Use the Cortex XDR Interface
Get started with the Cortex XDR interface.
Cortex XDR provides an easy-to-use interface that you can access from the hub. When you log in to the Cortex XDR app, you see your default dashboard. If you haven’t customized the dashboard or changed the default, you see the Incident Management Dashboard.
In addition to your main dashboard, and depending on your assigned role, you can explore the menus for other features in the app.
Reportingmenu you can view and manage your dashboards and reports from the dashboard and incidents table, and view alert exclusions.
Investigationmenu, you can view all incidents in table form and configure alert starring (prioritization) policies.
Responsemenu you can take action to respond to threats. You can open a
Live Terminalconnection to an endpoint to investigate processes and files locally and can add malicious domains and IP addresses to an external dynamic list (
EDL) enforceable on your Palo Alto Networks firewall.
Endpointsmenu, you can manage your registered endpoints and configure policy.
5. Settings and management
From the gear ( ) menu, you can view information about your Cortex XDR license, view logs related to administrative and endpoint system activity, and manage other settings and integrations for your Cortex XDR instance.
View Cortex XDR notifications.
From the User, see who is logged into Cortex XDR. Right click and select
Aboutto view additional version and tenant ID information.
The following topics describe additional management actions you can perform on page results:
Recommended For You
Recommended videos not found.