This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

XQL Query to list top process causing issues

Dear All,

 

I would like to know how to build a query to troubleshoot issues on a host where I wanted to list the processes running on the host and also to identify which is causing the issue. I am writing the below query to find no details, please h

...

VenuK by L2 Linker
  • 1050 Views
  • 1 replies
  • 0 Likes

Resolved! Server got rebooted due to Memory Dump issue

Hello,

 

One of the servers got rebooted due to a memory dump. The server user checked with the Hardware OEM Dell and they have analyzed the minidump file and said that issue seems to be caused by Driver: cyvrfsfd.sys. When checked found that this fi

...

Adithi_D by L0 Member
  • 919 Views
  • 1 replies
  • 0 Likes

NTA Dashboard

Hello all,

 

My goal is ingesting the log from my Fortigate for correlation and analyses.

    

I'm evaluating Pro per TB now, done the configuration already, actually, the log is receiving now.

Found the new NTA Dashboard, however, it showed No Permi

...

Compile Payload Source Code Locally

Dear Team,

 

We wanted to restrict compilers on our environment after a pentest resulted with Compile Payload Source Code Locally, we have common compilers like csc.exe and GCC/MinGW. 

 

We wanted to know how to identify any common suspicious behavio

...

VenuK by L2 Linker
  • 925 Views
  • 2 replies
  • 0 Likes

Resolved! new Cortex XDR Agent release notifications

We're currently receiving email notifications when an agent version goes EOL, however we don't seem to be notified when a new Cortex XDR agent is released and available for creating installation packages. I also can't seem to find a link or method to

...

cskoien by L2 Linker
  • 1596 Views
  • 2 replies
  • 1 Likes

Resolved! Endpoint administrative cleanup

Based on what parameter is cortex XDR removing endpoints under endpoint administrative cleanup?
Eg if we chose hostname then will it remove the hostname found first or will delete the hostname XDR found last checked in?
And if we have 2 mac addresses a

...

Some Alert Exclusions don't work anymore

Hello dear community,

 

Since some days, my alert exclusions do not work anymore and the alerts are popping up. Now i noticed the quotes in the target process cmd.

 

powershell.exe -command --> before

"powershell.exe" -command --> from now

 

What has

...

RFeyertag by L4 Transporter
  • 1074 Views
  • 3 replies
  • 0 Likes

Cortex XDR Pathfinder

I dont really understand logic behind PATHFINDER. I installed Broker VM and configured pathfinder. But i can not see anything in Pathfinder Collection Center. I can not find answers to my questions  in documentations. Can anybody please explain about

...

  • 1782 Posts
  • 78 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks