Pause Endpoint protection

Will XDR services be stopped when we pause endpoint protection?

XQL or API access to Vulnerability Assessments

Is it possible to access the vulnerability assessments via XQL and/or API

I've been tasked with looking at the possiblity of taking the CVE lists from vulnerability assessment and matching them to MS KB. I don't want to be manually running reports

Number of incidents per month on cortex XDR

Hello,

Does anyone know how to generate a report of the number of incidents per month on cortex ?

I can only generate for the current month and not for the past months.

Thanks in advance.

Searching for multiple hashes on cortex XDR

Does anyone know a way to search for multiple hashes on Cortex XDR?

file_search = existing_files does not allow any operators other than "=" for the sha values and you can't string multiple in a query. 

I feel like I'm missing something and there sho

Confirmed issues with some identity threat modules and risk management dashboard

Hello everyone!

Recently, I have been learning about the Identity Analytics feature in Cortex XDR.

After enabling Identity Analytics, I found that not every tenant presents the same interface.

I found that the following UI features are not identica

Possible Values for event_types

Hello Community, 

I am trying to understand Palo Alto XDR logs fetched using API(XQL Query). 

I am using dataset as xdr_data, want to know what all event_types can come under this dataset. 

For ex: EVENT_LOG. 

What are the possible values we can ge

How to know if a zip file is encrypted in XSOAR

Hello,

We'd like to know if a zip file is encrypted inside a playbook or a automation. The way in which XSOAR works with these files does not allow the use of python libraries. Is there a way through the File context value to know if the file is encr

Changing cortex installation directory in Linux

Hi All,

Need some help!

We have a Linux instance where the opt/ folder size is 2 GB and the recommended disk quota by Cortex is 5 GB. We can not resize it.

Do anyone know if there is a way to change the installation directory of Cortex from /opt to

Content Update Manger Playbook giving error in Task : Install updates for chosen packs

Error Detail:

ContentPackInstaller - Error occurred while setting up machine. string indices must be integers

Any suggestion, what could be the reason.  Tried to pass integer values also but no luck. 

Running Script or Playbook in one tenant from another tenant.

Hi all,

I have a multi-tenant deployment. I want to run a script or playbook from one tenant to another tenant. How can I do this?

#XSOAR

agent intall exceed license number of agents

I read the relevant documents, but I don't quite understand them. I hope someone can confirm them for me.

reference articale url :https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/cortex-xdr-overview/cortex-xdr-licenses/cortex-x

How to Find and update existing incidents through Integration

Hi,

We are providing partner integration for our product and this is the requirement.

My product # generates/creates 'Cases' which are pulled inCortex XSOAR  as incidents using fetchIncidents call. It might be possible that sometimes a 'Case' in ou