Rule for Detection Powershell Execution

I created a BIOC to detect running processes in PowerShell and I intend to exclude some processes to avoid showing too many false positives, such as: SenseIR.exe and CompatTelRunner.exe. Cortex XDR

'Redistribution Agent XXX(vsys1): details: close connection to agent

Dear All, I have installed user-id agent on the server in order to use user-mapping. it was working but it suddenly stopped working. I checked the system log it gives me description contains 'Redistribution Agent XXX(vsys1): details: close connection to agent' I went through the article https://knowledgebase.paloaltonetworks.com/KCSArticleDe...

Want to copy log files in maintenance mode using with scp option. Every time getting failed message while copy. Want to copy log files in local device

HA GlobalProtect firewalls in Azure

I would like to deploy GP firewalls in Azure, I would like to configure 2 firewalls which are working active-active to have always some protection if one availability zone will have maintenance always second fw will handle the traffic. I was think to have 2 portals and 2 gateways, on 2 different Public IP which will be resolved on one DNS name. ...

Palo Alto Mgmt IP sent huge traffics to the hawkeye services.

Hi Guys, I just want to ask. From my T1 firewall, i can see that my Palo Alto Mgmt IP is sending huge traffics to the hawkeye.services-edge.paloaltonetworks.com. You may refer to the attached picture. Is it normal our Palo Alto Mgmt Ip sent a large volume of traffics, which is around 20gb? What is the factor that influences the Mgmt IP to send...

Palo alto type of license subscription

Hi, May i know type of security subscription license module. How we can define the requirement for inside office and outside network traffics. Thanks

Panorama 11.1.8 supports Azure VM series Palo Altos

Does Panorama 11.1.8 supports Azure VM series Palo Alto of any version? We're planning to have same version as Panorama for Azure VM series.

We Need Your Vote! Help Palo Alto Networks Go for Gold in the CMX Community Industry Awards.

Big news, Community! We are thrilled to announce that the Community Team at Palo Alto Networks has once again been nominated for the prestigious CMX Community Industry Awards! Last year, thanks to your incredible enthusiasm and votes, we were one of the top 3 finalists. Being recognized as one of the best in the industry was a huge honor, bu...

Newly Registered Domains configuration

Is there any way to configure the length of time that a domain is considered "newly registered"? 32 days is excessive for my purposes, I'd like to set this to e.g. 14 days.

Cannot create custom region

Running 10.1.6-h3 and in Panorama I go to objects, regions and click add but it won't let me add an IP Address. We only allow US traffic using a deny policy for anything other than the US and I have a need to add a single IP address in another country without allowing the whole country. I have two other custom regions but even editing those ...

stream timeout

Hello Palo Alto World! We are experiencing a "stream timeout" error when visiting srm.gzhtdq.com.cn (see also stream_timeout.png). When we disable GlobalProtect and do not use the VPN Tunnel, then the website works. I excluded the website from decryption, but it didn't help. I am not sure what the issue for this could be. The application bei...

Result empty after using json2html script

I found the issue after using script json2html table to convert json array to HTML table. it's return to empty vaule. Do you have any idea?