BrokerVM proxy configuration error

hello, 

i'm facing this issue when i try to configure the ip addresse of the proxy so i can send logs throught brokerVM: 

C:\Program Files\Palo Alto Networks\Traps>cytool proxy set "X.X.X.X:YY"

Enter supervisor password:

RpcClient: SendRequest: Error 13

Computers do not receive the new update cortex 7.6.0

problem with cytool

hello,

i'm facing an issue will adding proxy setting using a command  cytool i recieve this error "cytool is not recognized as an internal or external command, operable program or batch file."

any help please.

BR.

Tracking Corrupt Cortex XDR Agents

I am looking for any input on how other customers are handling situations where:

1. The agent is installed on a host and says it is checking in, but it does not appear in the Cortex XDR Console

2. The agent is corrupt and has stopped reporting back (d

XDR Analytics "Failed Connections" alert investigation

Hi all, I am i need of assistance - how should I go about investigating an incident created by the "Failed Connections" alert? 

I run malware scans on the host that raised the alarm, but what can I do beyond that?

I should also mention that whenever su

broker VM

Hi

How to add the removed broker VM to the Cortex XDR management console?

BrokerVM

Hello, 

i'm facing an issue after deleting brokerVm from the console management, i'm not able to add it again, any help for this issue??

BR.

Test Custom BIOC Rules

Hi Expert,

Please help me to create custom BIOC rules for the testing.

My company want to create rules bioc informational if We create/delete spesific file in spesific folder, and the information will appears in incidents.

Is it possible? 

If is it poss

Deleting Connection lost endpoints in Cortex XDR

Hi,

I want to know if I delete the connection lost system, will it delete the XDR agent installed on that system as well? Or the agent will still remain there?

Regards

Connecting an VM Broker to an offline endpoint

Hello everyone,

Do excuse me for my rather lack of experience. I was wondering if there was any way for me to connect a VM broker that acts as a proxy for it to allow an offline endpoint to be connected to the internet?

I appreciate any advice given

Analytics engine time to establish baseline

Hi all, 

I have a question about the analytics engine - how long does it take for it to establish a baseline?

I had it enabled yesterday and it started to give out alerts during the night, in the span of several hours. 

seems like a rather short time to