Palo Alto Networks Cortex XDR
  • 24 Mar 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Palo Alto Networks Cortex XDR

  • Dark
    Light
  • PDF

Palo Alto Networks Cortex XDR is a detection and response app that natively integrates network, endpoint, and cloud data to detect threats and stop sophisticated attacks.

Parameters

  1. Cortex XDR Domain (required) - The hostname of the Palo Alto Networks Cortex XDR server.
  2. URL Base Path (required) - Specify the fully qualified domain name (FQDN). For more details, see Cortex XDR API Reference - Get Started with Cortex XDR APIs.
  3. API Key ID and API Key (required) - Specify the API key and the API key ID of an Advanced Security Level API, as generated in Cortex XDR app. For more details on generating an Advanced Security Level API, see Cortex XDR API Reference - Get Started with Cortex XDR APIs.
  4. Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in Cortex XDR Domain. For more details, see SSL Trust & CA Settings.
    • If enabled, the SSL certificate offered by the value supplied in Cortex XDR Domain will be verified against the CA database inside of Axonius. If the SSL certificate can not be validated against the CA database inside of Axonius, the connection will fail with an error.
    • If disabled, the SSL certificate offered by the value supplied in Cortex XDR Domain will not be verified against the CA database inside of Axonius.
  5. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Cortex XDR Domain.
    • If supplied, Axonius will utilize the proxy when connecting to the value supplied in Cortex XDR Domain.
    • If not supplied, Axonius will connect directly to the value supplied in Cortex XDR Domain.
  6. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

image.png

Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters

  1. Fetch policies (required, default: false) - Select whether to fetch policies.
  2. Do not fetch devices with disconnected status (required, default: false) - Select to not fetch devices that have the 'Disconnected' status.
NOTE

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


APIs

Axonius uses the Cortex XDR APIs.

For details on generating an Advanced Security Level API, see Cortex XDR API Reference - Get Started with Cortex XDR APIs.



First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.