Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Cortex XDR Blockage activity

If anything needed executable are blocked by the XDR previous we used to add that ***.exe in malware profile. But now we faced that issue that client has connected the clickshare(PC Screen Share) Equipment as it's an external equipment connected to U

...

Resolved! XQL to get characters from Host Name

Hello All:

 

Our host_names are formatted the same across our fleet.  I'd like to pull out the 5-8 characters in the hostname.  We've tried using trim, ltrim and rtrim, and even with them nested.  Any suggestions?

 

In this example WX260920162Q2R

we

...

Resolved! Cortex XDR Content Update Testing

Does Palo Alto perform any testing on minor content updates for Cortex before publishing them?

 

I'm looking for any documentation that outlines this testing (if any) to support a compliance requirement.

Resolved! Too much Forensic Data

Hello dear community, 

 

how do we delete the collected forensic data? Is there a option to do this? I was testing around with the forensics addon and collected from some agents, but now I want to get rid off.

 

Example Screenshot

 

 

Thanks

 

BR

 

...

RFeyertag_0-1677284837716.png
RFeyertag by L4 Transporter
  • 1748 Views
  • 5 replies
  • 0 Likes

Resolved! Firewall logs to Cortex Data Lake log buffering

Hello,

 

For firewalls managed with Panorama there's a setting in Panorama "Buffered Log Forwarding from Device" which tells the firewall to buffer it's log in the case of loss of connectivity with Panorama.

 

Does anyone know if there is an equivale

...

Use Case and Purpose of xdrhealth.exe

Recently i have noticed that there is another folder which has been created under PA Cortex folder as below:

 

"C:\Program Files\Palo Alto Networks\Cortex XDR Health Helper"

 

Inside the Folder there is PE which is xdrhealth.exe, what is the purpose of t

...

  • 1844 Posts
  • 78 Subscriptions
This widget could not be displayed.
Top Liked Authors