×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
abenchaabene
Engager
Member since: ‎03-27-2024
‎02-05-2026
Community Statistics
Posts 2
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎03-27-2024
Activity Feed
View All

Re: Palo Alto Cortex XDR Alert Retriever Updates ?

by in Splunk Cloud Platform
‎02-05-2026 07:06 AM
‎02-05-2026 07:06 AM
Hello @livehybrid Thank you so much for the fast reply! I have also tried "Splunk Add-on Builder" to try to build an app that would use the Cortex REST API to pull alerts using built-in Python modules, but it seems a little complicated for me right now. I'll try to get in touch with "hurricanelabs" to get more info. Thanks for the tip. Wish you a beautiful day.  🙂 ... View more

Palo Alto Cortex XDR Alert Retriever Updates ?

by in Splunk Cloud Platform
‎02-05-2026 06:40 AM
‎02-05-2026 06:40 AM
Hello dear Splunk community! We have a Splunk Cloud instance (version 10.1.2507.13). We were able to get Cortex incidents using the "Splunk Add-On for Palo Alto Networks".Unfortunately, this app does not include Cortex Alerts. There is an app called "Palo Alto Cortex XDR Alert Retriever" but it doesn't seem to be working on new version of CORTEX XDR ( Cortex XDR V3.16 ). The APP seems to have no more updates from 2024. I have tried both normal and Advanced API keys. Do you have any idea how to pull Cortex alerts using this app or another free method? Much thanks! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎02-05-2026 06:23 AM
Karma given to
View All