05-20-2020 01:20 PM - edited 05-20-2020 01:22 PM
I am trying to get a live memory dump from the Endpoints with Cortex XDR agents installed. through a live terminal and the the file explorer, we are limited to 200 MB downloads from the remote host. Is there a way to expand this file size limit or how are others getting live memory dumps from their endpoints with cortex XDR installed? (No XSOAR available)
am I limited in file size if i were to write a python script and add it to the scripts library in the action center to retreive a live memory dump?
06-02-2020 10:11 PM
You are correct, the max file size is 200 MB. (https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/investigation-and-response/...)
Please give me a day or so. I will check with Product Management to see if they have any suggestions.
06-03-2020 09:26 AM
After some checking, the limit for scripts is higher than 200 MB. The PM I spoke to believes it is 500 MB.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!