Hello,
I am testing XDR Agent Settings.
I am trying to setup the Network Location Configuration option.
The main issue I have is that I would like to enter two DNS servers.
In DNS Name, I can do this:
server1.domain.com, server2.domain.com
Thi
Hello everyone,
I'm trying to create a gold image in an AWS AppsStream 2.0 environment. I'm following the steps listed here:
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/8.1/Cortex-XDR-Agent-Administrator-Guide/Cortex-XDR-Agent-for-Virtual-E
...
Hi everyone,
I have a customer who has configured the automatic upgrade of XDR Agent, when the new version is released, only a small number of Agents have completed the upgrade, a large number of Linux hosts have failed to upgrade, and the Last Upg
...
Hi Everony
We've noticed that under Windows 11 the MS Defender Antivirus remains running in passive mode even after Cortex XDR is installed. The Cortex integration in Windows security center works, but Defender services are still running.
Does an
...
Hello,
By doing or achieving different automations I have managed to add hashes to the block list in the action center section via API, but as in this console I see that it is blocked with 15,000 entries, let me explain when adding 15,000 hashes I un
...
I have tried to create a new field with an existing string field (createdDate), which is already in an ISO 8601 format. unable to parse it
sample value of feild createdDate=2019-08-29T10:10:26.608Z
Here below the query I have used
| alter filedate
I have trying to create a new field with existing string field (cretedDate) which is already in a ISO 8601 format but. unable to parse it
sample value of feild createdDate=2019-08-29T10:10:26.608Z
here below the query i have used
| alter filedate
Hi Team,
We have installed two Cloud Identity Engines in two different domains. Currently, we are seeing an alert on the Palo Alto hub page regarding the availability of a new agent version for the Cloud Identity Engine. We have a question: will th
...
Anyone done the mimecast and Netskope log integration to Cortex XDR. Unable to find document for integration.
Please share any doc or integration methods.
Hi Team,
On analysing an ransomware incident, i have block the hash of malicious file and added the file path of malicious file into IOCs. However i can see the alerts for malicious hash in the Critical alert (IOCs based) and Low alert - Administr
...
Hello,
We have a server with Veeam Backup, and we are noticing high CPU usage from Cortex.
We have seen that some exceptions might need to be applied:
https://www.veeam.com/kb1999
Would this apply to Cortex?
Best regards.
We wanted to see if we could use XQL to query for if a URL was visited in our environment. Is there a way to structure a working query for this using XQL? We've tried unsuccessfully so far, so we are turning to you, the community.
Thank you for any
...
Hi Team,
How can I create a BIOC rule for large upload activities of more than 1 GB of data in external storage? Please share your input.
I have a field named "ModifiedProperties" and it has values like this below, I cant for the life of me figure out how XQL splits these up, Splunk uses SPAN or MVexpand and it works like a champ but i cant figure out what function does the same thing
...
