Cortex XDR

adem_netsys · ‎07-25-2024

Has anyone done cortex xdr integration before, we also want to pull alerts for this, the incident is included in the connector. Has a related connector been written?

Jitesh · ‎07-25-2024

The Cortex XDR connector is currently under review and will be available soon on the content hub. If you need assistance or more details, feel free to reach out to me at jitesh.rathod@spryiq.co or swapnil@spryiq.co.

Jitesh Rathod

adem_netsys · ‎07-25-2024

@Jitesh

Will we be able to get alerts in the content hub because our current expectation is that there is a development about the incident in the new update?

Swapnil1 · ‎07-25-2024

Once the connector is available for download from FortiSOAR content hub, you can configure this to pull incidents from Palo Alto XDR.

This integration is able to fetch incidents from XDR, gets relevant incident details from XDR and creates corresponding Incident and Alert in FortiSOAR.

adem_netsys · ‎07-26-2024

hi @Swapnil1

We are currently able to receive incidents in the existing connector. Will we be able to get alarms with the new update, like get alert?

Jitesh · ‎07-26-2024

@adem_netsys

No, that action is not available in the new update. If you have the API documentation for that action, please share it so I can add the action to the new update.

Jitesh Rathod

Cortex XDR

Nominate a Forum Post for Knowledge Article Creation