This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4322 Views
  • 0 replies
  • 3 Likes

Unconventional GP upgrade through XDR action script - works, but could use optimization.

I have a script to silently upgrade GlobalProtect clients to 6.2.2 using an msi, while avoiding disconnecting active users and reboots. It's simple and it works, but I looking to improve it by having successful upgrade status or reason for failure reported instead of just getting the success of the script. Also if the agent doesn't upgrade, I'...

cyvrlpc.sys caused BSODs on Windows 10 after update

Hi all, some of the users reported a BSOD after updating their Win10 endpoints. I'm thinking this might be due to the incompatibility between the driver and newest OS updates or something similar (looking into the stop code). Stop code: DRIVER_IRQL_NOT_LESS_OR_EQUALWhat failed: cyvrlpc.sysThe endpoints are on the latest Cortex XDR agent version...

image (2).png

Cortex XDR missing powershell logging

I'm doing some Powershell detection testing and I noticed that when I open the Powershell GUI in windows and run a command below it doesn't trigger a Powershell detection. However, when I add powershell in front of the command it does trigger an event. I'm pretty sure this always wasn't the case. Curios to see if this is expected behavior or s...

Slow Dashboard in Cortex XDR Version 3.9

Hi Community! Our Tenant was recently updated to XDR version 3.9 and since then the main dashboard seems to be much slower and unresponsive. Anyone else in the community experiencing this? I have been testing using Edge and chrome the quick launcher is very laggy along with general slowness on loading. Thoughts?

Resolved! Windows Event Collector

Hello, I want to activate Windows Event Collector on my system. I am looking my documentation. https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Activate-the-Windows-Event-Collector?tocId=JKwlSDeDaqpS9R1bOJdayg What I do not understand is that do I need to do all these steps in domain controller? O...

Resolved! Cortex XDR flagged malicious macros

Hi team Cortex XDR keeps generates hundreds of alerts due to suspicious macro detected in my network. Severity : HighAlert Source : XDR AgentAction : Detected (Post Detected) Category : MalwareExtensions : .xls .tmp .xlt .xar Seems Cortex deletes all kind of files that has macros , but in reality those are not malicious. "alerts_table": {"aler...

chawki by L0 Member
  • 5231 Views
  • 5 replies
  • 4 Likes

Resolved! XQL Query - Machine Custom Reports

Hello, good afternoon. I currently have a few machines and xDR installed on them. I need to make a weekly report with the information of the machines and the scan previously configured. Currently, what I have configured using XQL Query: -> Checks if the scan was performed well or not. //########### Linux - Ubuntu 20.04LTS dataset = endpo...

Can we run the XDR on separate port apart from 443?

Hello All, For 1 server we are facing the compatibility issue as the port 443 is required to upload some data for business purpose and that port is also required for the communication of Cortex agent with cortex server. Can we use some other port for the communication? Thanks in Advance, Regards, Sakshi Seth

Windows Explorer - Internal Error: Memory Application Failure

hello, i have an issue with a specific device on-site that is showing the following error.   the user on the device accesses a large number of files on USB drives, fluctuating hundreds of GB per day. she will receive the following error before explorer crashes and must forcibly reboot. the device has 64GB of memory, 500GB m.2 boot drive, a 2...

cortex xdr.png
cortex xdr 2.png

Resolved! XDR Console Access

Hello, Sometimes, I cannot access to the XDR console. It is just loading but nothing showing, just a white page. I have internet access. It happens sometimes and after about 15 minutes, the problem disappears. What can be the reason for that?

  • 2589 Posts
  • 95 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks