Activate Cortex XDR Apps
Use the Palo Alto Networks Cortex hub (https://apps.paloaltonetworks.com) to activate your Cortex XDR apps. This is a one-time task you’ll need to perform when you first start using Cortex XDR apps. Once you’ve activated the apps—and completed all the steps to Cortex XDR Configuration Overview—you’ll only need to repeat the activation if you want to add additional app instances.
To activate Cortex XDR apps, you must be assigned the four required roles and have your Palo Alto Networks-provided authentication code ready as described in Everything You Need to Configure Cortex XDR. You must also have activated your Cortex Data Lake (formerly named Logging Service) license and allocated quota for Cortex XDR.
- Log in to the Palo Alto Networks Cortex hub.Any Palo Alto Networks account user can log in to the Cortex hub; however, you must be assigned the appropriate roles to continue to activate the Cortex XDR – Analytics app.
- Click Activate New App.
- Enter the Auth Code that Palo Alto Networks provided with your Cortex XDR license and Continue.
- Provide details about the Cortex XDR apps you’re activating.
Agree and Activate and then wait for the activation to complete. It can take up to an hour to complete activation for all apps.
- Name Prefix—Give your Cortex XDR apps instance an easily-recognizable name and optional Description. Cortex hub uses the name prefix to create your app instances (for example prefix.analytics.paloaltonetworks.com and prefix.investigation-and-response.paloaltonetworks.com).
- Traps Subdomain—Give your Traps instance an easy to recognize prefix.
- Region—Select your region. This must be the same region in which the associated Cortex Data Lake instance is deployed.
- Cortex Data Lake—Select the Cortex Data Lake instance that will provide the Cortex XDR apps with log data.
- Directory Sync—Optionally select the Directory Sync Service instance that will provide the Cortex XDR apps with Active Directory data. If you do not currently have a Directory Sync Service activated and configured for your account, you can add one at a later time.
- Verify the status of your apps.From the Cortex hub, click the gear icon next to your name and view the STATUS. When the app is available you will see a green check mark.
- Log in to your Cortex XDR apps to confirm that you can successfully access the Cortex XDR app interfaces.
- Complete the setup required for specific apps:
Cortex XDR Configuration Overview With Cortex XDR you can use a variety of sensors to integrate all your network, endpoint, and cloud data. For the ...
Everything You Need to Configure Cortex XDR
Review the prerequisites for setting up Cortex XDR apps. ...
Set Up Cortex XDR
Set Up Cortex XDR Cortex XDR Configuration Overview Everything You Need to Configure Cortex XDR Review the prerequisites for setting up Cortex XDR apps. Manage ...
Set Up Directory Sync Service
Set Up Directory Sync Service Directory Sync Service is an optional service that enables you to leverage Active Directory user, group, and computer information in ...
Manage Logging Storage for Cortex XDR
Cortex XDR – Analytics licenses are based on Cortex Data Lake capacity. To view your licensed capacity, use the Customer Support Portal. ...
Set Up Cortex XDR – Analytics
Set Up Cortex XDR – Analytics Cortex XDR – Analytics analyzes data from a variety of network, endpoint, and cloud detection sources. For the most ...
Role Migration Notes
Users of the Cloud Services Portal prior to role management in the Customer Support Portal need to be aware of these changes. , Users ...
View Logs in Cortex Data Lake
View Logs in Cortex Data Lake In most cases, you can view logs stored in Cortex Data Lake locally on the product that is sending ...
Configure Cortex XDR - Analytics to Use Directory Sync Service
Configure Cortex XDR - Analytics to Use Directory Sync Service After you activate and pair Cortex XDR apps with the Directory Sync Service, you must ...