Palo Alto Networks · Example Payload

Cortex Xdr Api Alert Example

Applied firewall activity suspicious suspicious traffic monitoring suspicious applied blocked rule for.

Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR

Cortex Xdr Api Alert Example is an example object payload from Palo Alto Networks, with 17 top-level fields. It illustrates the shape of data this provider's APIs accept or return.

Top-level fields

alert_iddetection_timestampnamecategorydescriptionhost_iphost_nameuser_namemacsourceactionaction_prettyseveritymatching_statusalert_typeresolution_statusresolution_comment

Example Payload

Raw ↑ 
{
  "alert_id": "942545",
  "detection_timestamp": 1727061074503,
  "name": "Corporate Gateway 88",
  "category": "default",
  "description": "Applied firewall activity suspicious suspicious traffic monitoring suspicious applied blocked rule for.",
  "host_ip": [
    "example-host_ip_item",
    "example-host_ip_item"
  ],
  "host_name": "Staging Policy 93",
  "user_name": "admin",
  "mac": [
    "example-mac_item"
  ],
  "source": "example-source",
  "action": "drop",
  "action_pretty": "alert",
  "severity": "medium",
  "matching_status": "completed",
  "alert_type": "standard",
  "resolution_status": "active",
  "resolution_comment": "Activity analysis analysis security network activity alert."
}