This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Can't uninstall old cortex xdr version

i have install cortex xdr on linux (7.9 version) ,  the service can't start. i try to uninstall old version or upgrade the version to 8.1.1 , but it show below error. Pls help me to fix the error. 

 

[root@MOFVM068 bin]# ./cytool runtime start all
Red

...

Resolved! Adding file and folder exclusions

We have  a security camera server that's been throwing out low memory resource messages and the company that provides the software claims that Cortex XDR endpoint client is causing memory leaks. There are no incidents being triggered by this server a

...

Disabled Capabilities of XDR on instaallation

Hi all,

 

in one of our customers with the installation of XDR agent version 8.5 the Response Capabilities (File Retrieval, Live Terminal, Script Execution) were disabled from the very beginning on many of the endpoints. As there is no other way, the

...

AbdBgc by L1 Bithead
  • 390 Views
  • 2 replies
  • 0 Likes

How IOCs are detected?

Hi,

 

I've recently noticed that an IOC that we created a month ago is still somehow being triggered, therefore an incident is generated. The IOC is a domain that we've found in a phishing email. I haven't visited the domain or clicked on that quaran

...

Question About Custom Logs Time Field

Question

I want to replace _time field value with original timestamp, but I can not find way to do this. 
Please tell me how to replace _time field value or Is this not possible due to specifications?

Background

When we collect logs from XDR Collector

...

HFukuda_0-1725412582774.png
H.Fukuda by L1 Bithead
  • 520 Views
  • 3 replies
  • 0 Likes

Resolved! Cortex XDR Timeline to XQL

Hi,

 

For our SOC report, we want to have this table with the average statistics of last week's monitoring, including average time to assign, time to respond etc. Is there a way to extract these timestamps from the incident's timeline on XQL and ther

...

  • 2026 Posts
  • 81 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks