This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 1260 Views
  • 0 replies
  • 3 Likes

IPv6 feature

Hi, 

 

Prior to the release of the cortex feature update, were IPv6 enpoints not supported by cortex XDR? Have any new IPv6-related components been added?

Where i find PSE-Cortex exam information?

I can't find information about this PSE-Cortex exam on the official site. And yes, how to prepare for this exam, with which practice tests can I prepare for this exam? I have consulted many certified people, and they have mentioned many sources.

 

Resolved! Deploying XDR Agent for Mac with InTune

Hi all,

 

We're trying to bring our few Macs into the systems management fold, and being a Microsoft shop we want to use InTune to manage them.

 

Most Mac packages install files and then are configured in a separate set of commands after install. The XDR

...

m455954 by L0 Member
  • 17696 Views
  • 13 replies
  • 1 Likes

cyvrtrap.dll causing spoolsv.exe crashes?

We updated Cortex XDR agent on a number of VMs and on some of them the Print Spooler service (spoolsv.exe) started crashing repeatedly, causing disruptions to operations.

Is this a known issue? Are there available workarounds or ways to resolve it sh

...

kindzma by L2 Linker
  • 3806 Views
  • 9 replies
  • 2 Likes

Partially Protected - Operational Status Data

Hi!

 

I have a machine with Operational Status Data as:

 

Xdr Data Collection Not Running Or Not Sent

Module is disabled by Adaptive Policy

 

Btp Not Working

Module is disabled by Adaptive Policy

 

How can I remediate this machine so that its status

...

ndrmndz by L0 Member
  • 8578 Views
  • 4 replies
  • 0 Likes

Resolved! XDR Log and Quarantine Disk Space Retention

Hello-

 

Does anyone know the following details to how the product manages the retention for logs and quarantine?

I understand you can set the log quota to a specific size.  This will leverage that on local disk.  What I am not clear on are the followin

...

Cortex XDR XQL Query


Hi, 
I wanna sort my query as operational_status in (UNPROTECTED, PARTIALLY_PROTECTED) everyday (Like from Monday to Sunday Statistics) 
My query looks like this 
config case_sensitive = false
| dataset = endpoints
| filter operational_status in (UNPROT

...

Resolved! LSASS creating a cache1.bin on appdata

We have an alert on 2 different device that LSASS is creating a cache1.bin on app data.

All are created by NT\SYSTEM

 

Location detected

C:\Users<my username>\AppData\Local\Microsoft\Windows\SFAP\cache1.bin

C:\Windows\ServiceProfiles\UIFlowService\Ap

...

  • 2406 Posts
  • 89 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks