02-12-2018 03:32 AM
Currently there is a project to upgrade all Palo Alto's to a 8.x.x platform.
What MM version is support currently recommending fo PAN OS 8.x.x version?
Also need to consider Active directory integration as an option within the upgraded design. How we can acheive this?
02-13-2018 10:34 AM
I am not working for PAN, so I can't vouch for the recommendation, but at our company we have been using minemeld successfully since summer 2017, and just now starting to use minemeld together with other software stacks, like a SIEM and graylog.
06-01-2018 10:45 AM
Just wondering, what are you doing exactly with Graylog? Trying to find a good solution to monitor feeds and analyze them.
06-03-2018 10:58 PM
We were looking into this article:
And thought of using graylog for the receiving end, as this was a system we already use internally, nothing more special in that :)
Though I am having some issues getting it to work, as there are no correlations being sent out, so haven't looked more into it the last couple of months.
06-05-2018 05:54 AM
Very interesting @borising_!
I actually wound up doing something very similar to this by using MM and Splunk Free. MM sends LogStash info to Splunk, and NGFW sends syslogs to Splunk. Works pretty well! Here are the MM apps for Splunk:
And for the NGFW syslog parsing, the PAN plugins for Splunk work perfectly.
06-08-2018 01:20 AM
That´s perfect! I was just looking at the same setup for my home lab, will try it out! Thank you for joining in with your valuable feedback, much appreciated!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!