General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 887 Views
  • 1 replies
  • 8 Likes

Taxii Server

Is Minemeld suitable to be a taxii server? Can setup the output to send to taxii clients? Any steps for guidance pls

lemonade by L0 Member
  • 1169 Views
  • 0 replies
  • 0 Likes

EDL URL List Format and Subpages

I understand that for an EDL of type URL, the format is either 

 

company.com

*.company.com

 

This will include any additional subdomains, whether at the beginning or the end of the URL. 

 

Regarding the forward slash, will a URL like the following be a val

...

Captive Portal for Corporate devices

We have recently upgraded our HA firewall cluster (PA-3020) from 7.1.22 to 9.1.6 following the suggested upgrade path by PA.

We have captive portal in place, before the upgrade, all our corporate windows 10 laptops as soon as we power them on, they us

...

UHL by L0 Member
  • 1835 Views
  • 3 replies
  • 0 Likes

Minemeld MISP miner needs a revisit

Hi guys,

 

I believe the MISP miner for Minemeld needs a re-visit. None of the tagged indicators are being pulled by Minemeld from our MISP instance. I think there are a lot of changes to the current API as compared to the ones used by the current mine

...

vedd3r by L2 Linker
  • 2082 Views
  • 1 replies
  • 1 Likes

Resolved! Logging for deny/drop policy

Hi Team,

 

what is the recommended/ best practice logging option for policies with action set as deny/drop? is it "log at session end" or "log at session start"?

  

Query on file blocking profile.

Hi,

 

Can we achieve the following points,

 

1.Required only our office  domain user can able to access upload/download file
2.Hotmail user can only access for downloading / uploading block
3.Another domain user (Guest user) only downloading the file uploa

...

Bad Gateway error

Hello All,

 

I installed minemeld on aws instance, when I am trying to logging getting "Error checking credential: bad gateway". I checked Minemeld services and getting error as :

 

minemeld-engine                  FATAL     Exited too quickly (process l

...

sam2016 by L0 Member
  • 17341 Views
  • 9 replies
  • 0 Likes

Minemeld TAXII performance issues

Hello Community,

 

I hope you will be kind enough to share your wisdom on the Minemeld performance tuning.

 

We are using Minemeld v.0.9.70 containerized instance, connected to the MISP containerized instance and QRadars (a bunch of them) via QRadar TI a

...

Resolved! Open-vpn client for Globalprotect

I have a consultant who is asking if the Global Protect VPN would connect with an OpenVPN-based client?  I suspect he is working from a Linux PC.

does Palo support it?

RabbitMQ App-ID Misidentified

We have a Security Policy Rule with Application rabbitmq, and Service is application-default. In the same Security Policy Rule, we allowed the dependant applications amqp and SSL. When we test traffic, in the Traffic log, we see it matching the zones

...

Best Practices for acquisition

Hi Guys,

 

Our company has recently made several acquisitions. All of them have non-palo alto firewalls. We will be migrating each of non-palo firewalls to our palos.

Now, for migrating the rules, we are using expedition. 

But, some of them have overlapp

...

Resolved! Stripping prepended URL info

Does MM have the ability to remove HTTP://  and/or  HTTPS://  from a list of URL's before creating the output file for EDL?

kwall00 by L4 Transporter
  • 6225 Views
  • 4 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors