General Topics

Unable to export ACC last-60-seconds stats

Hi,

I'm looking for a way to export regular per-IP bandwidth usage stats in a human-readable format. I have found out that it's possible to get this in .xml via REST API. I'm trying to create a top-src-summary for the period of last-60-seconds. This h

SWIFT ISAC TAXII Feed

Hi guys

I’m’ just curious – SWIFT has offered recently for all members TAXII interface to poll IOCs via  https://taxii.swift.com/taxii

Feed is not open for everybody – each member must request access to it individually, so it’s not easy to test i

GlobalProtect IOS split tunnel routing incorrect traffic

PanOS 9.1.4, GP client 5.2.7-6. 

We have a split tunnel configuration with only 2 internal /32 addresses added to the access route include list. We regularly see traffic from GP clients destined for Internet IP addresses hit the Palo over the client t

Searching for rule with empty "description" field in the ruleset

Dear community

I am looking for a way to filter all rules without any value in the description field. We use this filed to reference the incident number which has been raised to request a security rule. And by policy we are not allowed to have any ru

Need assistance with fixing weak Ciphers via Panorama cli

Hi 

I wanted to update weak ciphers on a PA-VM using the document below, I wanted to apply the change via Panorama but I don't see the correct config to apply.

I have tried the following:

>set cli config-output-format set

#set template "template name" c

After upgrade Panorama from 8 to 9 Panorama stopped sending GP-logs to Qradar syslog server.

Before the upgrade everything was working just fine, now after upgrade still I can see the GP-logs sent from the Firewalls to Panorama, but Panorama still unable to sent those logs to Qradar syslog server. Connectivity between the 2 devices is good.

I

Data filtering - email issue

Hello all,

i was configure data filtering and it works.

But i face problems with the mailing. 

When the the fw match pattern it blocks it, but the email stuck in outbox queue  , and the user can not send/receive other emails until the mail is deleted f

Minemeld Crashing, miner tab not loading, RPC timeout exception

Hi,

we have an issue on our Minemeld instance in production. Similar to the issue reported in https://live.paloaltonetworks.com/t5/minemeld-discussions/minemeld-crashing/td-p/289998, minemeld randomly crashes with the following results:

- the green l

Different Actions for Security Rules

Hi Guys,

I would like to know what are the difference between the following actions in the security rules for PA.

1. Deny

2. Drop

3. Reset-client

4. Reset-server

5. Reset-both

Which of these are the most preferred to use? Is deny or drop action also resets

Two IP address from same subnet on an 1 Aggregated Interface

Hello All, 

I am pretty new to Palo Alto, wanted to check if the an aggregated port in PA can be assigned with 2 IP addresses from same subnet, say 1.1.1.2/29 and 1.1.1.4/29. The Idea is the ethernet interfaces 1 & 2 that are be bonded to ae will be

SMB URL File Logging acheivable or not?

Hi Palo Alto Experts,

I want to know if we want to log SMB URL Blocked events then can we do in Palo Alto or not? Basically, the requirement is as below:

Example URL if typed by compromise system is: smb://www.example.com/fileshare/malware.exe

Right