This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4450 Views
  • 0 replies
  • 0 Likes

Now We are Available between 3.00 PM TO 5.00PM EST._reschedule the call

Hi Bharath, Thank you for reaching out and attempting to connect via the Zoom meeting for support ticket ####I apologize for missing the scheduled call. Would it be possible to reschedule the call? Now We are Available between 3.00 PM TO 5.00PM EST. Please let me know a convenient time, and I'll make sure to join. Looking forward to reconnecting...

Panorama Commit Logs with Description

How do you retrieve Panorama Commit Logs that also contain the 'Commit Description' field that gets populated? Its viewable in the 'Task Manager', but would like to pull a list from Panorama.

GMasanz by L0 Member
  • 2526 Views
  • 3 replies
  • 0 Likes

Administrator Login using Azure Groups through Cloud Identity Engine

I seem to be finding conflicting info (or none at all) and everything I've tested so far hasn't worked. Is it possible to authenticate an Azure user through Cloud Identity Engine and then give them 'administrator' access to Panorama/PanOS based on their Azure group membership without using the Palo Admin-UI Azure Enterprise App? I have CIE...

Resolved! Modify Security Policy rule - application depends on

when creating rules sometimes you see the "Depends On" in the right side in the Application screen and it lists "websocket or ssl". If I specify specific applications like ms-update or etc and it shows depends on "ssl or websocket" on the right, would I want to add it to the current rule so it would be tied to that traffic since it is noting it ...

Resolved! Migration of HA Pair to Panorama!

Hello Folks, I'm planning to Migration of HA Pair (active-passive) to Panorama, can someone help to understand whether ther will be a service interruption during this phase? HA Pair -> 8.1Panorama -> 8.1 Best Regards,Pradeepkumar

Resolved! Ports Used for Paloalto

Dear Team, First of all, I checked the 'port number usage' provided by paloalto. URL : https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/firewall-administration/reference-port-number-usage However, port information related to 28777, 20077, 47631, and 20177 cannot be checked. It seems to be the port used by dp0 and mgmt when executi...

CHOEKyungJun_0-1669786527691.png

Question About Categorizing Domains to Suppress Correlated Events

Hi all, We are using Palo Alto firewalls in our network, running PAN-OS 10.2.12-h6. When navigating to Monitor > Automated Correlation Engine > Correlated Events, we often see entries like the following: “Host repeatedly visited uncategorized domain (20 times), and performed EXE downloads from these domains.” I would like to flag these dom...

cli error messages during boot

Dear community, after factory resetting one of our pa220s i am seeing multiple error messages during boot up Starting ntpd: [ OK ] FATAL: Module nfsd not found. FATAL: Error running install command for nfsd Starting NFS services: [ OK ] Starting NFS mountd: [ OK ] Starting NFS daemon: [ OK ] Starting RPC idmapd: [FAILED] Starting P...

Resolved! "SMB: User Password Brute Force Attempt detected" on share that is not being accessed

Recently I accessed a SMB share on a corporate Synology device (through the PA firewall). Accessing this share is hardly ever used. Now...days later, after several reboots of the client computer, the Firewall keeps on detecting the "vulnerability" SMB: User Password Brute Force Attempt(40004) This is something I cannot explain. There are no acti...

Resolved! Where did the critical issues page move?

Hi, The below URL was Critical issues page. ---- https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm68CAC ---- Currently, this page shows "Data Not Available".Where did the critical issues page move?

MasaW by L2 Linker
  • 1189 Views
  • 2 replies
  • 0 Likes

CVE-2023-48795 Vulnerability

Hi Community, I have my firewall been exposed to CVE-2023-48795 Impact of Terrapin SSH Attack. Currently, based on the Palo Alto Security Advisories, I could see that PAN-OS version that are above than 10.1.15 are unaffected to this CVE. Upon checking my firewall model which is PA-820, I couldn't see any version listed for 10.1.15 in the softw...

File Integrity Monitoring using Cortex via Corelation Rule

Dear all, I'm looking for FIM on Linux (like etc/shadow), I try with previous conversation use this query: dataset = xdr_data |filter event_type = FILE and (event_sub_type = FILE_CREATE_NEW or event_sub_type = FILE_WRITE or event_sub_type = FILE_REMOVE or event_sub_type = FILE_RENAME ) |filter lowercase(action_file_path) in ("/etc/*","/usr/loc...

Resolved! helps generate an XQL to notify when a USB is connected

I am trying to use Cortex XDR so that when a user connects a USB storage device I receive a notification by email. so far I have used this XQL: preset = device_control| filter event_sub_type = ENUM.DEVICE_PLUG which tells me when any USB device is connected to the endpoints, I added this as a BIOC rule so that when the condition is met it ...

  • 24376 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks