Tagging in Cortex XDR

Hello,

Can you please tell us the way how we can TAG certain endpoints?

What are the steps to tag?

User-ID: User-IP mapping is 'unknown' for some AD users

Hi Everyone,

We are facing issue with Agentbased User-ID agent 10.1.0-21 and the PanOS version 10.0.1

User-IP-Mapping shows unknown for some of the users.

>show user ip-user-mapping ip x.x.x.x

IP address: x.x.x.x (vsys1)
User: unknown
From: Unknown

Vulnerability Protection profile alters APP-ID behavior

Hello everybody,

  while writing some articles on our company wiki, I found a strange behavior of the firewall. This is my environment:

PA model: PA-820

PAN-OS version: 10.1.8

APP/Threat version: 8653-7756

Decryption: SSL inbound enabled

I have

How to get AV definition of multiple machines at one go

Hi Team, 

I'm checking one incident where I got multiple machine names. Now I want to check AV details of all the machines at one go. I'm using "sep-endpoints-info" automation to get those details. It is working fine when the input is only one mach

Error: Unable to invoke scripts/commit-p1.py for dlp

Hi everyone, 

I had an error when commit the change in Palo Alto firewall. How can I resolve that problem?

My PA firewall uses IOS 10.2.2.h1

reverse proxy key 'abc.com' doesn't match certificate issued to 'abc.com'

How do I find from the firewall which backend server is not matching the certificate/key here. Alert doesn't give much information. We have about 20 servers behind with inbound decryption.

Global protect route issue with macbook

Background information

Where I’m currently living right now in a apartment complex there is a central internet network that I do not have access to these devices(Ubiquity). Lately I’ve been working a lot from home and sometimes I need to connect throu

How to request a new URL category?

We recently switched to GlobalProtect from another solution which also had DNS content filtering built in. It had alot more content categories which we are finding is generating alot of tickets due to blocks for items allowed in our old system. How c

How to delay playbook task execution

Hi,

Can anyone help me on how to pause the playbooks tasks? 

eg: I have task A which is used to run a scan on machine and then the next task B will get me the result of that scan completion details. Between these two tasks, I need some delay time b

Cannot ping interface, IP or defaul gateway from PA 500 to Cisco switch

Hi all , 

I set up PA 500 to connect to Cisco layer 3 switch. I cannot ping any website or the IP  from PA 500 except the Ip address assigned from Comcast. I look on the NAT, security and virtual routing but nothing wrong. 

1. I plug my comcast rou

How to Uninstall Cortex with disabling anti-tampering protection

Hi All,

Anyone can help how to uninstall Cortex XDR with disabling anti-tampering protection?I am trying to uninstall from SCCM and due to the anti-tampering protection, it require password to disable the protection first before i can proceed with