Palo Alto XDR API
API Documentation: https://docs-cortex.paloaltonetworks.com/p/XDR
API creation and configuration
-
To generate a new api key or to use an existing one, go to Configuration ⇒ Integrations ⇒ API Keys.
-
Set the Security Level to “Standard” and Role to “Investigator” and generate a new key.
-
Once generated save the key Secret.
-
Copy the API URL.
5.Copy all the info above in the RedCarbon ingestions page
Mapping
Severity
| Original | RC Severity | Rebased |
|---|---|---|
| low | 10 | 5 |
| medium | 40 | 20 |
| high | 70 | 35 |
| critical | 90 | 45 |
| DEFAULT | 40 | 20 |