About Cortex XDR Collector content updates - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-10-07
Category
Administrator Guide
Abstract

To quickly resolve any issues in policy, Palo Alto Networks can seamlessly deliver software packages called content updates.

To quickly resolve any issues in policy, Palo Alto Networks can seamlessly deliver software packages for Cortex XSIAM called content updates. Content updates for XDR Collectors contain changes or updates to the Elasticsearch Filebeat infrastructure or the Elasticsearch* Winlogbeat infrastructure.

When a new update is available, Cortex XSIAM notifies the XDR Collectors. The XDR Collectors then randomly choose a time within a six-hour window during which they retrieve the content update from Cortex XSIAM.