This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4322 Views
  • 0 replies
  • 3 Likes

Resolved! Cortex XDR

Hi Community , i Had Came Across Some of the Questions Regarding Cortex Xdr , Hope you'll help me with Narrow Down The Rabbit Hole 1. Why the Cortex scanning the files on the Endpoints that has the benign Verdicts in the Scanning Phase . 2. There are Few Factors on that we can Decide that File is Malicious or Benign i. Based On the E...

Yayati by L0 Member
  • 3143 Views
  • 1 replies
  • 0 Likes

Resolved! Automatic updates from Cortex XDR in Intune

Hi Everone! Hope you can help me 🙂 I have acustomer use both Cortex XDR on their endpoints for monitoring, and Intune for app deployment etc. When receiving a new PC, it is configured through Intune. However, currently, the customer has to manually access Cortex, download the latest version, and then add it to Intune. They find this process t...

Resolved! Dataset name change

Hello, I have linux logs which comes as:[INGEST:vendor="unknown", product="unknown", target_dataset="unknown_unknown_raw", no_hit = drop] It is collected under the dataset name called "unknown_unknown_raw". But I want to change its dataset name to something else. How can I do that?

Resolved! Export/Import filters

Hi, In the Host Inventory/Applications I can filter programs then save the filter and open it when needed. However it would be very helpful if I could export this filter, modify it in editor and import again. Is any way to do this? I'm just trying to exclude decent number of application from my view and adding them manually to the filer in dashb...

Deploy Cortex Agent via Intune

Has anyone managed to successfully deployed the Windows Cortex agent via Intune? I have an app configured and deployed, but it's not working as expected. Likely because of the App protection policy in Cortex. I have version checking in the App turned off as I want Cortex to do the updates, all I want is the initial client install on Autopilot ...

CORTEX XDR - Endpoint delete

Good morning dears, I want your opinion, I have devices disconnected for a long time (3 months) so I am planning to delete from the console and recover the licenses. My question is whether the device will have problems uninstalling when it is reconnected at some point. I will be attentive to your comments. KIND REGARDS​

Masquerading - 4203898100

We're getting this alert whenever we're trying to install filezilla.exe or Opening Filezilla.exe. We're using the same installation file like before and also tried with the latest versions. But still it's getting blocked by XDR. Any idea why is that happening? We used filezilla before and we didn't have this issue before. Cortex XDR

Disable Protection Rule for Remote Initiated Behavioral Threat

We are creating a custom service to handle automatically checking and updating programs (similar to PDQ Deploy, or an RMM tool). We've signed the the created service and tried several ways to disable it from being blocked. The problem is, we are very limited in what we can target with the disable prevention rules. Has anyone run into this and a...

CJNTS_5-1708639694767.png
CJNTS_2-1708639146320.png
CJNTS_0-1708639964650.png
CJNTS_3-1708639258518.png
CJNTS by L2 Linker
  • 2817 Views
  • 2 replies
  • 4 Likes

Error code:307 on MAC, Cortex Agent 8.2.1

I get a "Cortex XDR Policy update failed!" messageError code: 307 This happens on a MAC (updated). I'm also unable to uninstall the agent. I was able to do it once, then installed it again, and now my tennant's global uninstall password doesn't work. This is kind of a deadlock, and i have 3 more MACs which disconnected from the tennant, de...

CFriacas by L0 Member
  • 3584 Views
  • 1 replies
  • 0 Likes

Data Lake Activation Button

Hello, I have Cortex Pro per GB license of 165 GB. I have also bought Cortex Data Lake. When I go to Support Palo Alto--> Products--> Assets tab, I can see Data Lake and its Auth Code. But when I go to https://apps.paloaltonetworks.com/apps , I see no activate button under Data Lake: I want to integrate PaloAlto firewall with XDR and s...

JahidAliyev_0-1708693524066.png
JahidAliyev_1-1708693647357.jpeg

Resolved! Software Inventory query

Hi, I'm using following query to get software inventory and it is working well. However to the results, as last column, I would like to add number of hosts which have particular software. Could somebody advise how to do this please? dataset = host_inventory | arrayexpand applications | alter software = json_extract(applications, "$.applicat...

Cortex Visio Stencils

I am making customer diagrams for Cortex XDR, XSOAR, and the data lake. I can easily find hardware visio stencils, but nothing for Cortex. Does anyone know where I can find Visio stencils? This link has nothing: https://www.paloaltonetworks.com/company/press-kit.html

  • 2589 Posts
  • 95 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks