LogsDBLogsDB
Cortex XDR logo

Cortex XDR

Extended detection and response platform providing endpoint protection, detection, and investigation capabilities with rich telemetry data

Vendor: Palo Alto Networks
DocumentationEdit this page

Log Types

Endpoint Events

Comprehensive endpoint telemetry including process, file, network, and registry events

Cortex XDR Console / API
View Details

Alerts

Security alerts generated by analytics, BIOC rules, and threat detection

Cortex XDR Console / API
View Details

Default Paths by Platform

console
https://<tenant>.xdr.paloaltonetworks.com
api
https://api-<tenant>.xdr.paloaltonetworks.com
syslog
SIEM forwarding via Broker VM

Categories

Security
EDR
Endpoint
Last updated: 2026-01-03 by admin
Contributors: 1

Help improve this documentation

Found an error or want to add a new log type? Contributions are welcome!

EditReport Issue