This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSIAM Discussions
Cortex XSIAM, the autonomous security platform powering the Modern SOC, operates across cloud and enterprise security operations, providing true end-to-end management of threats wherever they originate.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSIAM Discussions
Cortex XSIAM, the autonomous security platform powering the Modern SOC, operates across cloud and enterprise security operations, providing true end-to-end management of threats wherever they originate.
About Cortex XSIAM Discussions
Cortex XSIAM, the autonomous security platform powering the Modern SOC, operates across cloud and enterprise security operations, providing true end-to-end management of threats wherever they originate.

Discussions

Start a conversation

Welcome to the Cortex XSIAM Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 2768 Views
  • 0 replies
  • 0 Likes

OT Security | XQL

Hello community,Can someone please help me with build some XQL queries to monitor some OT environment, or give me some tips and idea for this topic.thnx 😄

Y.Zalsov by L1 Bithead
  • 787 Views
  • 0 replies
  • 0 Likes

Is there a way to monitor the Broker VMs to see what is connecting (or attempting to connect) to them?

Is there a way to monitor the Broker VMs to see what is connecting (or attempting to connect) to them? Is there a way in the XSIAM UI to determine what devices are attempting to connect to them (IP, protocol, and port) to observe if certain devices are connecting or having problems connecting to them?

A.Donald by L0 Member
  • 862 Views
  • 0 replies
  • 0 Likes

Lookups to compare the difference

I am trying to find clients missing software, I found all the clients WITH the software, dumped them into a a lookup and now trying to find the difference, basically return the ones NOT in the lookup,So something like this: dataset = host_inventory| filter applications != null| arrayexpand applications| alter applicationname=json_extract(applica...

XSOAR engine upgrade

For engine upgrade , do we have to manually run the upgrade installer file in engines or just clicking on the “ upgrade engine” button in the UI of XSiam would be enough?

Urgent Help Needed: Where Can I Find Cortex XSIAM Deployment and Service Management Training Videos?

Hi Team, I have a new client, one urgently transitioning from QRadar to Cortex XSIAM, and I'm completely unfamiliar with XSIAM. I urgently need instructor-led training on deploying and managing this solution, as I'm unsure how to proceed. Any help would be greatly appreciated.Thanking you Regards,Cathy

Tony_74 by L0 Member
  • 1994 Views
  • 2 replies
  • 0 Likes

Resolved! Using XQL queries in XSIAM playbooks

Hi Team, I'd like to enquire whether Cortex XSIAM can search the logs of a dataset using XQL Query in a Playbook.Cortex XSOAR can do that for Cortex XDR using the integration of "Cortex XDR - Search and Compare Process Executions - XQL Engine" .

Integrating Proofpoint TAP into XSIAM

Hi, I would like some guidance on which data source I should use when integrating Proofpoint TAP into XSIAM. In the content pack "Proofpoint TAP" on the marketplace, There is a data source named "Proofpoint TAP". This data source has the ability to fetch alerts, and it ingests into the "proofpoint_tap_v2_generic_alert_raw" data set. Howev...

Rule list

I would like to see a list of rules regarding the types of incidents I receive in XSIAM. I am not talking about IOC/BIOC Can anyone help with the path ?

Resolved! Coalescing of events in XSIAM?

Looking to migrate from QRadar/QRoC to XSIAM In QRadar/QRoC, coalescing works in the following manner: https://www.ibm.com/support/pages/qradar-how-does-coalescing-work-qradar The goal of coalescing is to reduce the need for storage of events for certain event types which full payload data is not needed. Is coalescing of events in XSIAM enab...

Widget Library XQL Query

Hi All, So in the xsiam portal under 'Dashboard and reports' there is a pre-defined list of Widgets in the library.. Within the 'system monitoring' library there is a widget called 'daily consumption' which is great to identify data sources ingestion per day/week/month etc.. Question - anyone know how I can retrieve the actual xql query for th...

PA_nts by L4 Transporter
  • 1814 Views
  • 1 replies
  • 0 Likes

XSIAM Multi-Tenancy

How does multi-tenancy work for MSSPs in XSIAM? We are looking to use XSIAM as the core SecOps tooling to replace our current SIEM and we were wondering how does the multi-tenancy function work?

Simple QXL Query help needed

Hi All, withing query builder i have a very basic query as per below.. dataset = metrics_source | fields _vendor , _product , total_size_bytes which shows me the data sources and the amount of ingested data per source which is fine over a period specified in (24hr/days etc).. what i am trying to achieve is for a period of 24 hours, for it ...

PA_nts by L4 Transporter
  • 1434 Views
  • 1 replies
  • 0 Likes

Resolved! Unified Inventory

Hello, I have come across references to 'Unified Inventory' in the documentation for XSIAM, Xpanse, and Prisma Cloud. Could anyone please clarify if this is a single offering from Palo Alto Networks or specifically from Cortex? Alternatively, do these products each refer to their own inventory feature as being 'unified'?Ex: https://docs-cortex.p...

sh4unz0r by L0 Member
  • 3527 Views
  • 3 replies
  • 0 Likes
  • 164 Posts
  • 43 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks