🚀 DAY 5 OF LAUNCH WEEK: Introducing Socket Firewall Enterprise.Learn more →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@paloaltonetworks/pan-cortex-xdr

Package Overview
Dependencies
Maintainers
2
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@paloaltonetworks/pan-cortex-xdr

Palo Alto Networks Cortex XDR client library

latest
Source
npmnpm
Version
0.1.0
Version published
Maintainers
2
Created
Source

XDR PRO API NodeJS/TypeScript Client Library

NodeJS / Javascript / TypeScript language binding for the XDR PRO API

Main use benefits (besides the 1:1 mapping)

  • implements the Advanced API KEY nonce process
  • auto-completion and type safety if using a TypeScript editor

Installation

Get the module from the public NPM repository

npm i @paloaltonetworks/pan-cortex-xdr

The XdrApi object

this object provides namespaces to reach XDR PRO API's

  • IncidentApi: to deal with incidents and alerts
  • AlertApi: to push alerts from third party sources
  • EndpointApi: to interface with endpoints
  • DeviceControlApi: to manage device control features
  • HashExceptionApi: to manage file hash exceptions
  • AuditsApi: to retrieve audit reports
  • DistributionsApi: to manage endpoint package distributions

Geting Started

Just obtain a XdrApi object by calling the top level createXdrApi() function export.

Passing API KEY material from environmental variables

Set the following environmental variables before calling createXdrApi()

  • PAN_API_KEY_ID: API KEY identifier
  • PAN_XDR_FQDN: FQDN of the XDR PRO instance
  • either PAN_ADV_API_KEY or PAN_BASIC_API_KEY based on the type of API KEY being used

Passing API KEY material explicitly

Use an object with the following attributes as the first argument to createXdrApi(data)

  • apiKey: string
  • apiKeyId: string
  • isAdvancedKey: boolean
  • xdrBaseFqdn: string

Code example

TypeScript code example

import * as xdr from '@paloaltonetworks/pan-cortex-xdr'

async function main(xdrapi: xdr.XdrApi) {
    const response = await xdrapi.incident.get([{
        field: 'alert_sources',
        operator: 'in',
        value: ['XDR Analytics BIOC']
    }])
    console.log(JSON.stringify(response, undefined, 1))
}

const apiKey = 'JxBIx....GkyG'
const apiKeyId = '18'
const xdrBaseFqdn = 'illicium-industrial.xdr.us.paloaltonetworks.com'

const xdrapi = xdr.createXdrApi({
    apiKey,
    apiKeyId,
    xdrBaseFqdn,
})

main(xdrapi).then(console.log, console.error).finally(xdrapi.close)

FAQs

Package last updated on 28 Mar 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing Socket Firewall Enterprise: Flexible, Configurable Protection for Modern Package Ecosystems

Product

Introducing Socket Firewall Enterprise: Flexible, Configurable Protection for Modern Package Ecosystems

Socket Firewall Enterprise is now available with flexible deployment, configurable policies, and expanded language support.

By Bradley Meck Farias, Dale Bustad  -  Oct 24, 2025
Introducing GitHub Actions Scanning Support

Product

Introducing GitHub Actions Scanning Support

Detect malware, unsafe data flows, and license issues in GitHub Actions with Socket’s new workflow scanning support.

By Rakesh Chatrath, Greg Tystahl  -  Oct 23, 2025