How to Activate Cortex XDR
Hi all,
Can you please guide me that how to activate Cortex XDR tenant account?
Thanks in advance!
Really appreciate the help.
This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- Security Operations
- Cortex XDR Discussions
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Palo Alto Networks Approved
Community Expert Verified
About Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Discussions
Removable Media Extension Profile
I wanted to get everyone else's 2 cents here and see how other people are doing it. My goal here is to prevent writing data to unapproved removeable media but allow reading. I created an device configuration extension profile with disk drives set as
...Alert for each time a usb device is plugged
Hello,
Is there any way to set up an alert for each time a USB device is plugged into a host?
Even if it's not malicious.
How to make console accessible to domain user?
Hello!
I'm new around here and I have a question.
How to make Cortex XDR console to be accessible only to domain users?
So only users connected to the domain network can access the Cortex XDR Console.
It'd be very helpful if you provide related document
...Cortex XDR has Blocked a Malicious Activity but No Program Listed
Attached images show the pop-up that is going around our network this morning. Unlike before where it would list the program Cortex blocks there is nothing there and is pointing at Microsoft for the cause.
Is this a false positive? A windows servic
...Resolved! Cortex Blocks system services
Hello everyone,
the problem started a day ago, when Cortex XDR started to trigger the behavioral rule "other.malware_gen_task.105" on the service
"System", when executing the child processes "smss.exe", "registry" and "memorycompression". It started wi
...Http logs collector example not working
Hi
hope this is the right place to ask this question
We were given a temp user to play around with the Cortex XDR and we are trying to insert some dummy data into it.
I am trying to insert data using an Http logs collector, following this guide
unfortuna
Analytics BIOC Rules - Causality Change - No. of alerts rising, but where to see who, why and what?
Hello Admins,
We use Analytics BIOC Rules. But where is the Causality Change? No of alerts rising, but where to see who, why and what?
Thank you!
BR
Rob
Resolved! Differentiating mail from multi-tenant XDR
I am working with a multi-tenant XDR configuration and I would like to differentiate between the Alert Emails to ascertain from which tenant the Alert has been produced . For example: Tenant 1 and Tenant 2 (mssp). When I receive an email notification
...How can Cortex XDR Pro find the origin process from a DNS request if the process not uses DnsQueryEx RPC Call
Hi Community,
Is somebody able to explain if Cortex XDR Pro is able to find the origin process if you have the DNS Query? A lot of windows internal process uses rpc calls to a svchhost.exe, which then makes the dns resolving, which is cortex xdr pro t
Servers unable to complete scan job within 24 hours
We have some servers in our environment that have a lot of files. The scans are scheduled for 2am Saturday mornings, but do not complete within 24 hours and the scan times out and is then cancelled.
What are the steps to remediate this.
Resolved! Cortex Change managing server
Hi Team,
I'm seeing the different tenant address in Cortex xdr agent console it is connecting to another management server,
Could someone please help me to replace the correct managing server name,
Because currently that agent is not reporting to Cort
...XQL - Hunt for Kerberos Relay Up Activity
Just posting, if this is useful for someone who might be hunting for Kerberos Relay Up (Privilege Escalation on Windows System) Activity.
The purpose of this hunt is to look for suspicious logon on windows system using Kerberos Auth Package where the
...Resolved! XDR agent not triggering alerts in the managements console while blocking
Hi, I have a rather peculiar issue(?) with one of my agents.
Said agent is working as intended, however it blocked a certain file form running under "Local Malware Analysis". which is fine, but I did not receive any alert nor incident in the manageme
...XDR Analytic alert
I am not able to see all cortex XDR analytic alert on Console that is mentioned in the document . why ?
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 5 | |
| 4 | |
| 4 | |
| 3 | |
| 3 |
Latest Comments
- Shahwaz_Md on: User details
- VicentePineda on: Deleting files in path /opt/traps/download/content
- rtsedaka on: Forensics - Data Collection [A question from a Cortex XDR CS Webinar]
- aspatil on: the endpoints Disconnected in my tenant Cortex XDR
- abdrahman on: File search and destroy
- dahang on: Create notification/alerts for failed upgrade and outdated endpoint
- PiyushKohli on: unable to install XDR on windows server
- neelrohit on: XDR on Kali Linux
- dbahuguna on: What does Action: Detected (Sinkhole) really mean??
- abdrahman on: External Application - Fowarding incidents generated in XDR to Microsoft Sentinel
Top Liked Posts
| Subject | Likes |
|---|---|
| 15 Likes | |
| 9 Likes | |
| 3 Likes | |
| 3 Likes | |
| 2 Likes |
Top Liked Authors
| User | Likes Count |
|---|---|
| 15 | |
| 9 | |
| 6 | |
| 6 | |
| 5 |
Labels
-
Agent
1 -
Best Practice
3 -
Cortex Data Lake
3 -
Cortex XDR
20 -
Cortex XDR Webinars
2 -
Events
1 -
How to
1 -
IoT Security
1 -
Isolation
1 -
Management
2 -
PA Firewall
1 -
PAN-Os
1 -
question
8 -
scanning
1 -
Setup & Administration
2 -
SIEM
1 -
threat prevention
2 -
XDR
2 -
XDR Events
2 -
XDR Webinars
1
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks