This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4361 Views
  • 0 replies
  • 3 Likes

Cortex XDR missing powershell logging

I'm doing some Powershell detection testing and I noticed that when I open the Powershell GUI in windows and run a command below it doesn't trigger a Powershell detection. However, when I add powershell in front of the command it does trigger an event. I'm pretty sure this always wasn't the case. Curios to see if this is expected behavior or s...

Slow Dashboard in Cortex XDR Version 3.9

Hi Community! Our Tenant was recently updated to XDR version 3.9 and since then the main dashboard seems to be much slower and unresponsive. Anyone else in the community experiencing this? I have been testing using Edge and chrome the quick launcher is very laggy along with general slowness on loading. Thoughts?

Resolved! Windows Event Collector

Hello, I want to activate Windows Event Collector on my system. I am looking my documentation. https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Activate-the-Windows-Event-Collector?tocId=JKwlSDeDaqpS9R1bOJdayg What I do not understand is that do I need to do all these steps in domain controller? O...

Resolved! Cortex XDR flagged malicious macros

Hi team Cortex XDR keeps generates hundreds of alerts due to suspicious macro detected in my network. Severity : HighAlert Source : XDR AgentAction : Detected (Post Detected) Category : MalwareExtensions : .xls .tmp .xlt .xar Seems Cortex deletes all kind of files that has macros , but in reality those are not malicious. "alerts_table": {"aler...

chawki by L0 Member
  • 5376 Views
  • 5 replies
  • 4 Likes

Resolved! XQL Query - Machine Custom Reports

Hello, good afternoon. I currently have a few machines and xDR installed on them. I need to make a weekly report with the information of the machines and the scan previously configured. Currently, what I have configured using XQL Query: -> Checks if the scan was performed well or not. //########### Linux - Ubuntu 20.04LTS dataset = endpo...

Can we run the XDR on separate port apart from 443?

Hello All, For 1 server we are facing the compatibility issue as the port 443 is required to upload some data for business purpose and that port is also required for the communication of Cortex agent with cortex server. Can we use some other port for the communication? Thanks in Advance, Regards, Sakshi Seth

Windows Explorer - Internal Error: Memory Application Failure

hello, i have an issue with a specific device on-site that is showing the following error.   the user on the device accesses a large number of files on USB drives, fluctuating hundreds of GB per day. she will receive the following error before explorer crashes and must forcibly reboot. the device has 64GB of memory, 500GB m.2 boot drive, a 2...

cortex xdr.png
cortex xdr 2.png

Resolved! XDR Console Access

Hello, Sometimes, I cannot access to the XDR console. It is just loading but nothing showing, just a white page. I have internet access. It happens sometimes and after about 15 minutes, the problem disappears. What can be the reason for that?

Resolved! Cortex XDR

Hi Community , i Had Came Across Some of the Questions Regarding Cortex Xdr , Hope you'll help me with Narrow Down The Rabbit Hole 1. Why the Cortex scanning the files on the Endpoints that has the benign Verdicts in the Scanning Phase . 2. There are Few Factors on that we can Decide that File is Malicious or Benign i. Based On the E...

Yayati by L0 Member
  • 3218 Views
  • 1 replies
  • 0 Likes

Resolved! Automatic updates from Cortex XDR in Intune

Hi Everone! Hope you can help me 🙂 I have acustomer use both Cortex XDR on their endpoints for monitoring, and Intune for app deployment etc. When receiving a new PC, it is configured through Intune. However, currently, the customer has to manually access Cortex, download the latest version, and then add it to Intune. They find this process t...

  • 2601 Posts
  • 98 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks