agent connection lost
some of the agents its showing connection lost any solution for this we already installed the agent but we need the root cause
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
some of the agents its showing connection lost any solution for this we already installed the agent but we need the root cause
I did some network troubleshooting on an endpoint at 9am and then saw an alert that could be related, or could be malicious... but it came in at 6:30pm.
If Cortex alerts are always real-time then my response to the alert will be totally different tha
...
Hi,
Can we get real time compliance report of endpoints which goes under disconnected and connection lost state at that time only
or can we create any rule by XQL query, when the systems are going in disconnected and connection lost state.
We're currently encountering problems with some of our endpoints as our agents are not upgrading. Do you have any suggestions on how to resolve this issue? and its support acs signature
Hello,
We are experiencing high disk space and high memory utilization on servers .
How to stop endpoint data collection in cortex xdr?
Can we delete data from traps folder?If yes what all files we can delete ?
How can we lower disk space utilization
...
Has anyone successfully implemented in their environment? Do you do it by BIOC Restrictions, using digital signatures, file path or executable name?
Hi,
We have exported all the policies from the console (.export) format but are unable to view them or open them anywhere.
Kindly help me view these exported policy details.
Thanks
Md.Shahwaz
I changed my User Login Expiration settings from 8 to 10 hours to accommodate my workday. After a week it has still not changed. It's small, but bugging me. Has anyone else seen this?
Hi All,
We have setup SAML SSO but receiving an 'Unauthorized.Error 4014' error.
The following configuration was made:
IDP provider:
Cortex XDR SSO configuration:
Unfortunately we receive the below error:
Would anyone know whats occ
...
Any option to find the endpoint serial no on cortex console currently we are using the cortex pro per endpoint
Hi,
Is it possible to block PowerShell execution on all endpoints through CortexXDR, if possible kindly give the process to do the same?
Thanks
Hello,
We need to block PowerShell executions on the some endpoints. how can we block Powershell dll files so that PowerShell cannot be loaded.
We have created a BIOC rule and it is flagging legitimate Powershell executions also. Can we exclude
...
Hi we have multiple failed connections from one host to several local IP
below cmd was in initiator
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
Does anyone have any tips or things they do to get the most out of the add-on? I'm just getting it configured it as my company purchased a few licenses for it. I think I've got it configured correctly in the agent settings but I'm also second guessin
...User | Count |
---|---|
6 | |
2 | |
1 | |
1 | |
1 |
Subject | Likes |
---|---|
3 Likes | |
3 Likes | |
3 Likes | |
2 Likes | |
2 Likes |