What is the difference between Market Place , Data source and XDR collectors in XSIAM

Same as the title. Could you please give examples of how Market Place, Data source, and XDR collectors are in XSIAM in terms of ingesting data?

Unified/Assets Inventory and XQL

Do we have the ability to call Unified Inventory or Assets Inventory via XQL Query? I have many interesting examples and potential use cases for how this data can be used. Also, some custom reports like 'new assets detected in last 24h' can be useful

XSIAM Cloud or Onprem?

Hi All,

I'd like to enquire whether Cortex XSIAM offers on-premises solutions exclusively, or if it provides a combination of both on-premises and cloud solutions? Additionally, how does the deployment model work? 

Custom Alert in XSIAM for Azure AD User Group Changes

Hello,

I was wondering if someone could help point me in the right direction for setting up a custom alert in XSIAM when a user is removed from Azure AD from a particular user group.

For example, let's say we have a user group that excludes MFA-M

Cortex XSIAM XQL Query Issue

Hi Team,

I was searching some logs and I found the query I was running initially was just different from the later (2nd) query, however, I was not getting any results for first time but got the results by 2nd query. I moto here just to understand wha

How to retrieve all XQL Correlations

Hi guys, i need a little help.

Is there any dataset that contain all the correlations rules created?

Or can I retrieve all correlations rules via XQL?

I known that I can push this information via API, but unfortunately it is not working here.

Th

PCI DSS compliance

Hi everyone, I'm looking for information about some points about xsiam and cortex xdr being PCI DSS compliant. Is there any documentation you can find specifically on this point:

• 509 Review IPS and IDS device configurations and architecture

I found

data flow in xsiam

can someone explain the data flow in xsiam, use any case as an example, what fundamental modules does the data go through in one incident

smartscore reasons vs insights

For the smartscore feature, we can see two parts, one is the reasons, the other is insights, are there any relations between them? what is the features used in the smartscore model, the reasons or the insights

xsiam and xdr

can someone explain the difference between xsiam and xdr, it seems most of the modules in xsiam are also in the xdr, is xsiam the second generation of xdr?

Cortex XSIAM | Palo Alto

Hi Communnity

,

I would like to know few things about Cortex XSIAM solution:

1. Auto Discovery feature: If any new log source is added, can the solution notify?
2. How the asset risk score is calculated?
3. In XSIAM, full raw logs of XDR/SIEM will be a

Cortex XSIAM

Hi,

Could you please provide guidance on locating the raw log within the Cortex XSIAM tenant?

--

Anupama D.

XQL query Help for custom XQL widgets

I would like to customize the standard "Detections By Actions" widget to filter only on true positive (resolved) incidents - for the last 30 days. And I would like to customize the standard "Open incidents by severity" widget to apply on all incident