Turn your existing data & APIs into governed capabilities for AI →

API Learnings

Toolbox

API Evangelist LLC

palo-alto-networks

Cortex XDR API

A REST API for the Cortex XDR extended detection and response platform providing programmatic access to incident management, alert handling, endpoint operations, and threat hunting. Key API modules include incidents (get, update, close), alerts (get details, exclusions), endpoints (isolate, unisolate, scan, get agent info), scripts (execute, get results), and audit logs.

Documentation GitHub OpenAPI

Documentation

https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR-REST-API

https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR-REST-API/Get-Started-with-APIs

https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR-REST-API/API-Reference

Specifications

openapi/palo-alto-cortex-xdr-api-openapi-original.yml

asyncapi/palo-alto-cortex-xdr-webhooks-asyncapi-original.yml

json-ld/palo-alto-cortex-xdr-api-context.jsonld

json-ld/palo-alto-cortex-xdr-webhooks-context.jsonld

json-ld/palo-alto-cortex-xdr-context.jsonld

Schemas & Data

json-schema/cortex-xdr-incident-schema.json

json-schema/cortex-xdr-api-alert-schema.json

json-schema/cortex-xdr-api-audit-log-schema.json

json-schema/cortex-xdr-api-endpoint-schema.json

json-schema/cortex-xdr-api-filter-schema.json

json-schema/cortex-xdr-api-incident-detail-schema.json

json-schema/cortex-xdr-api-incident-schema.json

json-schema/cortex-xdr-api-sort-order-schema.json

json-schema/cortex-xdr-webhooks-alert-payload-schema.json

json-schema/cortex-xdr-webhooks-incident-payload-schema.json

json-structure/cortex-xdr-api-alert-structure.json

json-structure/cortex-xdr-api-audit-log-structure.json

json-structure/cortex-xdr-api-endpoint-structure.json

json-structure/cortex-xdr-api-filter-structure.json

json-structure/cortex-xdr-api-incident-detail-structure.json

json-structure/cortex-xdr-api-incident-structure.json

json-structure/cortex-xdr-api-sort-order-structure.json

json-structure/cortex-xdr-incident-structure.json

json-structure/cortex-xdr-webhooks-alert-payload-structure.json

json-structure/cortex-xdr-webhooks-incident-payload-structure.json

Examples

examples/cortex-xdr-api-alert-example.json

examples/cortex-xdr-api-audit-log-example.json

examples/cortex-xdr-api-endpoint-example.json

examples/cortex-xdr-api-filter-example.json

examples/cortex-xdr-api-incident-detail-example.json

examples/cortex-xdr-api-incident-example.json

examples/cortex-xdr-api-sort-order-example.json

examples/cortex-xdr-incident-example.json

examples/cortex-xdr-webhooks-alert-payload-example.json

examples/cortex-xdr-webhooks-incident-payload-example.json

OpenAPI

#Detection #Endpoint Security #Incidents #Response #XDR

← Back to C APIs