understanding palo alto classifying traffic

Hi,

This is just to understand how palo alto understand classify the traffic and take action .

as I pasted below from multiple  sources  sending packets to an inside host .  Palo alto log shows  around  10 

times  (in a second )  from the  same

issue with malwaredomainlist.ip

Dear,

I added the "malwaredomainlist.ip" as miner.

This is working (shows that it has mined about 1500 IPs), but when I add the miner input to a ipv4 or domain aggregator I do not get any output...

Content 579 Customer Advisory

As a follow up to the release of Application and Threat Content version 579, Palo Alto Networks recommends that customers remove the following applications from their security policies prior to upgrading to content version 579. This is suggested to a

NFS Logging \ Non-HA

Hopefully a stupid question - doea Panorama need to be in a HA pair for NFS logging to work?

We are looking to setup and I am getting a 'Panorama must be set as primary' error - even though we do not use HA for Panorama and therefore this seems a m

anyone notice this PAN-OS 7.1.2

Anyone notice this "PAN-OS 7.1.2"

Determine the upgrade path.You cannot skip installation of any major releases in the path to your target PAN-OS version. Therefore, if you intend to upgrade to a version that is more than one major release away, yo

Inventory

Hi There:

Is there a way to export total devices managed in a spreadsheet through Web GUI? (Panorama)

I've tried the csv route through asset on my online account but it exports everything included with the device. I'm just looking for a simple "t

PaloAlto and Cisco Scansafe Proxy

I have a PaloAlto PA-200 with very simple configuration. I configure the PA-200 Management interface to get update the Antivirus, Threats, WildFire and URL Filtering. The proxy server is Cisco scansafe. I can update software, dynamic updates, lice...

What's new in MineMeld 0.9.7

Release Date: 2016-03-24

How to update: Updating MineMeld

Nodes

- Miner for ProofPoint ET Pro feeds

- Miner for PAN-OS syslog messages, let you extract indicators from PAN-OS logs according to a set of rules

UI

- now you can add a new static i

Dataplane under severe load

We are getting this message in system logs.

"Dataplane under severe load."

Monitor hits against captive portal?

When using user ID and captive portal, when an Auth attempt fails because of the captive portal, how can you get notified? We have spent hours troubleshooting broken apps because the captive portal was preventing access but we have no indication of...

ISE syslog for UserID

I am trying to parse ISE RADIUS logs to help map wireless users to IP addresses. I have the Palo configured as follows but I am not getting any info from ISE. I am not that familiar with ISE and did not set up that end but have been told that ISE is

External CA Certificate Options Greyed Out

Hi guys,

I've followed the documentation on how to generate a CSR (https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Generate-a-CSR-Certificate-Signing-Request-and-Import-the/ta-p/53593) but when importing the certificate I'm only