Source user missing from log

I have user mapping configured under user identification to monitor my AD servers - which are showing as 'connected'. My trust zone has user-id enabled. My globalprotect clients are in the trust zone. Their 'source user' correctly shows in the traffi

Can't update Global Protect through the NGFW (5.1.1 - 5.1.5)

Hi,

I have the problem that, running GP 5.1.1 I get the message that there is a newer GP Version (5.1.5) available.

But when I try to update, the update is not working.

The Debug Log shows:

(T8312)Info  ( 604): 07/08/20 07:41:15:329 #### updater start

vwire setup in active-active mode with port-channels

I am trying to add a pair of PA 850's in vwire mode between a Cisco ASR1001 router and a nexus 6k over that has a port-channel configured. I setup the PA interfaces as a vwire , setup the zones, and polices. Am I suppose to aggregate the interfaces o

Virus/Win32.WGeneric.alpvzn - OneDriveSetup.exe detected in threat logs

@hisingh 

Hello,

Palo alto has been released a new signature Virus/Win32.WGeneric.alpvzn
Name: Virus/Win32.WGeneric.alpvzn
Unique Threat ID: 354554856

We are getting Virus alerts in the Threat log for OneDriveSetup.exe.
is that false positive?
how can I sto

Panorama - Remote PA52xx

I have not had much hands on with Palo Alto in particular Panorama but I would like to ask for some help -

We have Panorama at our central Data Center which is used to Configure our remote PA52xx's. 

If Panorama is used to apply policy to a firewall a

Need stdlib.aggregatorIPv4Generic to provide single IPs instead of IP ranges

Hello all,

I am trying to use Minemeld in a setup with Microsoft Sentinel (Microsoft Graph). 

I am encountering an issue with entities of type IP, as they are getting  in my log analytics space as IP ranges, mentioned in the "ExternalIndicatorID" alo

VPN up but traffic not matching outbound policy, inbound policy is working

Recent new VPN tunnel is up with Azure.  I can see traffic matching zone VPN-S2S > trust but anything from trust > VPN-S2S zone is not matching that specific policy.  The oubound traffic is matching the blanket outbound policy and I can't figure out

Block layer 4 traffic for destination blocked on URL filtering

We have a very peculiar situation. There is Azure public PaaS environment connected over express route and we have a Palo inline. Now the destination ip/subnet range is dynamic but we just end to allow few specific URLs. It was all fine where we had

PAN-OS 9.0 URL DB manual Download not available

Hi,

not sure if I to stupid to find it, but after upgrading to PAN-SO 9.0 there is no more option under Licenses URL DB to download the URL DB manually. 

In an Active/Passive Cluster the Active Firewall downloads the URL DB every few hours, but the p