03-30-2022 06:39 AM
Hi there,
I am just getting started into what Cortex XDR can do. One item I cannot find a clear answer to so far is how XDR handles alerts forwarding or some API integration between it and, for example, Freshdesk/ServiceNow/Autotask etc.
Is this possible with Cortex XDR?
If you have any links to further reading please point me in the right direction. Thanks.
Kind regards
Phil
03-30-2022 07:01 AM
Hi @IREPhil ,
you can forward your notifications to syslog receiver, email, or even slack. Please check the following doc on how to do it
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/logs/create-notifications
So you need also this doc to configure it:
Additionally you can use API, please check the following doc:
The difference is that you can be more granular/selective via API and might more informative sending the alerts/incidents than just a notification. Depends on your scenario/use case.
Please if this was helpful feel free to like, rate it or mark it as a solution.
KR,
Luis
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
