is there a way to monitor cortex xdr protection, for those endpoint who didn't conencted to the console??
I want to be able to malware scan one single file with Cortex XDR from the administrator perspective and using automation. Does anyone have any experience with this? Here is my example: I have an SFTP server where files are uploaded to. As each file is uploaded (created) to the server, I want a custom BIOC alert to trigger. This BIOC alert will ...
My customer has a persistent VDI environment, but during installation forgot to set the VDI-enabled=1 flag. Is there a way to change this without reinstalling the agent? For example via the registry keys?
Hi Everyone, Greetings!, I'm facing challenges writing a date and time-based query. One specific issue is that dates aren't converting into a string format, especially when I try to convert the date '01' into 'Monday/Mon' and date '02' into 'Tuesday/Tue' . For example, I've set a time frame from Monday to Friday only, with other dates be...
Hi everyone, I have the following Cortex XDR question to ask , the information is as follows: 1. If I have not purchased HostInsight License, does it support to get the installedAppList of the endpoint through API? 2. Can I export the Cortex XDR raw log? Is it possible to export the raw log to other storage systems e.g. splunk? Thanks in ...
Hi Everyone, I have encountered two Broker VM log collection and dumping problems want to ask, and then please help you help, the problem is as follows: 1. Can Broker VM tandem dump logs? Description: As shown in the figure below, a customer wants to collect external syslogs through the syslog collector function of Broker VM A, but instead...
Hello All, We are initiating the migration process from cortex xdr to crowdstrike, so can we put the cortex xdr in passive mode. Regards, Sakshi Seth
Hello Team, Can we build a query and save BIOC for specific commands run in CMD in cortex XDR. Thanks !!
Hello,We are working with a backup locigiel but Cortex XDR doesn't want to run it. Would it be possible to whitlist it? we are working on MacOS
Can anyone help me with creating a scheduled report for "Endpoint Group" and integrating custom applications with API?
In which situations do the services in the screenshot run? 1) Why is File Prevalence service disabled? What is Service used for?2) Why is File Scanning disabled?3)Why are the following services disabled and will there be problems when we enable them? What does Service do?Bpf is Disabled Kernel Module is Enabled Fallback is DisabledBpf is Not Run...
PavelK
on:
SNMP not polling PA-VM
