https://live.paloaltonetworks.com/t5/general-topics/minemeld-feeds-authentication-verification/m-p/223772#M98177 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/45496">@Eddie_Brown</a>,</P> <P>you should check firewall logs first but also MineMeld logs in /opt/minemeld/log/minemeld-web.log</P> <P>&nbsp;</P> Fri, 27 Jul 2018 09:59:08 GMT lmori 2018-07-27T09:59:08Z https://live.paloaltonetworks.com/t5/general-topics/minemeld-feeds-authentication-verification/m-p/223604#M98176 <P>Hello Folks,</P> <P>&nbsp;</P> <P>My MineMeld experience has been great thus far thanks alot for creating such a robust community product.</P> <P>I set up authentication feeds recently and am curious where I can verfiy authentication is successful?&nbsp;</P> <P>Is this a Firewall Log or a MineMeld log?</P> <P>&nbsp;</P> <P>Thanks,</P> <P>Eddie</P> Wed, 25 Jul 2018 22:26:48 GMT https://live.paloaltonetworks.com/t5/general-topics/minemeld-feeds-authentication-verification/m-p/223604#M98176 Eddie_Brown 2018-07-25T22:26:48Z https://live.paloaltonetworks.com/t5/general-topics/minemeld-feeds-authentication-verification/m-p/223772#M98177 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/45496">@Eddie_Brown</a>,</P> <P>you should check firewall logs first but also MineMeld logs in /opt/minemeld/log/minemeld-web.log</P> <P>&nbsp;</P> Fri, 27 Jul 2018 09:59:08 GMT https://live.paloaltonetworks.com/t5/general-topics/minemeld-feeds-authentication-verification/m-p/223772#M98177 lmori 2018-07-27T09:59:08Z https://live.paloaltonetworks.com/t5/general-topics/minemeld-feeds-authentication-verification/m-p/223856#M98178 <P>I ran a grep on my Ubuntu server with the username authorized for my authfeed and came up dry. I was able to see the successful authentication requests when I ran a <STRONG>tail follow yes mp-log ms.log</STRONG> and then importing the EDL shows me where it fails or succeeds. In addition, running the <STRONG>request system external-list show type url name URL_HighConfRed&nbsp;</STRONG>show how much of the output feed you are getting and says a yes or no for a few verification fields.<BR /><BR /></P> <P>&nbsp;</P> <P>Something that is partcially related that has become a recent issue is trying to deploy the EDL's via Panorama. If I want to have the extra level of security with my EDLs using a certificate profile and authentication it doesn't seem possible from a Panorama perspective as the certificate profile doesn't cross over to the device group plane. Essentially, if I want to add my EDLs as a "shared" object I am unable to do so with a certificate profile present. As the certificate profile doesn't cross over at the "shared" level. Rather it is specific to the devices that are in the template stack where the profile exists. The only configuration this would work is if all of my devices were in one device group. This doesn't make much sence as each device has specific policies unique to itself. Not sure how to get around this as Palo Alto support didn't have a solution for me either.</P> <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/11678">@lmori</a>&nbsp;When you are deploying MineMeld EDLs into a Panorama configuration. Are you doing it without Authentication feeds being enabled? Or do you have one level of template where all of your devices live that matches up with the device group?</P> Fri, 27 Jul 2018 20:54:27 GMT https://live.paloaltonetworks.com/t5/general-topics/minemeld-feeds-authentication-verification/m-p/223856#M98178 Eddie_Brown 2018-07-27T20:54:27Z