Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Is Minemeld suitable to be a taxii server? Can setup the output to send to taxii clients? Any steps for guidance pls
I understand that for an EDL of type URL, the format is either
company.com
*.company.com
This will include any additional subdomains, whether at the beginning or the end of the URL.
Regarding the forward slash, will a URL like the following be a val
...
We have recently upgraded our HA firewall cluster (PA-3020) from 7.1.22 to 9.1.6 following the suggested upgrade path by PA.
We have captive portal in place, before the upgrade, all our corporate windows 10 laptops as soon as we power them on, they us
...
Hi guys,
I believe the MISP miner for Minemeld needs a re-visit. None of the tagged indicators are being pulled by Minemeld from our MISP instance. I think there are a lot of changes to the current API as compared to the ones used by the current mine
...
Hi Team,
what is the recommended/ best practice logging option for policies with action set as deny/drop? is it "log at session end" or "log at session start"?
Hi,
Can we achieve the following points,
1.Required only our office domain user can able to access upload/download file
2.Hotmail user can only access for downloading / uploading block
3.Another domain user (Guest user) only downloading the file uploa
Is it possible to use a template variable in the PBFs next hop ip address field?
PBF variable
Using 9.0.11
Hello All,
I installed minemeld on aws instance, when I am trying to logging getting "Error checking credential: bad gateway". I checked Minemeld services and getting error as :
minemeld-engine FATAL Exited too quickly (process l
...
Hi Guys,
I am seeing a ton of "generic:<random-url>" hits in my threat logs under the spyware category for DNS queries from my email spam filter server out to the world. I have DNS security set up on the Palo so they are being sinkholed, but there ar
...
Hello Community,
I hope you will be kind enough to share your wisdom on the Minemeld performance tuning.
We are using Minemeld v.0.9.70 containerized instance, connected to the MISP containerized instance and QRadars (a bunch of them) via QRadar TI a
...
Just wondering what is best practice for this?
We have a /29 on our outside interface. We are using the IP assigned for client NAT translation.
Over the coming months we’ll be configuring several VPNs to the same cloud provider.
Should these terminate
...
I have a consultant who is asking if the Global Protect VPN would connect with an OpenVPN-based client? I suspect he is working from a Linux PC.
does Palo support it?
We have a Security Policy Rule with Application rabbitmq, and Service is application-default. In the same Security Policy Rule, we allowed the dependant applications amqp and SSL. When we test traffic, in the Traffic log, we see it matching the zones
...
Hi Guys,
Our company has recently made several acquisitions. All of them have non-palo alto firewalls. We will be migrating each of non-palo firewalls to our palos.
Now, for migrating the rules, we are using expedition.
But, some of them have overlapp
...
Does MM have the ability to remove HTTP:// and/or HTTPS:// from a list of URL's before creating the output file for EDL?
TomYoung
on:
how can i create a PBF rule to send traffic to a http/https proxy?
TomYoung
on:
Confused about QoS on Palo, need some assistance.
TomYoung
on:
Static Port Address Translation question
TomYoung
on:
what is the cli command for checking last failover
reaper
on:
SSL inbound inspection certificate issue
TomYoung
on:
One Global Protect Portal and Two Global Protect Gateways in One Firewall
