 Likes
  • 1952 Posts
  • 78 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks