Hardware, OS, and required URLs for engines.
You can install engines on all Linux. Docker/Podman needs to be installed before installing an engine. If you are using the shell installer for an engine, Docker/Podman is installed automatically.
Note
The Cron package is required for installing engines on a Linux machine.
If your hard drive is partitioned, we recommend a minimum of 50 GB for the /var
partition.
Component | Dev Environment Minimum | Production Minimum |
---|---|---|
CPU | 8 CPU cores | 16 CPU cores |
Memory | 16 GB RAM | 32 GB RAM |
Storage | 100 GB | 100 GB |
You can deploy a Cortex XSIAM engine on the following operating systems:
Operating System | Supported Versions |
---|---|
Ubuntu | 18.04, 20.04, 22.04 |
RHEL | 8.0, 8.1, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 8.8, 8.9, 8.10, 9.0, 9.1, 9.2, 9.3, 9.4 |
Oracle Linux | 7.x, 8.9, 9.3 |
Amazon Linux | 2 |
Note
Centos 8.x reached End of Life (EOL) on December 31, 2021, and is no longer a supported operating system.
Centos 7.x reached End of Life (EOL) on June 30, 2024, and is no longer a supported operating system.
You need to allow the following in the URLs for Cortex XSIAM engines to operate properly.
The endpoint URL is: wss://api-<tenant domain>.xdr.<region>.paloaltonetworks.com/xsoar/d1ws
. For example, wss://api-my-tenant.xdr.us.paloaltonetworks.com/xsoar/d1ws
FUNCTION | SERVICE | PORT | DIRECTION |
---|---|---|---|
Integrations | Integration-specific ports | Outbound | |
Engine connectivity | HTTPS | 443 (configurable) | Outbound |
Docker |
| 443 | Outbound |