Notification if Cortex XDR agent fails to upgrade
Is there any sort of notification I can setup within Cortex XDR to notify me if any agents are failing to properly upgrade to a new version on our endpoints?
Thanks
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Is there any sort of notification I can setup within Cortex XDR to notify me if any agents are failing to properly upgrade to a new version on our endpoints?
Thanks
Hello,
I have issue to upgrade the affected version 5.0.11 to 5.0.12 on windows server 2008, when I install the msi rollback to the last version. Is anyone has the same issue.
thanks
We have a scenario where users are able to kill a certain process to bypass security.
How can we leverage XDR to detect where the specific process name has been killed and, ideally, prevent it?
I thought maybe an IOC or BIOC but the IOC doesn't seem
...
why the Monitoring agent service getting stopped on Hosts. When we checked the logs of some machines we got this error " XDR service cyserver was stopped on ABCDdesktop. Could you please explain
Hi all,
has anyone encountered a heating issue on endpoints with XDR installed? My IT team tells me that a lot of users in the organisation are complaining about their endpoints heating up after the XDR was installed, both on mac and windows. I'd li
...
Hello,
What are the services/features which should be running by Cortex XDR for compliance.
Also, is XDR in high availability(HA) mode? If yes can you suggest where we can see this
Hello,
Is there any way we can see the HA configuration in XDR on console?
Can you please help how can we configure FQDN for production and DR broker VM servers in the Domain controllers?
In the Cortex XDR console I am trying to setup a new Endpoint Group using the AWS 'Cloud Info' values as the filter. That info is presented as JSON with various nested values and it looks straight-forward to use, i.e., I can specify the "Cloud Info"
...
Hi Team,
Our internal team is going to enable the feature “Secure Compliance Check” for end users who are working from home. They have enabled feature for other AV solution. Also we want to add the service for "Cortex XDR". There are multiple servi
...
Hello,
We know that cortex XDR takes atleast one month to learn behaviour and then not throw similar alerts.
1. On what basis is this behaviour learning happening upon?
2. Is it based on just the Host or initiator processes that are taking place?
3
...
I tried
$payload = '{"request_data" : {"search_from" : 0,"sort" : {"field" : "last_seen","keyword" : "desc"},"filters" : [ {"field" : "endpoint_id","value" : [ "connected", "connected" ], "operator" : "lte"}, {"field" : "endpoint_id","value" : [ "co
...
Hello,
Is there a limit to pull data from XDR through API?
I understand that query through API has limit but what if we are pulling endpoint information/alerts/incidents through it?
Hello,
Where can I find the agent cleaner file for agents(servers and workstations) running on 7.7 agent version ?
Anyone else running into this today?
Prevention Information:
Prevention date: Wednesday, February 8, 2023
Prevention time: 1:36:40 PM
OS version: 10.0.22621
Component: Hash Control
Cortex XDR code: C0400055
Prevention description: Suspicious executable
User | Count |
---|---|
9 | |
5 | |
3 | |
1 | |
1 |