This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4402 Views
  • 0 replies
  • 3 Likes

How to get XDR Wildfire API key?

As you can see that there is no data in wildfire api key. So where is it because I want to integrate my XDR Wildfire to other products. So How can i find it or How can I generate it? Please explain me well.

JayeshParmar_0-1705127299496.png
JayeshParmar_1-1705127321137.png

XDR BIOC Rules

Hi All, We have a few Palo Alto BIOCs that are disabled in our console, does Palo alto disables those rules by themselves if yes where can we find more details about it like why it was disabled in the first place. Regards, Shahwaz

Deploying Cortex XDR agent with intune using variables such as endpoint tags

Hi all, My client is facing issues deploying the agent with intune, the agent gets deployed as expected but additional arguments such as ENDPOINT_TAGS="blah" added to msiexec seem to be lost as they can't see them post install when browsing through endpoints in the console. Unfortunately my experience with intune is limited but perhaps any of ...

stig_72 by L1 Bithead
  • 4986 Views
  • 2 replies
  • 0 Likes

Cortex XDR memory consumption and management on Linux

Hello team, I have query regarding Cortex XDR Linux agent memory consumption and management. We have seen multiple cases where Cortex XDR memory consumption is high, however whenever we raise a case we got to know that memory consumption is normal. I would like to know what is the idle consumption for Cortex XDR agent in linux OS? How C...

Broker VM for Cortex XDR

Hi,As a part of Cortex XDR , I would like to know some benefits of Broker VM I have gone through some of the docs and it looks like a Separate image that need to be installed. So,1. Do we have to install it on every endpoint (Ex: 10,000 servers) that has cortex xdr installed and should we do it separately for every endpoint?2. Should we maintain...

Track down bad API key

I have an issue with CortexXDR. I get errors in the logs every minute from something trying to use an API key that was deleted when one of our security guys left. The source IP for it is our external NAT address that all our internal to external traffic goes through. Anyone know of a way to track this connection down to the internal box? We ...

Resolved! retrieve RDP informations

Hello and sorry for my bad english, I want to retrieve informations about RDP connection to computers. When computer A connect to computer B with RDP, on computer B (destination) windows log this event :Event Security with ID 4624 et logon type 10How by query builder retrieve this information on all computers ?thanks a lot

LECORRE by L0 Member
  • 2822 Views
  • 2 replies
  • 0 Likes

Cortex XDR Software Inventory

Hello, I am curious as to what data Cortex XDR pulls to put together a software inventory list. I am trying to create a script to uninstall a program on an endpoint and the last resort method the script does is deleting all program files (both in Program files folder and the user's appdata folders) and deleting all registry keys in the HKEY_LOCA...

Turn on Bitlocker?

We are in the process of rolling out Cortex XDR to our organization. I saw the new BItlocker status screen/policies.I'm struggling to understand if I can enable Bitlocker with this policy, or if this is just a way to ensure the devices are complaint with the way we want Bitlocker configured? We were previously using our AV company's encryption p...

pkawula by L1 Bithead
  • 13854 Views
  • 9 replies
  • 0 Likes
  • 2612 Posts
  • 98 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks