Multiple events "A Successful login from TOR"
Hi,
We are seeing a lot of events from CORTEX "A Successful login from TOR". Anyone else with this problem?
Seems to be a bug.
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Hi,
We are seeing a lot of events from CORTEX "A Successful login from TOR". Anyone else with this problem?
Seems to be a bug.
XDR Analytics BIOC
XDR BIOC
PAN NGFW
XDR IOC
XDR Analytics
XDR Managed Threat Hunting
XDR Agent
Hello, Everyone!
I would like to know how this can be implemented - I want to block suspicious remote control applications (BIOC) Cortex XDR.
I want a reply from the Palo Alto official. Thanks.
Hi Guys,
In the Artifacts section we are not able to see the VT Score . For this we are manually copying the IP's , Hashes & viewing in the Virustotal console.
Got to know we need to configure the API key but the concern is what data does Cortex XDR su
Hello everyone,
I try to deploy Cortex XDR on all my computers with the help of GPO.
For x64 OS, it goes pretty well, for x86 OS I have an abnormal behavior, on several PCs, it does not install.
I have attached some logs, do you have an idea?
I'm
...
Hi everyone,
Can the user initiate malware scan from the cortex xdr agent console which is installed on the endpoint?
Regards
Hello ,
Is it possible to do user validity via VPN/RDP through Cortex XDR.
Or to detect user validity.
Hello,
How long does it take for endpoints to go to failed/canceled state from in progress state when malware scan ran on endpoints?
We use a cluster of Proxmox servers which host a number of LXC containers and KVM/QEMU VMs. Our central IT department requires use to install the Cortex XDR agent on all the devices. I have a Debian Bookworm server with the cortex agent installed whi
...
Hello,
My organization utilizes graylog, and we host it on prem. Is there a way to route/tunnel the XDR tenant into our internal network? I am aware of the BrokerVM, but I do not know if that plays a role. I know the BrokerVM has a syslog app, but
...
Hi Team,
We are having replication issues across the domain controllers and Microsoft is suspecting its an issue with Cortex and they want the the below files to be created as an exceptions across all our domain controllers.
To rule out Cortex is
...
Has anyone come up with a reliable method to report on devices without xdr running on it?
Before I get into my failed script, please allow me to explain what Im attempting to do.
We are looking for windows and Macintosh devices with cortex xdr agent NOT installed. To do this we installed the cortex DHCP log collector. It is reporting its
...
Dear All,
I wanted to create an XQL Query to identify the modification of XDR policies or Profiles by anyone who have access to XDR, so that I wanted to get the list of users who tried to modify the policies or profiles.
I wanted to convert the X
...
Hello Team,
Since the new version of Cortex has come out 3.6 version.
Wanted to get clarity on auto -the agent upgradation part.
Is it recommended to upgrade your agents(servers/workstation) to N-1 or latest version via auto agent upgrade policy?'
...User | Count |
---|---|
9 | |
6 | |
3 | |
1 | |
1 |
Subject | Likes |
---|---|
1 Like | |
1 Like | |
1 Like | |
1 Like | |
1 Like |
User | Likes Count |
---|---|
6 | |
4 | |
2 | |
2 | |
2 |