filtering monitor logs - wildcards?

When filtering for users in the traffic log, is there any syntax for using wildcards? For example user.src eq 'domain\blah*' ?

User-ID domain-map

Hi guys.

I have a problem with a user-id setup in a large multi domain envoirment. User-ID agentd are working fine, but the user did not match against the group mapping. It looks like we have a problem with the domain map. The command debug user-id

Routing Multicast PIM SSM

Hi guys,

I have Palo Alto cluster A/P with PIM SSM, I would like to know how is manage the multicast routing if i lost the active member ?

Regards

Firewall rule optimization

Anyone know of any good firewall optimization software for PA. One that can review the rules and make good suggestion to improve the rule order, removal etc?

PA Bypass Question - McAfee Evader

Does anyone have any information on the latest posted PA bypass?  The youtube video shows some of the FW features  being bypassed using McAfee Evader.  It appears to require an IP of the firewall to execute - the example also shows most of the evasio

Custome report

Hi

How to generate trafficreport for webmail usage like gmail
youtube -education?

Thanks 

Block facebook by URL instead of category. Not doing SSL Decryption

Hey everyone!  I have a request from one of my other offices to block access to facebook.  The users there are already covered by a policy using a URL Profile that blocks the social networking category.  I also added facebook.com/ and *.facebook.com/

WildFire & Office Documents/PDFs - Limitations?

We currently use Wildfire on "PE Executable" filetypes on our PA-500.

I'm interested in using it against Office documents and PDFs as those are clearly a major threat vector.

Thing is, whatever model of Palo Alto I look at, they all seem to show

Block unwanted traffic on port 1720

Hi,

I have a voice/visioconference system available on the internet (via NAT-ed IP) using H323. So of course the port 1720 is open and reachable from outside, without restriction on IP addresses because users must be able to reach the system from t

Authentication Profiles on Global Protect

Is it possible to have two sets of authentication profile on Global Protect ? One ste of users authenticating through AD and another set through digital certificates only . 

What is the misc field in the threat syslogs supposed to show when the subtype is vulnerability?

Hi everyone, I'm sorry if this has been answered elsewhere-- I'm new to this livecommunity thing so, although I tried to search for an answer before posting-- I may have missed something...

I'm running PanOS 6.1.7 and I can't find anything that exp