Palo Alto Cortex XDR

Connection Requirements

1 - Domain

Domain of the Palo Alto Cortex XDR host.

2 - API Key

Get your Cortex XDR API Key:
  1. 1.
    In Cortex XDR, navigate to Settings > Configurations > Integrations >API Keys.
  2. 2.
    Select + New Key.
  3. 3.
    Choose API Key Type :Advanced.
  4. 4.
    If you want to define a time limit on the API key authentication, mark Enable Expiration Date and select the expiration date and time.
  5. 5.
    Select the desired level of access for this key.
  6. 6.
    Generate the API Key.
  7. 7.
    Copy the API key, and then click Done.This value represents your unique Authorization:{key}.
Note: You will not be able to view the API Key again after you complete this step so ensure that you copy it before closing the notification.
Click for more information.

3 - API Key ID

In the API Keys table, locate the ID field.
Get your Cortex XDR API Key ID.
  1. 1.
    In the API Keys table, locate the ID field.
  2. 2.
    Note your corresponding ID number. This value represents the x-xdr-auth-id:{key_id} token.
Click for more information.

4 - SSL

Use SSL for connection (optional, default: Unencrypted).
Attention
Please perform a connection test to ensure there is a valid connection to the Palo Alto Cortex XDR host. When the discovery operation finalized you will be able to see the details on Assets page.