View Details About an Endpoint
The page
provides a central location from which you can view and manage the endpoints
on which the Cortex XDR agent is installed. The right-click pivot
menu that is available for each endpoint displays the actions you
can perform.
Endpoints
Endpoint Management
Endpoint Administration

The
following table describes the list of actions you can perform on
your endpoints.
Field | Action |
---|---|
Endpoint Control |
|
Endpoint Data |
|
The following table describes both the default
and additional optional fields that you can view in the Endpoints
table and lists. The table lists the fields in alphabetical order.
Field | Description |
---|---|
![]() | Check box to select one or more endpoints on
which to perform actions. |
Active Directory | Lists all Active Directory Groups and Organizational
Units to which the user belongs. |
Assigned Policy | Policy assigned to the endpoint. |
Auto Upgrade Status | When Agent Auto Upgrades are
enabled, indicates the action status is either:
|
Content Auto Update | Indicates whether automatic content updates
are Enabled or Disabled for
the endpoint. See Agent Settings profile. |
Content Rollout Delay (days) | If you configured delayed content rollout,
the number of days for delay is displayed here. See Agent Settings profile. |
Content Version | Content update version used with the Cortex
XDR agent. |
Disabled Capabilities | A list of the capabilities that were disabled
on the endpoint. To disable one or more capabilities,
right-click the endpoint name and select Options
are: Endpoint Control Disable Capabilities
You can disable these capabilities
during the Cortex XDR agent installation on the endpoint or through .
Disabling any of these actions is irreversible, so if you later
want to enable the action on the endpoint, you must uninstall the
Cortex XDR agent and install a new package on the endpoint.Endpoint Administration |
Domain | Domain or workgroup to which the endpoint belongs,
if applicable. |
Endpoint Alias | If you assigned an alias to represent the endpoint
in Cortex XDR, the alias is displayed here. To set an endpoint alias,
right-click the endpoint name, and select Change endpoint
alias . The alias can contain any of the following characters:
a-Z, 0-9, !@#$%^&()-'{}~_. |
Endpoint ID | Unique ID assigned by Cortex XDR that identifies
the endpoint. |
Endpoint Isolated | Isolation status, either:
|
Endpoint Name | Hostname of the endpoint. If the agent enables
Pro features, this field also includes a PRO badge. |
Endpoint Status | Registration status of the Cortex XDR agent
on the endpoint:
|
Endpoint Type | Type of endpoint: Mobile , Server ,
or Workstation . |
Endpoint Version | Versions of the Cortex XDR agent that runs
on the endpoint. |
First Seen | Date and time the Cortex XDR agent first checked
in (registered) with Cortex XDR. |
Golden Image ID | For endpoints with a System Type of Golden
Image, the image ID is a unique identifier for the golden image. |
Group Names | Endpoint Groups to which the endpoint is a
member, if applicable. See Define
Endpoint Groups. |
Incompatibility Mode | Cortex XDR agent incompatibility status, either:
When
Cortex XDR agents are compatible with the operating system and environment,
this field is blank. |
Isolation Date | Date and time of when the endpoint was Isolated .
Displayed only for endpoints in Isolated or Pending
Isolation Cancellation status. |
Install Date | Date and time at which the Cortex XDR agent
was first installed on the endpoint. |
Installation Package | Installation package name used to install the
Cortex XDR agent. |
Installation Type | Type of installation:
|
IP | Last known IPv4 or IPv6 address of the endpoint. |
Is EDR Enabled | Whether EDR data is enabled on the endpoint. |
Last Scan | Date and time of the last malware scan on endpoint. |
Last Seen | Date and time of the last change in an agent's
status. This can occur when Cortex XDR receives a periodic status
report from the agent (once an hour), a user performed a manual
Check In, or a security event occurred. Changes to the
agent status can take up to ten minutes to display on the Cortex
XDR. |
Last Used Proxy | The IP address and port number of proxy that
was last used for communication between the agent and Cortex XDR. |
Last Used Proxy Port | Last proxy port used on endpoint. |
MAC | The endpoint MAC address that corresponds to
the IP address. |
Network Location | ( Cortex XDR agent 7.1 and later for Windows
and Cortex XDR agent 7.2 and later for macOS and Linux ) Endpoint
location as reported by the Cortex XDR agent:
|
Operating System | Name of operating system. |
Operational Status | Cortex XDR agent operational status:
|
OS Description | Operating system version name. |
OS Type | Name of the operating system. |
OS Version | Operating system version number. |
Platform | Platform architecture. |
Proxy | IP address and port number of the configured
proxy server. |
Scan Status | Malware scan status, either:
|
Users | User that was last logged into the endpoint.
On Android endpoints, the Cortex XDR app identifies the user from
the email prefix specified during app activation. |
Recommended For You
Recommended Videos
Recommended videos not found.