This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4361 Views
  • 0 replies
  • 3 Likes

Resolved! Cortex XDR agent with linux agent as server type

Hi, I have installed agent in several linux machines, but all are being categorized as Server Type and some are workstations. Since I am using dymanic groups, what should I do to "fix" this? (Windows are OK regarding server type and workstations type) Regards, Fábio Ferreira

Resolved! How to add Windows DHCP logs to enrich Assets data

Hi Everyone, I am totally new to Cortex XDR and trying out the latest Pro version. What I wish to do is simple and I saw others discussed about it. But I really really need clear instructions on how to do that. In the All Assets list, we wish to get more information about assets that don't have XDR agent installed, besides their IP addresses. It...

Resolved! XDR Prevent to Pro

Does anyone even use Prevent anymore besides us? 😋 Our budget's been approved to hopefully upgrade our license structure to Pro during Q1 of next year. Does anyone have any recommendations / tips / suggestions or whatnot to make this migration a success? We're supposed to get some assistance from our marketing and P.A. engineering team whic...

CraigV123 by L3 Networker
  • 2173 Views
  • 2 replies
  • 0 Likes

Resolved! Rename Tenant URL

Hi Community We would like to change the URL of a Cortex XDR tenant to newname.xdr.eu.paloaltonetworks.com and then use the old URL oldname.xdr.eu.paloaltonetworks.com for a new tenant. How long do I have to wait with the tenant activation until the URL is released for use again? Thanks & Best Regards

Rocky-25 by L2 Linker
  • 4002 Views
  • 5 replies
  • 1 Likes

Resolved! Cortex XDR Pro Per GB License

Hello: Does anyone know if XDR Pro Per GB license can operate alone?If I only want to analyze Firewall events, can I just buy a Per GB License?Is there any documentation that can explain this? Thank you

XDR - Printing delay all documents

Hi,Has anyone had a delay in W11 with Cortex XDR , when trying to print, for example, a PDFIn my case, to print a simple 1mb pdf... edge opens the pdf by default... and when we do CRTL+P, we wait 1 to 2 minutes, until the preview appears and we can print.The machine has a lot of free resources (memory cpu etc)...I think the cortex is analyzing s...

tlmarques by L4 Transporter
  • 1638 Views
  • 1 replies
  • 0 Likes

ingested data retention - 30 days

Hi guys, I've purchased PAN-XDR-PRO-GB SKU and i've noticed we get 30 days of ingested data retention and 180 days of incident or alert retention. Can we keep ingested data for more than 30 days? and/or incident alert retention for more than 180 days? is there any SKU's for that? Thanks Cortex XDR

NormSil by L0 Member
  • 2286 Views
  • 1 replies
  • 0 Likes

Resolved! Large Upload(Generic) Microsoft Teams alerts

Hi Team, We are receiving more alerts 'Large Upload (Generic)' generated by XDR Analytics from Microsoft Teams (ms-teams.exe) and i checked the IPs - Microsoft Corporation (ISP) and Domain -microsoft.com. I need an answer to the following questions: 1. How the alerts are getting triggered 2. How to Reduce it /mitigation 3. How to investigate ...

Vijisaga by L1 Bithead
  • 3962 Views
  • 6 replies
  • 1 Likes

Using XDR Asset Inventory and XQL to report of machines without Cortex installed

Hello All I would like to use Asset Inventory to provide a list of each machine with os Windows and without Cortex agent installed. The goal is to use the result in a widget for the dashboard if possible. Even better would be an api to use it with our monitoring software PRTG. I am new to XQL and have not managed to create a query for the host...

  • 2601 Posts
  • 98 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks