[Data Ingestion and Integration] An administrator wants to employ reusable rules within custom parsing rules to apply consistent log field extraction across multiple data sources. Which section of the parsing rule should the administrator use to define those reusable rules in Cortex XDR?

[Data Ingestion and Integration] What will be the output of the function below? L_TRIM("a* aapple", "a")

[Data Ingestion and Integration] How can a customer ingest additional events from a Windows DHCP server into Cortex XDR with minimal configuration?

[Cortex XDR Agent Configuration] How are dynamic endpoint groups created and managed in Cortex XDR?

[Dashboards and Reporting] An engineer is building a dashboard to visualize the number of alerts from various sources. One of the widgets from the dashboard is shown in the image below The engineer wants to configure a drilldown on this widget to allow dashboard users to select any of the alert names and view those alerts with additional relevant details. The engineer has configured the following XQL query to meet the requirement dataset = alerts | fields alert_name, description, alert_source, severity, original_tags, alert_id, incident_id | filter alert_name = | sort desc _time How will the engineer complete the third line of the query (filter alert_name =) to allow dynamic filtering on a selected alert name?