AI Canvas FAQ

General

Q: What is AI Canvas

A: AI Canvas is a data exploration tool that consolidates data from various sources in Strata platform. Customers can query in plain English and receive intuitive visualizations for better data understanding.

Q: What are

False Positive

A false positive has been detected for RemotePC.exe. Please resolve this.

File Hash: <929803af7c4690cb6b282a05e503698ac5ea3fede9562eaa3ef5e11d17b4c264>

Link to Virustotal report for the file: <https://www.virustotal.com/gui/file/929803af7c4690cb6b2

Rare Admin Login in Environment

Hi guys, could anyone help me with the query I'm trying to do. 

I'm looking to build an alert based on the rarity of a login in the environment. For instance, raise an alert if "admin" logged in to a device, but that action hasn't been seen in the dev

PANOS upgrade 10.2.10-h9, 10.2.12-h4 and 10.2.13-h2

Hi Experts,

We have PA-5450 and Panorama M-700 running on 10.2.8-h3. We are planning to upgrade PANOS to the latest code in the 10.2.X series. While reviewing the Palo Alto documentation, I found that 10.2.10-h9 is the preferred version. However, t

Assistance with 100Gb load testing on a PA-5450

We have a spirent connected directly to a PA-5450 to do load testing on the 100Gb ports.  The PA5400 has two NC cards (Slot 1 & 2) and then 4 DPC cards (slot 3-6).  The docs show that NC1 is logically mapped to DPC3, and NC2 is mapped to DPC4.  But t

GlobalProtect Internal Host Detection with Always-On and Enforcement

Hello,

I am trying to deploy GlobalProtect on some of our endpoints, but I'm running into a set of issues due to our business requirements.

The requirements are:
VPN is in Always-On with full enforcement
All traffic from those devices must stay inter

When should I use "enforce symmetric return" in the PBF rules?

What is the purpose of this setting? Doesn't all traffic go out the same route as it came in, anyway?

Way to disable logon prompt when start Global Protect client

New Global Protect user - I have an odd question regarding the Global Protect client. Is there a way to not have the sign on prompt when you start the client? We load the client at startup of the laptop to provide a way for our help desk to access th

What Cisco SFPs are compatible with PA QSFP28-CWDM4 100Gb SFPs?

Client is testing 100Gb throughputs on a pair of PA-5450s.  We added the PA supplied QSFP28-CWDM4 (Finisar) transceiver into the Cisco switch and the Cisco logs revealed the transceiver is incompatible.  But, in order to do 100Gb on the PA it is requ

BIOC not supported

Good afternoon,

I'm trying to create a BIOC rule that tells me when users are trying to access the wetransfer.com and dropbox.com DNS. To do this, I generated the following XQL. When run, it shows me the logs of the connections to these DNS.

data

[Cortex XDR] - I Want to monitor the file creation, modification, removal, etc. under the specified path through the BIOC Rule.

Dear Everyone,

I would like to use the XDR BIOC Rule to block the host from creating, editing, deleting, renaming, etc. files in specific file paths.

I tried to write a BIOC Rule but found that it can't be successfully applied to the Restrictions p

AI ​​Access feature 11.2.2-h1

PA-5450

I need to enable the AI ​​Access feature, then the PAN OS requirement must be PANOS version 11.2.2-h1. Currently PAN OS uses 10.2.9-h1, then I checked in portal Preferred it is still 11.1.6-h3. Please confirm to Palo Alto best practice, whi

On-demand file Examination policy

Hi,

I've got 3 questions.
1. I want to schedule a daily scan on servers with cortex xdr, I'm aware that Cortex only has options for weekly and monthly, so I tried creating a new profile for each day mapping them to the same servers but some are bein

Legacy Agent Exceptions or New menu??

Hi, what's your opinion?

Legacy Agent Exceptions or Global Exceptions Menu??

What's the difference? Which one is better?

Some support people suggest activating Legacy in Cortex XDR #, but I'm not sure if I should. Would I lose any of the settings

PAN-OS ISO File download blocked

Hi Everyone,

I am unable to see on my Palo Alto Firewall PAN-OS 11.1.4-h13 on Monitor Data Filtering or Unifed when I was downloading an iso which file extension in the iso file is blocked.

Nothing shows up as blocked and the browser stops the down