Analytics Alerts by Required Data Source

Cortex XDR Analytics alerts grouped by attack category.
The Analytics alerts that Cortex XDR can raise depend on the data sources you integrate with Cortex XDR. For example if the Cortex XDR agent is your only data source, the app raises only the alerts it can detect from agent endpoint data. Some alerts can also require a combination of data sources in order to raise the alert. Additionally, you can improve the accuracy of some Analytics alerts by adding additional data sources.
The following table displays the required data sources.
Required Data Source
Alert
Optional Data Sources
AzureAD, Okta, or PingOne
For increased accuracy, you can also add any of the following optional data sources:
  • Palo Alto Networks Firewall Logs
  • XDR Agent
For increased accuracy, you can also add any of the following optional data sources:
  • Palo Alto Networks Firewall Logs
  • XDR Agent
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
XDR Agent
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: XDR Agent
For increased accuracy, you can also add the following optional data source: XDR Agent
For increased accuracy, you can also add the following optional data source: XDR Agent
For increased accuracy, you can also add the following optional data source: XDR Agent
For increased accuracy, you can also add the following optional data source: XDR Agent
Cloud Logs
Palo Alto Networks Firewall Logs, Corelight, or Third-Party Firewalls
Palo Alto Networks Firewall Logs or XDR Agent
Azure Audit Log
XDR Agent, AzureAD, or Okta
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
For increased accuracy, you can also add the following optional data source: Palo Alto Networks Firewall Logs
Palo Alto Networks Firewall Logs, XDR Agent, Corelight, or Third-Party Firewalls
Palo Alto Networks Firewall Logs, XDR Agent, AzureAD, Okta, or PingOne
AzureAD or Okta
For increased accuracy, you can also add the following optional data source: XDR Agent

Recommended For You