diff --git a/packages/panw_cortex_xdr/_dev/build/docs/README.md b/packages/panw_cortex_xdr/_dev/build/docs/README.md index 281eb5da545..c9611415f1d 100644 --- a/packages/panw_cortex_xdr/_dev/build/docs/README.md +++ b/packages/panw_cortex_xdr/_dev/build/docs/README.md @@ -1,6 +1,6 @@ # Palo Alto Cortex XDR Integration -The PANW XDR integration collects events from the Cortex XDR API, specifically reading from the Alert API. +The PANW XDR integration collects alerts with multiple events from the [Cortex XDR API,](https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-api/cortex-xdr-apis/incident-management/get-alerts). ## Logs @@ -8,8 +8,7 @@ The PANW XDR integration collects events from the Cortex XDR API, specifically r The Cortex XDR Alerts API is used to retrieve alerts generated by Cortex XDR based on raw endpoint data. A single alert might include one or more local endpoint events, each event generating its own document on Elasticsearch. -The Palo Alto XDR integration requires both an API key and API key ID, both which can be retrieved from the Cortex XDR UI: -https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-api/cortex-xdr-api-overview/get-started-with-cortex-xdr-apis.html +The Palo Alto XDR integration requires both an API key and API key ID, both which can be retrieved from the Cortex XDR UI. See: [Get Started with Cortex XDR API](https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-api/cortex-xdr-api-overview/get-started-with-cortex-xdr-apis.html) {{event "alerts"}} diff --git a/packages/panw_cortex_xdr/changelog.yml b/packages/panw_cortex_xdr/changelog.yml index 8c70991118a..71cf075efe2 100644 --- a/packages/panw_cortex_xdr/changelog.yml +++ b/packages/panw_cortex_xdr/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.1" + changes: + - description: Updated the links in the file to Palo Alto Cortex XDR documentation + type: enhancement + link: https://github.com/elastic/integrations/pull/3144 - version: "1.2.0" changes: - description: Update to ECS 8.2 to use new email field set. diff --git a/packages/panw_cortex_xdr/docs/README.md b/packages/panw_cortex_xdr/docs/README.md index e3584237329..508e715fb30 100644 --- a/packages/panw_cortex_xdr/docs/README.md +++ b/packages/panw_cortex_xdr/docs/README.md @@ -1,6 +1,6 @@ # Palo Alto Cortex XDR Integration -The PANW XDR integration collects events from the Cortex XDR API, specifically reading from the Alert API. +The PANW XDR integration collects alerts with multiple events from the [Cortex XDR API,](https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-api/cortex-xdr-apis/incident-management/get-alerts). ## Logs @@ -8,8 +8,7 @@ The PANW XDR integration collects events from the Cortex XDR API, specifically r The Cortex XDR Alerts API is used to retrieve alerts generated by Cortex XDR based on raw endpoint data. A single alert might include one or more local endpoint events, each event generating its own document on Elasticsearch. -The Palo Alto XDR integration requires both an API key and API key ID, both which can be retrieved from the Cortex XDR UI: -https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-api/cortex-xdr-api-overview/get-started-with-cortex-xdr-apis.html +The Palo Alto XDR integration requires both an API key and API key ID, both which can be retrieved from the Cortex XDR UI. See: [Get Started with Cortex XDR API](https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-api/cortex-xdr-api-overview/get-started-with-cortex-xdr-apis.html) An example event for `alerts` looks as following: diff --git a/packages/panw_cortex_xdr/manifest.yml b/packages/panw_cortex_xdr/manifest.yml index 9bf158448b7..a1ea8e995d5 100644 --- a/packages/panw_cortex_xdr/manifest.yml +++ b/packages/panw_cortex_xdr/manifest.yml @@ -1,6 +1,6 @@ name: panw_cortex_xdr title: Palo Alto Cortex XDR Logs -version: 1.2.0 +version: 1.2.1 release: ga description: Collect and parse logs from Palo Alto Cortex XDR API with Elastic Agent. type: integration