Resolved! Will the Rule Builder accept Powershell commands?
Will the process rule builder accept Powershell commands? or only Windows command line?
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
Will the process rule builder accept Powershell commands? or only Windows command line?
Hello,
i am trying to configure a new profile, and i wanted to know if it’s possible to blocked accessing network shared folders and mounting network shared folders.
Best Regards,
Cortex XDR
Would like to request new feature development / Host Insight module improvement to have Vulnerability Assessment (Cortex XDR) with respect to minor builds? The issue is described in https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u
...
As a valued member of our Cortex XDRcommunity, your opinion is important. The Cortex team would appreciate if you'd share your experience with Cortex XDR on Gartner Peer Insights by writing an Endpoint Protection Platform (EPP) review.
Reviews are a
...
Hi,
I'm trying to run the following to run the following query in Query Builder:
The query itself contains the command:
"del *.log /a /s /q /f"
I was wondering if there is a way to escape the asterisk character after the "del. " part of the comma
Hi,
I'm curious as to why the Cortex XDR Data Lake is under PA Hub Gateway Applications, but Cortex is not.
Thanks
Dear All,
I need your help and advise to acheive the below requirement in XQL query.
1. Agent malfunction/ no content updates/ no upgrade
2. Agent partially protected/memory storage/junk storage
3. Network malfunction, not able to connect back.
...
some of the agents its showing connection lost any solution for this we already installed the agent but we need the root cause
I did some network troubleshooting on an endpoint at 9am and then saw an alert that could be related, or could be malicious... but it came in at 6:30pm.
If Cortex alerts are always real-time then my response to the alert will be totally different tha
...
Hi,
Can we get real time compliance report of endpoints which goes under disconnected and connection lost state at that time only
or can we create any rule by XQL query, when the systems are going in disconnected and connection lost state.
We're currently encountering problems with some of our endpoints as our agents are not upgrading. Do you have any suggestions on how to resolve this issue? and its support acs signature
Hello,
We are experiencing high disk space and high memory utilization on servers .
How to stop endpoint data collection in cortex xdr?
Can we delete data from traps folder?If yes what all files we can delete ?
How can we lower disk space utilization
...
Has anyone successfully implemented in their environment? Do you do it by BIOC Restrictions, using digital signatures, file path or executable name?
Hi,
We have exported all the policies from the console (.export) format but are unable to view them or open them anywhere.
Kindly help me view these exported policy details.
Thanks
Md.Shahwaz
Subject | Likes |
---|---|
3 Likes | |
2 Likes | |
2 Likes | |
1 Like | |
1 Like |