Hi,
Cortex XDR is installed on the client's endpoints but it is not visible on our console, what could be the possible reason behind this?
Thanks
Hello,
Can you please help us in knowing if Linux AIX, Solaris, and Power Linux compatible with Cortex XDR?
If yes what all versions of there is supported.
Hi community,
I had encountered a weird scenario where my endpoint failed in updating its agent when I triggered it from the XDR portal. It connects to BrokerVM for updates, as with the same as the rest which succeed.
Network check: I have update
...
Any idea why this might be happening?
I am expecting to see data from my Cisco ASA firewalls, XDR Agents and hopefully some causality/actor information. I only get Nulls.
Hello,
What is the importance of alerts in cortex XDR? Do we need to work on all the alerts, as we get overwhelmed by the number of alerts.
What is the best practice to fine-tune the alerts so that no important alerts are missed.Is there any document
...
Hello,
Can we know the drawbacks of performing weekly scans on all endpoints in XDR. Why is it not recommended to perform weekly scan on all endpoints?
Hello everyone,
Recently we started getting these types of incidents in our SOC team for Cortex XDR.
It shows that the user connected with SSO using this ASN.
However, it says that the ASN 263461 is suspicious but we can't verify it with lookup tool.
Any
A technician is claiming that after downloading XDR 7.6.1, the Windows start menu is not working. If he disables XDR, it works again. If he enables XDR, it stops working again. Has anyone else seen or heard of similar issues?
Hello ,
There are a few Linux servers in which cortex XDR was deployed but it is not getting reflected in our endpoint.
Performed check-in using the below command for the servers:
root@ubuntu:~$ /opt/traps/bin/cytool checkin
and configured the pr
...
Hi all,
I was wondering - how do i govern the frequency of check in\heartbeats of my xdr agents?
Is it even possible?
In Cortex XDR I'm trying to figure out how to create a parsing rule that will allow me to drop anything from certain VLAN's prior to it ingesting. Trying to use the Collect and filter but can't seem to figure out how to exclude a VLAN without having
...
Dear All,
I would like to know how to build a query to troubleshoot issues on a host where I wanted to list the processes running on the host and also to identify which is causing the issue. I am writing the below query to find no details, please h
...
Hi,
I need the events from the screenshot below to be visible from the Cortex XDR dashboard. Is there any XQL query that could showcase these events with the endpoints hostname?
Hello,
One of the servers got rebooted due to a memory dump. The server user checked with the Hardware OEM Dell and they have analyzed the minidump file and said that issue seems to be caused by Driver: cyvrfsfd.sys. When checked found that this fi
...
Hello all,
My goal is ingesting the log from my Fortigate for correlation and analyses.
I'm evaluating Pro per TB now, done the configuration already, actually, the log is receiving now.
Found the new NTA Dashboard, however, it showed No Permi
...
