This supporting add-on comes with prebuilt content for Palo Alto Networks Cortex XDR data to be easily used with Splunk Enterprise Security's Asset database.
** This supporting add-on is only intended to work with Splunk Enterprise Security deployments **
Full documentation can be found at https://pan-xdr.rba.community.
This Splunk Supporting Add-on is not affiliated with Palo Alto Networks and is not sponsored or sanctioned by the Palo Alto Networks team. Please visit https://www.paloaltonetworks.com/ for more information about Palo Alto Networks.
| Info | Description |
|---|---|
| SA-CortexXDRDevices | 1.0.0 - Splunkbase | GitHub |
| Splunk Enterprise Security Version (Required) | 7.x | 6.x |
| Palo Alto Cortex XDR Endpoint Retriever (Required) | >=1.0.1 |
| Add-on has a web UI | No, this add-on does not contain views. |
| Author | Dennis Morton |
Please open an issue or feature request on Github.