Abnormal Recurring Communications to a Rare IP

We are receiving multiple alerts from the rule below. All alerts are legitimate Microsoft IPs:

Abnormal Recurring Communications to a Rare IP

Could there have been any recent changes on the Cortex end that might be triggering this?
Cortex XDR 

Strata ADEM interface

Hi,

Not sure if this the correct place to post this but here goes.

The current  user interface for ADEM is quite confusing and difficult to navigate to the point where we too setup additional traingin for our users each time its changed ( strata

XSD to validate XML API responses?

Hello,

I am using PANOS v11.1.  Is there an XSD available to validate the API XML responses?

Thanks,

David

AWS GWLB VPC Endpoint Associations no longer work post-upgrade

Monitoring SD-WAN Tunnel-IF via ping

Hi Guys,

We're looking to connect multiple Palo Alto devices to our core Palo Alto via SD-WAN. In some cases, we have three internet connections at the customer site, each connected through a different ISP.

Our goal is to monitor each tunnel by pingi

Traffic Log query for FQDN object errors with "ip range [fqdn] expansion exceeds maximum number of items allowed"

I created a new FQDN object and added it to a security policy. 

After committing changes, I tried to validate the rule was working, but I get this error in the traffic log when searching for (addr in 'my-FQDN-object'): 

The security policy rule is

Clientless VPN - Application is not accessible

Hello All,

This is my topology I have configured Clientless VPN hosting two application as, paloaltonetworks.com (external-application) and amazon.forest.in (internal hosted application). But i am unable to access the application that hosted insid

Agentless Scanning from Hub Account

So we are trying to move to agentless scanning from a hub account. We want to force the scan to happen in a particular VPC and Security Group.

Do I only need to configure the subnet and security group in the advanced options on the hub account, or

Unable to add disk to Panorama from API / SDK

Im unable to add disks attached to my Panorama instance from the xml api.
I used the provided request from the xml api browser

I tried the same from the Python SDK using the "op" functi

Cortex XDR Generate Alert when Device is Online

There's many situations where it would be convenient to receive a notification when a device is online.  We often run into this when a device is isolated and we are  unable to contact a user.  Since there is no native ability to trigger an alert or n

Global Protect User Login

Hello,

Is there a way to control the Global Protect login?   I want to have when a user disconnects from GP, the next time user logs in they get prompted for MFA.   As of now, seems user can disconnect/reconnect repeatedly thru out the day and neve

Deal Registration End Customer Details not Include

I cannot find the end customer account in the account list that provides the filtering feature while registering the deal. How can I manually add the end customer details to the list?

Heartbeat Backup showing down on both HA peers

I have an active passive configuration which seems to be working and has failed over successfuly in the past (possibly a year ago).  According to the PA docs I read the heart beat is a ping that runs every 1000ms.  I assume since the heartbeat backup

Chrome (HSTS) NET::ERR_CERT_AUTHORITY_INVALID - with 10.1.14h4 update

We updated PANOS (on Friday before h6 was released on Sat) to 10.1.14-h4, rebooted and now our users are sporadically complaining about when using google Chrome (Edge not effected), getting a "Your connection is not private" NET::ERR_CERT_AUTHORITY_I