- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Hello,
We are experiencing high disk space and high memory utilization on servers .
How to stop endpoint data collection in cortex xdr?
Can we delete data from traps folder?If yes what all files we can delete ?
How can we lower disk space utilization
...
Has anyone successfully implemented in their environment? Do you do it by BIOC Restrictions, using digital signatures, file path or executable name?
Hi,
We have exported all the policies from the console (.export) format but are unable to view them or open them anywhere.
Kindly help me view these exported policy details.
Thanks
Md.Shahwaz
I changed my User Login Expiration settings from 8 to 10 hours to accommodate my workday. After a week it has still not changed. It's small, but bugging me. Has anyone else seen this?
Hi All,
We have setup SAML SSO but receiving an 'Unauthorized.Error 4014' error.
The following configuration was made:
IDP provider:
Cortex XDR SSO configuration:
Unfortunately we receive the below error:
Would anyone know whats occ
...
Any option to find the endpoint serial no on cortex console currently we are using the cortex pro per endpoint
Hi,
Is it possible to block PowerShell execution on all endpoints through CortexXDR, if possible kindly give the process to do the same?
Thanks
Hello,
We need to block PowerShell executions on the some endpoints. how can we block Powershell dll files so that PowerShell cannot be loaded.
We have created a BIOC rule and it is flagging legitimate Powershell executions also. Can we exclude
...
Hi we have multiple failed connections from one host to several local IP
below cmd was in initiator
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
Does anyone have any tips or things they do to get the most out of the add-on? I'm just getting it configured it as my company purchased a few licenses for it. I think I've got it configured correctly in the agent settings but I'm also second guessin
...
We have a amazon EC2 server with 16GB ram, but the cortex agent is consuming more than 500 mb sometimes.
Can any one answer what is the normal ram usage for cortex agent?
version Cortex XDR 7.9.1.26645
Hi Expert ,
I want to filter out some info from dataset such as " message:111.111.111.11" I want to filter just IP-address with regex and remove "message:" how to filter it on XQL
Thank you
Hello Team,
Is there any way to get a report/notification in XDR console whenever a user disables agent on their system. Do let us know if there is any way to track this activity.
Hello Everyone,
I am trying to find a way to search for multiple of the same file hashes across multiple field types, but can't seem to figure it out. I was thinking it could be something like:
dataset = xdr_data | filter where action_file_sha25
...Subject | Likes |
---|---|
2 Likes | |
2 Likes | |
2 Likes | |
1 Like | |
1 Like |