Correlated Event Log Fields Lacking

Is it me or is there no way to include the actual URL that was accessed by a network source in a "Correlation Log" event (v9.0.9 firmware) . From what I can tell on, other than a generic message like "Host visited known malware URL (X times)". It wou

How to pull Custom Reports using API

Hi all,

I have created some Custom Reports by GUI, query: action allow & addr src=<IP_address>.

Now I am trying to pull those Custom Reports via API, but I cannot find documentation for this.

Can anyone please let me know how to pull created Custom Repo

Panorama Confusion

I have a PA-3020 V8.1.7 and Panoram V8.18 VM (ESX)

I simply require Panorama to both manage the 3020 and collect it's logs.

I have tried to follow endless instructions on how to achieve this but now seem to be struggling with different Panorama modes

FAILOVER IP with PALOALTO

Bonjour,

Je suis nouveau sur ce forum veuillez m'excuser si je suis dans la mauvaise catégorie du Forum.

Nous possédons 2 routeur PALOALTO series 800 en HA ACTIF/PASSIF.

Vu que nos switch's ne sont pas compatible avec le NLB (Network Load Balancing de

Minemeld log retention control

Hi All,

I have setup minemeld for create O365 feed, however find that it will stop logging after default 7 day retention period. I have tried to change the retention period, however the log still stopped after the retention period, any idea to conf

Traffic and Threats not visible in Panorama Monitor despite logs are send from FW to Panorama

It's a while since our system of 3 HA Palo Alto Firewalls stopped showing logs in Panorama. 

The logs are generated and forwarded to Panorama as in next two pictures:

Panorama-receiving logsOne of FW sending logsTraffic and Threats not visible

On one

VM100 Base config CLI only

HI all,

Hope i can find someone amazing out there.

We have a VM100 that can only be configured from CLI as the provider that does not support any way to access a VM or webUI

I spent 4 hours on the phone with Palo Alto support and they could not help me

GlobalProtect agent download speed very slow

I am on a 3220 8.1.10 and agent version 5.0.5. Downloading the agent from the portal is very slow; usually less than 1M. Network, upload speeds, etc. checks out, so it appears to be just downloading the agent. Portal and gateway config is using loopb

List alarms through XML API or REST API

Hello,

I want to list alarms that occurs on a VM-50 Firewall and I don't know how to do it. With the ssh CLI, it's possible to list many log types as config, threat, wildfire and alarms. But with the XML API, I can list some logs, threat or config by

When will WildFire support Win10 VMs for analysis?

Hey guys,

Do we have any info when will WF support Win10 VMs for Malware Analysis?
I have done some some pre-sales presentations to our customer for Cortex XDR and mentioned the cool built-in feature for malware analysis, however, customer pointed out

Two different company VPNs on same home network

My wife and I both work from home and both companies utilize GlobalProtect. Since my wife updated her GlobalProtect software we have ran into an issue where we both can't be on at the same time. My wife only has U.S. gateways and we found out after m