The XDRC is dedicated for on-premise data collection on Windows and Linux machines included with Cortex XDR/Cortex XSIAM. The XDR collector includes a dedicated installer, a collector upgrade configuration, content updates, and policy management. The XDRC is a data collector that gathers and processes logs and events from multiple sources. It leverages Elasticsearch Filebeat, a lightweight log shipper, to collect log data from various systems and applications. Additionally, Winlogbeat gathers Windows event logs, ensuring comprehensive visibility into Windows environments. These components facilitate centralized analysis, threat detection, and investigation across the Cortex XDR/Cortex XSIAM ecosystem. Note that the XDR Collector is distinct from the XDR agent.