This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Partial protected endpoints

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Partial protected endpoints

ahmad_akbarov
L1 Bithead

‎01-22-2024 03:21 AM

Dears,

In some cases Endpoint is going to Partial protected due to some issues. I have read this knowledge base. (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004OGWCA2&lang=en_US%E2%80%A...

Now I want to know that How can I get alert about when endpoint goes Partial protected mode. I have checked agent logs. There is no any alert about it. I can do it with correlation rule. But it can't be real time and can be several alerts for same endpoint. Could you please share your experience?

Cortex XDR Endpoint Protection 

Ahmad Akbarov
Cortex XDR
Thumbnail of Cortex XDR
Palo Alto Networks
Cortex XDR
Security Operations
View on Product Page
Endpoint Protection
Thumbnail of Endpoint Protection
Palo Alto Networks
Endpoint Protection
Network Security
View on Product Page
0 Likes Likes
2 REPLIES 2

Vinothkumar_SBA
L3 Networker

‎01-22-2024 03:39 AM

Hi@Ahmad_akbarov,

 

We are facing the same issues, so we are creating a report template for Cortex XDR agent operational status. Currently, the report is only generating for unprotected endpoints and partially protected endpoints. This report is generated daily and sent to our email address. It allows us to easily identify any endpoints affected by being unprotected or partially protected. The report provides information on how many endpoints are affected. If no endpoints are affected, the report shows a count of zero.

Hope this answers your query. Please mark the response as "Accept as solution" if it helps.

0 Likes Likes

ahmad_akbarov
L1 Bithead
In response to Vinothkumar_SBA

‎01-24-2024 08:07 PM

Thanks for reply. You can do same with correlation rules which I did. But this is not real time. I need real time solution

Ahmad Akbarov
0 Likes Likes
  • 826 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks