Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Alerts on Cortex XDR Console

Hello,

What is the importance of alerts in cortex XDR? Do we need to work on all the alerts, as we get overwhelmed by the number of alerts.

What is the best practice to fine-tune the alerts so that no important alerts are missed.Is there any document

...

Weekly Scans in XDR

Hello,

 

Can we know the drawbacks of performing weekly scans on all endpoints in XDR. Why is it not recommended to perform weekly scan on all endpoints? 

 

 

Resolved! Windows OS issues with Cortex XDR enabled

A technician is claiming that after downloading XDR 7.6.1, the Windows start menu is not working. If he disables XDR, it works again. If he enables XDR, it stops working again. Has anyone else seen or heard of similar issues?

pdysart by L1 Bithead
  • 2391 Views
  • 2 replies
  • 0 Likes

Parsing out VLANS from netflow collection

In Cortex XDR I'm trying to figure out how to create a parsing rule that will allow me to drop anything from certain VLAN's prior to it ingesting.  Trying to use the Collect and filter but can't seem to figure out how to exclude a VLAN without having

...

XQL Query to list top process causing issues

Dear All,

 

I would like to know how to build a query to troubleshoot issues on a host where I wanted to list the processes running on the host and also to identify which is causing the issue. I am writing the below query to find no details, please h

...

VenuK by L2 Linker
  • 1117 Views
  • 1 replies
  • 0 Likes

Resolved! Server got rebooted due to Memory Dump issue

Hello,

 

One of the servers got rebooted due to a memory dump. The server user checked with the Hardware OEM Dell and they have analyzed the minidump file and said that issue seems to be caused by Driver: cyvrfsfd.sys. When checked found that this fi

...

Adithi_D by L0 Member
  • 980 Views
  • 1 replies
  • 0 Likes

NTA Dashboard

Hello all,

 

My goal is ingesting the log from my Fortigate for correlation and analyses.

    

I'm evaluating Pro per TB now, done the configuration already, actually, the log is receiving now.

Found the new NTA Dashboard, however, it showed No Permi

...

  • 1821 Posts
  • 78 Subscriptions
Top Solution Authors
Top Liked Authors