what is destination user field in traffic and threat logs

I can see destination user field in traffic and threat logs getting poulated.

How this data is collected.

7050's filtering/searching logs much slower than other models, is this normal?

I have worked on all Palo Alto models and it seems to me the log search takes much more time on 7050's than on other models. Currently we do not expiration timeframes set for logging, only for the extpcaps file. Sometimes the log screen will refresh

Custom Report - Maximum Limits

I'm currently trying to produce a custom report and i'm hitting a few walls trying to generate useful data - I'm hoping someone here might have some creative ideas, or even point out the obvious ones I may have missed.

We currently have a blacklist o

virtual routers

How can you tell if a virtual router is passing traffic? Is there a check or test you can run?

WMI probing issue - "list is full"

Hi all,

is anyone familiar with this issue? We are facing this currently but Google almost spits out nothing about this issue. I was going through the User-ID deployment and troubleshooting guide but nothing helpful there. Any ideas?

Strange SNMP Trap from PA500

Hello

During last 7 days I got twice trap like this:

Otrzymano pułapkę SNMP (notyfikacja: 1.3.6.1.4.1.25461.2.1.3.2.0.1) 1.3.6.1.2.1.1.3.0 = 473590626 1.3.6.1.6.3.1.1.4.1.0 = 1.3.6.1.4.1.25461.2.1.3.2.0.1 1.3.6.1.4.1.25461.2.1.3.2.0.1 = 1,2016/10/10 1

Leap second in Palo Alto (end of year)

Hi,

We have several PA5050 , PA3020, etc in diferent PanOS. We would like to know how the leap second would affect to our appliances. With or without NTP configured.

Regards

How to Troubleshoot High Dataplane CPU

Hardware interface counters read from CPU: recieve incoming errors increasing

what could be possible causes.

we are facing slow download speed issues.

Firewall policy for a web server with two websites

Hi Community,
I am new to this forum and also not an exprienced person on firewall policies. So I thought to put my question on the forum. This is what I try to achieve, I have a group of web servers with one virtual IP serving two websites (HTTPS). E

SSL Interception and CDNs

Looking for your guy's feedback on potential issues you've seen with SSL Interception and CDNs?  I know there's a potential for thick clients like Dropbox to break if you crack SSL for the domains used there.  Are there any other concerns to keep in

Withdraw mesage source

Hi everyone,

I am currently working on connecting MineMeld with our SIEM solution. I however ran into a question.

When receiving an update message it states which sources the IOC originated from, also if there are multiple. example: (binarydefense an