Resolved! XDR Resource IPs for Connectivity to XDR Server

Dear experts, 

From the following resource table, two json tables for GCP are provided (one for Google subnet and another for Google IP range associated with my region)

Question:

For the connectivity, do we need to allow all GCP IP range (in the

Resolved! Agent v.7.9 Removed???

Hello experts,

From the matrix, v7.9 supposed to be the last version to support Win7, just found out 7.9 has been removed from the Agent installation while creating an installer. 

Do we need to "downgrade"/use much older v5.0 instead???  

Resolved! Hashes of the attachment from the o365 log

Dear community,

I've been evaluating the benefits of ingesting o365 logs so far. Seeking those who have the mentioned logs ingested into Cortex XDR -

does Cortex XDR review and raise alert using the hashes of the attachment if the attachment is a mal

Resolved! Requesting Clarity on XDR XQL API Logging (timeframe related)

Hello Team,

We are using XQL to query data from cortex API for windows event logs.

Our query run every 5 minutes and we have used parameter timeframe in the query. This parameter is provided in the API documentation.

However, when we pull the logs,

Resolved! Upgrade agent fails

Hi team

I am trying to update an agent but it shows me "the installer has timed out" on the logs, I checked upgrades logs and I see the next message "Distribution ID is missing from installation package" I thought that it could be an issue related to

Resolved! Windows Server 2008 and Cortex XDR 5.0

Hello,

Just to be sure. Are the Windows Server 2008 secured with the Cortex XDR 5.0 agent as the Windows Server 2003 are, until June 1, 2024 ?

I mean, it's not clear when I see that : 

Resolved! Cortex XDR Incident integration splunk tool

We are currently integrating the Cortex XDR incident logs with the Splunk tool. Currently, the incident logs are visible in the Splunk tool, but certain essential fields required for conducting an XDR log investigation are not available in the existi

Resolved! Difference between host_inventory and endpoint in XQL Query

Hello,

I'm trying to search for all installed vpn on endpoints using an XQL Query.

Before going further in my query, I'm trying to list all hosts where the application name contains "*vpn*".

This result and the result from host insight doing the

Resolved! Cortex XDR: Bitlocker Monitoring

Hello everyone,

We are looking at using XDR to monitor Bitlocker status on Windows machines. On the 'Disk Encryption Visibility' page, we can see the Encryption status, but there is no way to filter on 'Unencrypted' drives.

- Does anyone know of an X

Resolved! Cannot delete endpoint group

Please note that this group is defined as an endpoint scope in the user permissions

Remove all references to this group before deleting.

I checked for scope references i