This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4358 Views
  • 0 replies
  • 3 Likes

MOQ - Cortex XDR NFR

Hi team, May I know, what is minimum quantity to purchase for Cortex XDR (Prevent and Pro) NFR? Also, is Cortex XDR NFR quotation will consist only 1 line item, no need for any support SKU? Thank you in advance!

Cortex Update

I have an issue when trying to update users to the latest version of cortex. The control panel shows that Cortex is not installed but the Cortex Icon shows up in the system tray and I can access the console from there. When I run the uninstall tool the system does not accept the password which I know is the correct one because it works on other ...

Resolved! Can't uninstall damaged installation of Cortex XDR

Hi all, On one of our pc we can't uninstall the version 7.3.1.20981 of Cortex XDR. When we try to uninstall the program appears the popup with the warning "Cortex XDR only supports per-machine installation" and the uninstall process fails. Cortex XDR agent doesn't communicate with the console. The uninstallation via msiexec doesn't works. Also...

Feature Request: Version Control for Rules

Would anyone else find it beneficial to have version control for rules made in XDR? I feel like in theory it would be a reasonable lift to incorporate version control for changes made to custom correlation rules, for example.

Parksam by L1 Bithead
  • 1467 Views
  • 2 replies
  • 2 Likes

XQL for Creating Multi-Series Line Timechart Graph

Hi all.I want to create multi-line graph, and I can create it. But My XQL query is too long and too many manual operation is there.Do you have good idea for create multi-series line graph? (more shorter one)Example (Just example. There are no Confidential Information)When I have some datesets, and I want to create graph for Log Ingestion count f...

HFukuda_0-1725501004747.png
H.Fukuda by L1 Bithead
  • 2092 Views
  • 2 replies
  • 0 Likes

Distributed network scan and Network Location Configuration

Hello,I need information about these cortex agent capabilities, as far as I can understand:- Is the agent used as a probe to detect machines without the agent installed, if so, what information is obtained Host name, IP, MAC?- Network Location Configuration, is it necessary to configure these parameters for the Distributed network scan function ...

IPv6 feature

Hi, Prior to the release of the cortex feature update, were IPv6 enpoints not supported by cortex XDR? Have any new IPv6-related components been added?

Where i find PSE-Cortex exam information?

I can't find information about this PSE-Cortex exam on the official site. And yes, how to prepare for this exam, with which practice tests can I prepare for this exam? I have consulted many certified people, and they have mentioned many sources.

Resolved! distributed network scan - Network Location Configuration - XDR Agent profile

Hello everyone,Under the prevention profiles XDR agent has the capability to scan your network and find assets not onboarded using ping or nmap.This setting also requires that you enable network location configuration. This is from the docs: "When enabled, the Cortex XDR agent scans your network using Ping or Nmap to provide updated identifier...

Resolved! OS Fingerprinting feature in Distributed Network Scan (Pro version)

Hi All,We are using XDR Pro version with agent version 8.2. I am curious about this OS fingerprinting feature under Distributed Network scan setting in Agent profile. I have already configured Network Location Configuration and also configured other things as shown in the attached screenshot. I was hoping it would return the OS type/version of o...

XDR Screenshot.png
network loc config.png

cyvrtrap.dll causing spoolsv.exe crashes?

We updated Cortex XDR agent on a number of VMs and on some of them the Print Spooler service (spoolsv.exe) started crashing repeatedly, causing disruptions to operations. Is this a known issue? Are there available workarounds or ways to resolve it short of downgrading the agent? Sample events: Log Name: Application Source: Applicat...

kindzma by L2 Linker
  • 5547 Views
  • 9 replies
  • 2 Likes
  • 2599 Posts
  • 98 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks