Pathfinder App
Glendora Spink
I dont really understand logic behind PATHFINDER. I installed Broker VM and configured pathfinder. But i can not see anything in Pathfinder Collection Center. I can not find answers to my questions in documentations. Can anybody please explain about pathfinder?
To be able to use Pathfinder, you need to first have a Cortex XDR Pro per TB license and have your PAN NGFW send logs to Cortex Data Lake. Also, Pathfinder is only able to gather information from Windows endpoints.
Since installing pathfinder, I have not seen any activity in the collection center. In fact I purposely placed a windows 10 device without XDR on it on the same network range Net Mapper scans and pathfinder isnt doing a thing. When I look at pathfinder logs all I see are my "tests".
Yes, I am aware the new cortex has what appears to be a peer to peer agent scan for devices process. Lets just say I dont want to use that method. For one the documentation says it will discover MAC and Platform only, I want the name of the unprotected device. Perhaps the doc is wrong but I still want to know after spending all this time setting up these services why they are not working.
Hi @ESJosephPrinz as @fmoixsante mentioned - Pathfinder will only trigger a deployment of a dissolvable agent on the target endpoint/s which do not have Cortex XDR, when an Analytics event of High/Medium severity is triggered.
The POC that you performed does not mention if the pre-requisites specified in the documentation are met.
Have you had a conversation with your Customer Success teams or Account representatives to get further clarity on this over a call/demo as it is more interactive than a forum? I am sure all of these questions can be addressed with proper context.