AsyncAPI channel · Palo Alto Networks · Cortex XDR Webhooks

`incident/created`

Name: incident/created
Creator: Palo Alto Networks

Triggered when a new incident is created in Cortex XDR. Incidents are automatically created by correlating one or more related alerts that share common attributes such as affected endpoints, users, or attack patterns. This event signals the beginning of a new investigation context.

Open source AsyncAPI → All Palo Alto Networks channels Palo Alto Networks provider profile

Provider: Palo Alto Networks AsyncAPI: v2.6.0 Spec: Cortex XDR Webhooks Operations: 1 Messages: 1

Channel address

incident/created

Operations

onIncidentCreated

New incident created

Messages

IncidentCreated

A new Cortex XDR incident has been created

Content-Type: application/json

About AsyncAPI

The AsyncAPI specification describes event-driven APIs the way OpenAPI describes request/response APIs. A channel is the named pipe — a webhook URL, a Kafka topic, a WebSocket route, an MQTT subject — that producers and consumers publish or subscribe to. Each channel carries one or more messages with structured payloads, and an operation declares whether a given party sends or receives on that channel.

Browse every event-driven channel on the APIs.io network or compare with the broader Naftiko capability, Agent Skill, and MCP server surfaces of the same providers.