monitor cortex xdr protection module

is there a way to monitor cortex xdr protection, for those endpoint who didn't conencted to the console??

Malware scan single file upon custom alert

I want to be able to malware scan one single file with Cortex XDR from the administrator perspective and using automation. Does anyone have any experience with this?

Here is my example:

I have an SFTP server where files are uploaded to. As each file

Change Cortex XDR VDI settings after installation

My customer has a persistent VDI environment, but during installation forgot to set the VDI-enabled=1 flag. Is there a way to change this without reinstalling the agent? For example via the registry keys? 

Difficulty Converting Dates to String Format in XQL Query

Hi Everyone,

Greetings!, 

I'm facing challenges writing a date and time-based query. One specific issue is that dates aren't converting into a string format, especially when I try to convert the date '01' into 'Monday/Mon' and date '02' into 'Tue

【Cortex XDR】 The Cortex XDR question asked

Hi everyone,

I have the following Cortex XDR question to ask , the information is as follows:

1. If I have not purchased HostInsight License, does it support to get the installedAppList of the endpoint through API? 

2. Can I export the Cortex XDR

[Cortex XDR ] Does Broker VM support tandem log dumping? Can you dump to more than 2 external storage systems at the same time (3rd party SIEM...)

Hi Everyone,

I have encountered two Broker VM log collection and dumping problems want to ask, and then please help you help, the problem is as follows:

1. Can Broker VM tandem dump logs?

    Description: As shown in the figure below, a customer wa

How to keep cortex xdr in passive mode

Hello All, 

We are initiating the migration process from cortex xdr to crowdstrike, so can we put the cortex xdr in passive mode.

Regards,

Sakshi Seth

BIOC for CMD command

Hello Team,

Can we build a query and save BIOC for specific commands run in CMD in cortex XDR.

Thanks !!

Whitlist backup software on macOS

Hello,
We are working with a backup locigiel but Cortex XDR doesn't want to run it. Would it be possible to whitlist it?
we are working on MacOS

Cortex XDR

Can anyone help me with creating a scheduled report for "Endpoint Group" and integrating custom applications with API?

Cortex XDR Agent Services

In which situations do the services in the screenshot run?

1) Why is File Prevalence service disabled? What is Service used for?
2) Why is File Scanning disabled?
3)Why are the following services disabled and will there be problems when we enable them?