Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4433 Views
  • 0 replies
  • 3 Likes

Feature Request: Version Control for Rules

Would anyone else find it beneficial to have version control for rules made in XDR? I feel like in theory it would be a reasonable lift to incorporate version control for changes made to custom correlation rules, for example.

Parksam by L1 Bithead
  • 1543 Views
  • 2 replies
  • 2 Likes

XQL for Creating Multi-Series Line Timechart Graph

Hi all.I want to create multi-line graph, and I can create it. But My XQL query is too long and too many manual operation is there.Do you have good idea for create multi-series line graph? (more shorter one)Example (Just example. There are no Confidential Information)When I have some datesets, and I want to create graph for Log Ingestion count f...

HFukuda_0-1725501004747.png
H.Fukuda by L1 Bithead
  • 2194 Views
  • 2 replies
  • 0 Likes

Distributed network scan and Network Location Configuration

Hello,I need information about these cortex agent capabilities, as far as I can understand:- Is the agent used as a probe to detect machines without the agent installed, if so, what information is obtained Host name, IP, MAC?- Network Location Configuration, is it necessary to configure these parameters for the Distributed network scan function ...

IPv6 feature

Hi, Prior to the release of the cortex feature update, were IPv6 enpoints not supported by cortex XDR? Have any new IPv6-related components been added?

Where i find PSE-Cortex exam information?

I can't find information about this PSE-Cortex exam on the official site. And yes, how to prepare for this exam, with which practice tests can I prepare for this exam? I have consulted many certified people, and they have mentioned many sources.

Resolved! distributed network scan - Network Location Configuration - XDR Agent profile

Hello everyone,Under the prevention profiles XDR agent has the capability to scan your network and find assets not onboarded using ping or nmap.This setting also requires that you enable network location configuration. This is from the docs: "When enabled, the Cortex XDR agent scans your network using Ping or Nmap to provide updated identifier...

Resolved! OS Fingerprinting feature in Distributed Network Scan (Pro version)

Hi All,We are using XDR Pro version with agent version 8.2. I am curious about this OS fingerprinting feature under Distributed Network scan setting in Agent profile. I have already configured Network Location Configuration and also configured other things as shown in the attached screenshot. I was hoping it would return the OS type/version of o...

XDR Screenshot.png
network loc config.png

cyvrtrap.dll causing spoolsv.exe crashes?

We updated Cortex XDR agent on a number of VMs and on some of them the Print Spooler service (spoolsv.exe) started crashing repeatedly, causing disruptions to operations. Is this a known issue? Are there available workarounds or ways to resolve it short of downgrading the agent? Sample events: Log Name: Application Source: Applicat...

kindzma by L2 Linker
  • 5820 Views
  • 9 replies
  • 2 Likes

Partially Protected - Operational Status Data

Hi! I have a machine with Operational Status Data as: Xdr Data Collection Not Running Or Not Sent Module is disabled by Adaptive Policy Btp Not Working Module is disabled by Adaptive Policy How can I remediate this machine so that its status will be back to Protected? Thanks!

ndrmndz by L0 Member
  • 11420 Views
  • 4 replies
  • 0 Likes

From the Incidents page to the Alerts table, can you use/share those filters to make Automation rules?

I have created some filters (via the Alerts table) while doing some investigations. It ended up being useful and needing an automation rule. However, when I went to the automation page and looked at the filters, they were blank. I shared the filters within the Alerts table, and they still weren't there. Is there a way to share/Import or copy ...

A.Duscio by L0 Member
  • 1215 Views
  • 1 replies
  • 0 Likes

Resolved! XDR Log and Quarantine Disk Space Retention

Hello- Does anyone know the following details to how the product manages the retention for logs and quarantine?I understand you can set the log quota to a specific size. This will leverage that on local disk. What I am not clear on are the following items.What types of log data are included in this quota (some or all)?How does the product "cle...

  • 2624 Posts
  • 98 Subscriptions
Top Solution Authors
Top Liked Authors