From 3fe783110a8b24cae289939a063371a10efb2215 Mon Sep 17 00:00:00 2001 From: TOUFIKI Zakarya <57439240+TOUFIKIzakarya@users.noreply.github.com> Date: Thu, 1 Feb 2024 16:55:37 +0100 Subject: [PATCH] Update docs/xdr/features/collect/integrations/endpoint/paloalto_cortex_edr.md MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Sébastien Quioc --- .../integrations/endpoint/paloalto_cortex_edr.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/xdr/features/collect/integrations/endpoint/paloalto_cortex_edr.md b/docs/xdr/features/collect/integrations/endpoint/paloalto_cortex_edr.md index 63d46b024c..0cda790adb 100644 --- a/docs/xdr/features/collect/integrations/endpoint/paloalto_cortex_edr.md +++ b/docs/xdr/features/collect/integrations/endpoint/paloalto_cortex_edr.md @@ -7,7 +7,17 @@ type: intake Palo Alto Cortex EDR is an advanced Endpoint Detection and Response solution offering real-time threat detection, investigation, and response capabilities, empowering organizations to proactively defend against sophisticated cyber threats across their endpoints. -This setup guide shows how to forward EDR events collected on the Palo Alto Cortex XDR platform to Sekoia.io. +This setup guide shows how to forward EDR alerts collected on the Palo Alto Cortex XDR platform to Sekoia.io. + +!!! warning + Important note - This format is currently in beta. We highly value your feedback to improve its performance. + +## Collected events + +This integration collects the following events: + +- alerts +- telemetry events related to the alerts. {!_shared_content/operations_center/detection/generated/suggested_rules_9b95c9cf-8b78-4830-a1ed-b9e88f05e67a_do_not_edit_manually.md!}