How to know if Cortex XDR version is CE.
Will it show on the table when I go to Endpoints ----> All Endpoints and on the Agent Version Field it should have for example 7.9.102CE, if it shows 7.9.102 only then it is a standard version?
Thank you.
Hello All,
I want to clean up my tags list, because some of the old tags that we used are not needed any more.
We don't have active devices with tags that I want to remove.
Any idea from where i can do that?
Regards,
Vasil
Hi Team,
I have a query regarding the installation of the Broker VM in our organization. We have successfully installed it internally. However, when we tried to access the URL https://<brokervm-ip>:4443 internally, it failed. After whitelisting the P
...
Hello dear community!
Thank you all readers and writers for the huge content of help and useful information in this livecommunity!
And also thank you for your valuable time!
BR
Rob
Hi!
On our Cortex XDR tenant some computers are not displaying the User that is connect to the endpoint, performing a heart beat doesn't poppulate that field either, how can we make it so the User "domain\user" appears on the All Endpoints list?
Bes
Which method should be used to install the Cortex XDR agents for the Azure-only Windows 11 multi-session VDI? Since it's both a terminal server, and a non-persistent VDI that gets re-imaged from a golden image?
Hello!
what does that operational status mean and how do I get it to fully protected? Is this OS supported?
Hello,
I have an XQL query and I need IPs to be displayed if they are in some CIDR.
I know about the incidr command and the documentation says we can use it with multiple CIDR if we use coma to separate them.
Example :
filter incidr(ip_address, "1...
Dear Community,
I was trying to use the json_extract to extract the value of "RuleActions" and have no success so far.
Sample data:
{"RuleOperation":"AddMailboxRule","RuleId":"0","RuleState":"Enabled, ExitAfterExecution","RuleCondition":"{(SubString I...
Dear community,
I'm trying to use the replace command in XQL to replace the "\" escape character and have so success.
When I tried with the double slash \\, the XQL will raise syntax error.
| alter test2 = replace(to_json_string(data), "\\", "")
Samp
...
Hi Community,
I have a query: How do I block VPN extensions in browsers (Chrome, Firefox, Brave) using the Cortex XDR agent? If it's possible, could you please explain how to do this?
hi
i have cortex xdr on several endpoints, can you explain me more about the new feature Agent Certificates and its implication and how to work? i want to set enabled this function because is disabled for old tenants
Hi , Family
I want to filter Microsoft Windows 10 Pro and Microsoft Windows 10 Enterprise from all my endpoints. In All endpoints section, it's currently showing only Windows 10 as the Operating System. I need a query that differentiates between Pro
Hi,
I am looking to gather a list of all installed chrome extensions in our environment. I created a simple query to pull any .crx files out of the Chrome extensions file path but the results seem not quite accurate. Was wondering if anyone had a q
...
Hello Dear Community, I want to count events based on specified time periods. For example I want to query hosts that scanned more than 50 hosts in 10 seconds. How can I write XQL in that case?
Cortex XDR
