Hello,
We are facing issue while working with excel files when cortex is enabled, when we disable the protection excel start working properly, but when we again enable it, excel takes long time to open or close the file.
Kindly suggest.
Than
...
Hello to all,
I am experiencing a problem on a machine where scans are pushing the overall CPU load to 100% for several minutes to several hours and only slowly decreasing.
This causes problems for the use of the Syngo.Via software installed on thi
...
Hello,
We intend to initiate malware scans on all endpoints. Which is the best approach to perform a periodic scan, is that on a weekly or monthly basis?
Pretty simple need here....
Installing the latest version of WSUS Automated Maintenance from AJ Tek on our WSUS server and Cortex is blocking it with the description "Suspicious executable detected". How do I allow this to install? Is the best way
...
A number of our customers are complaining about our domains being flagged and, in some cases, blocked by Cortex XDR.
The domains in question are:
limacharlie.io
9157798c50af372c.lc.limacharlie.io
70182cf634c346bd.lc.limacharlie.io
4d897015b0815621.l
We have a support ticket open for "informational" analytic BIOC rules that are not alerting.
These do not show up in the incidents or alert table, but the number of alerts in that column has more than 0
Support has indicated there is not a way to view
...
HI
We are using cortex XDR and planning to deploy the XSIAM. We are working on the deployment. While reading the below document for collecting Windows events,
XDR Collector Machine Requirements and Supported Operating Systems • Cortex XDR Pro Admini
...
Hello to All,
I have made an interesting article about Cortex XDR use case for using isolation exclusions/exceptions when having VPN agent that blocks network traffic based on DNS FQDN Domains:
https://live.paloaltonetworks.com/t5/general-artic
...
Hello everyone,
I am searching for a test file, which gets Post_Detected by XDR.
I can´t find an official test file from Palo, maybe somebody in here has one.
I will run this on a lab so no worries.
Kind regards,
Marinus
Hi community,
Starting with this disclaimer: Yes I know the product is designed to scan on execution and what I'm asking may not be most effective, but hear me out...
Is there a way to setup a periotic scan to only scan a single folder, not a full
...
Im attempting to get out the email address listed as User Principal Name in a 4720 event ID
Any help or explanation would be appeeciated
dataset = xdr_data
| filter action_evtlog_event_id = 4720
| alter User_Name = arrayindex(regextract(action_evtlo
Hello dear PA community!
It would be helpful, when there would be a possibility to tag an IP in Asset Management. We would like to enter the real Asset behind it.
They have fixed IPs and we would like to have a chance to work with it.
BR
Rob
Hello,
Is there any document regarding the steps to Deploy Cortex XDR Broker VM through VMWARE ESXI.
Hello
I would like to customize the standard "Detections By Actions" widget to filter only on true positive (resolved) incidents - for the last 30 days.
And I would like to customize the standard "Open incidents by severity" widget to apply on all in
...
