PA-7050 policy does not show anything in rule usage column "Apps Seen"

 I noticed that all our PA-7050 PAs don't show anything in rule usage "Apps Seen" column for rules that are supposed to see many apps. It is not a problem on other models. Any idea?

OKTA SAML panorama authentication?

Trying to get this working and I am able to authenticate using OKTA SAML  via the button on the login screen but when I do (after entering u/p on the OKTA page) it redirects me back to the Panorama login page.  I see PAN_AUTH_SCUESS SAML on the CLI b

Custom Snort Signature

creating a custom snort signature on Palo alto Firewall but didn’t found the concern context operator for match pattern.

Shall we create a context operator or how it can add the pattern if the context operator is not available?

For example:

alert tcp $

Can we add other security device in Panorama?

Hi,

I am seeking information on whether we can add any other security device in Panorama or not like Cisco firewall, Fortinet etc. or only Palo Alto firewalls can be added?

Please share your information.

Thank You,

Azeem

TS Agent - System Source Port Allocation Range Registry Key

Hey,

the following text you can find on this page:

The System Source Port Allocation Range and System Reserved Source Ports fields specify the range of ports that will be allocated to non-user sessions. Make sure the values specified in these fields d

Unable to export ACC last-60-seconds stats

Hi,

I'm looking for a way to export regular per-IP bandwidth usage stats in a human-readable format. I have found out that it's possible to get this in .xml via REST API. I'm trying to create a top-src-summary for the period of last-60-seconds. This h

SWIFT ISAC TAXII Feed

Hi guys

I’m’ just curious – SWIFT has offered recently for all members TAXII interface to poll IOCs via  https://taxii.swift.com/taxii

Feed is not open for everybody – each member must request access to it individually, so it’s not easy to test i

GlobalProtect IOS split tunnel routing incorrect traffic

PanOS 9.1.4, GP client 5.2.7-6. 

We have a split tunnel configuration with only 2 internal /32 addresses added to the access route include list. We regularly see traffic from GP clients destined for Internet IP addresses hit the Palo over the client t

Searching for rule with empty "description" field in the ruleset

Dear community

I am looking for a way to filter all rules without any value in the description field. We use this filed to reference the incident number which has been raised to request a security rule. And by policy we are not allowed to have any ru

Need assistance with fixing weak Ciphers via Panorama cli

Hi 

I wanted to update weak ciphers on a PA-VM using the document below, I wanted to apply the change via Panorama but I don't see the correct config to apply.

I have tried the following:

>set cli config-output-format set

#set template "template name" c

After upgrade Panorama from 8 to 9 Panorama stopped sending GP-logs to Qradar syslog server.

Before the upgrade everything was working just fine, now after upgrade still I can see the GP-logs sent from the Firewalls to Panorama, but Panorama still unable to sent those logs to Qradar syslog server. Connectivity between the 2 devices is good.

I