Community team answering questions even more 'live' than usual!

by ‎06-13-2017 03:15 PM - edited ‎06-13-2017 10:06 PM (3,936 Views)

The Live Community theme at Ignite2017 is #GetAnswers and we've been completely overrun by enthusiastic customers, partners and fans!

 

We started off with a few seed questions on the board but the list of questions grew quickly! Once people also started answering those questions, our booth was literally engulfed. People started discussions, posted questions and answers, networked and the Live Community team got very busy chatting with all our eager fans.

 

After the dust settled, the answered question board was filled to the brim with sticky notes.

 

jdelio, kiwi and reaper contemplatingjdelio, kiwi and reaper contemplating

 @reaper

 

Comments
by Syludez
on ‎08-09-2017 06:59 AM

 Hi,

 

I started managing a Paloalto firewall infrastructure PA-3050 to be precise. 

 

Am not sure if this is true, but someone told me that Paloalto firewalls can go to the internet and pull public ip addresses for specific purposes for example  Exchange Online Protection IP addresses: Exchange (Exchange Online Protection IP addresses). 

 

Is this possible at present? In my opnion this can not be true as it defeats the purpose of allooness and firewall / organisational individuality in the world strewn with attacked as we see today.

 

Regards

Syl.

by
‎08-09-2017 08:04 AM - edited ‎08-09-2017 08:05 AM

Hi @Syludez

 

well, we have something called 'external dynamic lists' which allow you to 'pull' ip information from Palo Alto Networks or other threat intelligence providers (spamhaus for example) and populate those ip addresses in an address group which you can use in security polices etc. we also have a more advanced tool that allows you to aggregate several threat intelligence sources : MineMeld, by Palo Alto Networks

 

edl.png 

 

hope this helps

by secora
on ‎09-25-2017 11:44 AM

Hi All,

 

 
Need your assistance to collect the PAN browser traffic logs for past 60 days for user "user in AD"
 
Thanks & Regards
Secora
by
on ‎09-26-2017 12:11 AM

Hi @secora

 

have you reviewed this article: Searching through logs, where do I start?

you can filter the logs like this : ( receive_time geq '2017/07/26 00:00:01' ) and (user.src neq '')

this in essence states everything with a timestamp higher than 60 days ago, and source user not empty

if you are looking for a specific user, replace the user filter with  (user.src eq '<username>')

 

once the filter is applied, you can export to csv:

Export to csvExport to csv