LIVEcommunity September Member Spotlight: @sawjain

We wanted to take a moment to thank YOU, our community members for all the support, content and sharing that happened this past month.

We are back to recognize one of our most active contributors with a monthly LIVEcommunity Member Spotlight! 

Help with RQL 'group by'

Hi,

I want to do a search that groups every assset name of a result from an api by account and return the project where in can't find an specific string.

Wanted to know if 'group by' could be used for that?

Wasn't able to find examples of how to us

Ingest Taxii feed into XSOAR 6.12

Hi,

I am trying to ingest our taxii feed into XSOAR 6.12 with following steps:

• installed XSOAR 6.12 on ubuntu 22.0.4 LTS
• launched the web portal, and installed TAXII Feed (1.x) pack from marketplace
• Ingest feed using "Integration Instance Settings"
  
  • T

How to join slack {{#demisto-developers }} channel

Hi,

I registered my account and received an email with following content:

Join the Slack workspace Cortex XSOAR DFIR Community now to start collaborating! by clicking here or the button below.

However, the link seems expired and I got following

SCEP on Panorama Error

We're testing SCEP on Panorama and getting an error saying "Unable to generate SCEP certificate, Certificate CA Retrieval Failed". Doing a tcpdumb nothing immediately sticks out, there is not untrusted CA error or anything like that. Is there any ind

Obtaining License Actication Codes for New PA 1410's

Hi There,

We have 2 * new PA 1410 (NFR) units and whilst we have successfully registered the devices, we cannot work out how to obtain the licenses for which we purchased the units, i.e. "Core Bundle" licenses.

If someone can please advise, on ho

Create authentication profile api

how to create authentication profile using api or xml api or cmd commands 

Add or remove application in a security rule

Hello.......
curl -k -X GET "https://10.10.10.10/api/?key=LUFRPT16R......................Mg==&type=config&action=set&xpath=/config/devices/entry[@name='localhost.localdomain']/device-group/entry[@name='GP']/pre-rulebase/security/rules/entry[@name='Pol

Reset-Both for client/sftp server

I have been noticing lots of traffic between an internal client to one of our Sftp server where the log states

SSH User Authentication Brute Force on Port 22  - Action Reset-Both.  We have checked the client and has the correct credentials for the de

Failed to send: file 'PA_XXXXXXXXXXXX46_dt_10.1.6-h6_20230411_2230_1-hr-interval_HOUR.tgz'.

Hi Live Community,

I've set up AIOps for NGFW Free in our setting. I then added 20 firewalls to the AIOps dashboard after that.

This critical alert comes via email every hour. File "PA_XXXXXXXXXXXXX46_dt_10.1.6-h6_20230411_2230_1-hr-interval_HOUR

Antivirus Download and Install Hanging

Pa11.0.1 onPa820 in High Avaliability mode.

The antivirus download and install update job has been at the "download in progress" status for several hours.

The last antivirus valid is:4406 -4923 of 31/03/2023.

The following resolution answer do

Deleting files in path /opt/traps/download/content

Hi,

Does anyone know if what is stored in this Cortex XDR agent path /opt/traps/download/content can be deleted?

Cortex XDR

WLC -Radius Communication over Prisma SDWAN

Wireless user Can be authenticated successfully when WLC and Radius in Same LAN network   OR  WLC Communicate with Radius over MPLS.

it is not working over Prisma SDWAN.

I have checked from the radius server - No fragmentation issue BUT it gives