This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Resolved! XQL filter o365 attachments

Hi,
 
I am trying to filter o365 attachments without success, could you help pls
 
sample
[ { "@odata.type": "#microsoft.graph.fileAttachment", "@odata.mediaContentType": "image/jpeg", "id": "AAMkADEzYjJhMzM1LTY0ODctNGUxOS05ZDc5LTQ2MW
...

Cortex XDR with VDI persitent Desktop

Hello,

 

We use the Vmware Horizon VDI solution in Instant Clone with FSLogix profiles and a dedicated machine based on a Golden Image (Automated, Instant Clone, Dedicated).

 

A user therefore always connects to the same machine, which is updated fro

...

Help with t XQL BIOC/Correlation rule

Hi ALL,

New to XDR world,  

I am have a XQL query against a 2FA log which looks for user login (fail or success) from 2 different countries in 3 hours. 

Query looks like  

dataset in (XXX_raw)
| filter eventType = "User.Login" // look for  login events
|

...

XQL Query to view the "Incident Name"

Hi People, 

 

I was wondering if anyone could assist me with XQL Query to display the Incident name. Please refer to the attached photo to get an idea of what I am trying to achieve. I have used the xdr_data dataset, however i cannot find the relevan

...

Cannot remove/install xdr agent

 

Hi everybody !

I would like to find out how to download the XdrAgentCleaner.exe to remove cleanely old xdr cortex agent ? 
We have several computers on which we cannot uninstall the old agent, you will find the message attached.

 

I have already follow

...

systemsi by L0 Member
  • 3913 Views
  • 2 replies
  • 0 Likes
  • 1917 Posts
  • 79 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks