Understanding audio itself a big challenge, along with cortex XDR learning

I wish I could understand via English properly, This is the most important demo. Palo Alto Should give such training with proper English. He did all things good but We could not understand anything except what we saw in the GUI.

What is the difference between uninstall agent and delete endpoint?

What's mean by "failed DNS" incident?

What is LOLBIN executable process in incidents? Could you please explain me

Why the PRO tag given to some endpoints?

Impossible to understand.

yes, almost impossible to understand. all the time trying to guess

conifg case_sensitive = false timeframe=30d | dataset = endpoints | filter endpoint_status = ENUM.CONNECTED or endpoint_status + ENUM.DISCONNECTED | alter agent_version_formatted = regextract(agent_version ,"^\D*(\d+(?:\.\d+)?)") | arrayexpand agent_version_formatted | comp count (agent_version_formatted ) as no_of_agents by agent_version_formatted | fields agent_version_formatted , no_of_agents | sort asc agent_version_formatted | view graph type = column subtype = grouped,horizontal header = "Count of Endpoints by Minor Release" show_callouts = 'true' legend = 'false' xaxis = agent_version_formatted xaxistitle = "Agents by Minor Release" yaxis = no_of_agents dataset = endpoints | fields endpoint_id, endpoint_name, last_seen | comp count() as count by endpoint_name addrawdata = true as raw_data | filter count > 1 | sort desc count | alter endpoint_name = arrayindex (raw_data, 0) -> endpoint_name | alter endpoint_id = arrayindex (raw_data, 0) -> endpoint_id | alter last_seen = arrayindex (raw_data' 0) -> last_seen