This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4361 Views
  • 0 replies
  • 3 Likes

Linux RHEL kernel support isn't fast enough - problem

Hello, After using Cortex XDR on Linux RHEL for several months, we've observed that the support turnaround time for new RHEL kernels (from RHEL 6 to 9) is highly unpredictable. This can range anywhere from 2 to 10 weeks. Without supported kernels, the Cortex XDR agent switches to "partially protected" mode, which is unacceptable. For insta...

VRubio by L1 Bithead
  • 2271 Views
  • 1 replies
  • 1 Likes

Unable to add multiple folders in exclusion list

Hi Team, Am unable to add multiple folders under Exception configuration page. I have 20+ folders which i need to exclude in Cortex XDR, i went to Exception Configuration-->Disable Prevention policy-->Add Rule. I have to do this each every time for every folder which is cumbersome process. Is there a way to exclude all folders in one go. R...

Remove enopoint XDR Cortex

Hi Can i remove XDR Agent from PC and i don*t have supervisor password for disable antitampering... Endpoint are not showing in XDR Console... please help, i have problems with cca 200pc best regards...

RokGrm by L0 Member
  • 2317 Views
  • 4 replies
  • 0 Likes

Resolved! .csv format change

Hi, I've just noticed this recently. A while ago when I added .csv file to a report, it was formatted with coma between columns. Now it is using a tab what cusses export to Excel more difficult. Is any setting which can be use to change it back?

Resolved! Legacy agent exception and Disable prevention rule

What is the difference between Legacy agent exception and Disable prevention rules? This was asked in another discussion but the answer does not resolve the question asked (https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/exception-and-exclusion-tips-amp-trick-best-practices/td-p/569675 ) Thanks Danny

Cortex XDR 3.10 and endpoint slowness

3.10 activated in our tenant yesterday and along with that, our endpoints started upgrading to 8.3 (we are one release behind the latest). This morning we were deluged with calls about unresponsive endpoints. We stopped the automatic endpoint upgrades leaving most on 8.2, but it seems like any version could have the issue.The only other clue i...

PCTomS_0-1715034999034.png
PC-TomS by L3 Networker
  • 2343 Views
  • 2 replies
  • 0 Likes

XQL Question - Aggregation by field of type array is unsupported

I'm trying to run a query to get a count of how many times combinations of the values in "initiated_by" and "initiator_path" occur for an alert in the alerts dataset.For example:binary1.exe c:\temp\blah 6binary2.exe c:\temp\blahblah 12I'm trying to use this search, but I get the error in the title "Aggregation by initiated_by field of type arra...

Whitelist our backup software

Hello,I do represent a company called Arx One. We have been publishing a backup software suite (backup agent, agent management console) for more than 15 years now and those software are installed on our customers' workstations, servers or NAS (Windows, Linux, MacOS, Synology and QNAP). We recently discovered through a VirusTotal analyse that you...

Failed to load license data

Since our recent renewal, which is reflected in Assets in the support portal, attempting to Cortex XDR results in an error message of "Failed to load license data or license is expired." Background: We recently renewed our Cortex XDR Pro license. We did not renew our additional data lake license, as we weren't using the extended storage. Howev...

Reflexion_0-1714678543536.png

Resolved! Not able to see Asset in Cortex portal.

Not able to see Asset in Cortex portal. Cortex XDR agent is installed on Asset.Asset is a Ubuntu 28.04 VM on GCP, having access to internet. root@dev-vcs-martin1:/var/log/traps# dpkg -l | grep cortex-agentii cortex-agent 7.9.0.82606 amd64 Palo Alto Networks Cortex XDR(tm) endpoint security agent root@dev-vcs-martin1:/var/log/traps# /opt/traps/...

  • 2600 Posts
  • 98 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks