Palo Alto Networks Cortex
  • 24 Mar 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Palo Alto Networks Cortex

  • Dark
    Light
  • PDF

The Palo Alto Networks Cortex adapter uses the Palo Alto Networks Cortex Hub to get information about Traps and GlobalProtect agents.

To connect the Palo Alto Cortex adapter, the adapter communicates with an Axonius Cloud endpoint that is authorized to get information from the Cortex hub.

Parameters

  1. API Key - An API key given by Axonius Cloud, as specified in the Creating API Key section.
  2. HTTPS Proxy (optional, default: empty) - A proxy to use when using the Palo Alto Cortex API.
    • If supplied, Axonius will utilize the proxy when connecting to the Palo Alto Cortex API.
    • If not supplied, Axonius will connect directly to the Palo Alto Cortex API.
  3. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

image.png

Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters

  1. Number of weeks to fetch (optional, default: 2) - Specify the number of weeks for which Axonius will fetch history.
    • If supplied, all connections for this adapter will fetch data for the specified number of weeks.
    • If not supplied, all connections for this adapter will fetch will fetch 2 weeks of data.

image.png

NOTE

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Creating API Key

In order to authorize Axonius to pull data from Cortex Hub, follow these steps:

  1. Log into Cortex Hub, then find the Axonius app and activate it.

  2. After activating it, click on the Axonius app from the main portal
    image.png

  3. You will be redirected to the Axonius Cloud website. Log in or sign up to proceed
    image.png

  4. After logging in for the first time, the Axonius app will request for a readonly access for the logging services. Select 'Read Logging Services' and click Allow
    image.png

  5. In the Axonius Cloud website, click Integrations on the left menu to reach the integrations page. Then copy the API Key for the Palo Alto Networks Cortex integration

image.png

  1. In Axonius, go to the Palo Alto Networks Cortex adapter, then add a new client and paste the API Key.

First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.