Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Resolved! Expanding action_evtlog_data_fields

Is it possible to create an arrayexpand the action_evtlog_data_fields

the below fails to run

 

dataset = xdr_data
| filter event_type = ENUM.EVENT_LOG
| arrayexpand action_evtlog_data_fields
| alter Username=json_extract(action_evtlog_data_fields, "$.Targe

...

Support for Azure Stack HCI OS

Hi Community!

 

Can anyone tell me when PAN will support Cortex XDR Agent on Microsoft Azure Stack HCI Os,

that is based on Windows Server 2019/2022?

https://azure.microsoft.com/en-us/products/azure-stack/hci/#overview

 

OS is out now for 1,5 years and no

...

PMBTTSI by L1 Bithead
  • 3135 Views
  • 8 replies
  • 0 Likes

Removable Media Extension Profile

I wanted to get everyone else's 2 cents here and see how other people are doing it. My goal here is to prevent writing data to unapproved removeable media but allow reading. I created an device configuration extension profile with disk drives set as

...

  • 1677 Posts
  • 78 Subscriptions
Top Liked Authors