How to use XQL parse_timestamp
I am trying to convert a string to a timestamp object and cannot understand how the parse_timestamp function works.
My string is as follow :
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
I am trying to convert a string to a timestamp object and cannot understand how the parse_timestamp function works.
My string is as follow :
We recently enabled Auto upgrade on our system.
We selected " Only maintenance releases in a specific version " configured the agent Configurations as below:
Although when I checked the Agent audit logs I see that the upgrades started at Aug 17th 20
...
Hi,
There is Windows Server 2008 R2 server which had Cortex XDR 7.9 installed. As this version is end of support in next few weeks, I decided to install 7.9 CE, which according to compatibility matrix:
Windows • Cortex XDR Compatibility Matrix • Re
...
Hello dear community,
I would like to have a list of processes which were not started/launched in the past XX days. I think it would be nice to know, which processes are brand new etc.
Will this work with XQL and how?
BR
Rob
Hi
We have server which has Cortex XDR agent 7.9, as we can't upgrade and the end of support for this version is 11 of September 2023 I want to convert it to 7.9-CE which gives me additional time. I checked the documentation but can't find clear an
...
Hi,
I would like to know how I integrate Cortex XDR with Context-Aware Access from Google's Beyond Corp product.
Analyzing the existing documentation, I got the impression that I need to create a rule like this in CAA:
device.vendors["cortex"].is
...
Hi,
Cortex XDR agent (version 8.1.0.107064) installed on fully patched Ubuntu server 22.04 doesn’t recognise vulnerabilities correctly. It shows over 330 false positives.
Some examples below:
CVE-2015-34-5 – ntp vulnerable version prior 4.2.8p2-RC2
...
HI Team
We have a servers in the console with 2008 R2 OS version, so when we tried to upgrade the XDR agent version on these servers through console getting "unsupported older OS version". If XDR agent version expires on the server or machine we don'
...
If XDR agent version on the server or machine get expires, what are the consequences we encounter
I cannot find any information about in what steps the Pro per GB / day license can be ordered.
Is there a minimum amount that you have to buy?
Today, one of the most common techniques for a intruder today is to use a valid backup system to make a image of the system and in what way steal all the data of the server..
Werefore i want a new module in the Cortex XDR what will detect the backup
...
Hi,
I have been searching for a list of all potential processes used by the Cortex XDR agent but have been unable to find this in the KB:s / Administration guide.
Does anyone know where this can be found?
We need this due to onboarding customers t
Hi XDR Experts,
For reasons, we need to migrate all the agents from existing "tenant A" to a new "tenant B" before the old one expires.
Is there any automated/faster way to do so?
Or we need to do it manually with bunch of export and import,
...
Is it possible to make the XDR Analytics Alert reference into a public API? There is very useful information in there that we would love to add to our XSOAR implementation or add extra data to our SIEM.
We need to run an automated script through the cortex console. We have already found all the steps to follow, but we would like to validate the script customization is only for the Python programming language? Today the script is in Powershell. Would
...Subject | Likes |
---|---|
1 Like | |
1 Like | |
1 Like | |
1 Like | |
1 Like |