General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Regex expressions/appending to output txt

Hi,

 

I'm fairly new to Minemeld so trying to figure out a few things I seem to be stuck on. We currently pull Office365 URLs into Panorama as an EDL and I am trying to append a \ to the end of every URL in the EDL within Minemeld. I went over the do

...

MoeJomha by L0 Member
  • 2002 Views
  • 0 replies
  • 0 Likes

Importing o365-api-any-any.txt

I'm trying to append o365-api-any-any.txt to my existing config.

 

The top 5 miners are displaying a red x thus I can't append them. If I remove them I can append however then I can't commit as they're missing.

 

What am I doing wrong? Sorry, new to mine

...

Chad00 by L0 Member
  • 3311 Views
  • 4 replies
  • 0 Likes

Using MineMeld to block ads

Hi,

I've just setup MineMeld (MindMelt ;-)) in my environment. The installation (XenServer/Ubuntu/MineMeld) and configuration was quite straightforward and easy.

Then I have configured the Office 365 lists and connected them on th PaloAlto Firewall.

...

NAT Through VLAN interface to 2 VRRP Routers

I would like to do a static 1:1 NAT through a VLAN interface to two Cisco routers for redundancy.

 

The Cisco routers will be running VRRP to provide a virtual IP address to the PA firewall.  The PA will be connected to both routers through a different

...

DoDo1975 by L0 Member
  • 922 Views
  • 0 replies
  • 0 Likes

Global Protect LSVPN Dual ISP Redundancy

I'm working on configuring a GP LSVPN Hub in our data center with dual ISP's for redundancy.  I'm having some trouble finding a best practice guide for this type of configuration.  Can anyone give some incite to this configuration?  Can I acheive thi

...

lerewrya by L0 Member
  • 2557 Views
  • 1 replies
  • 0 Likes

Resolved! stdlib.listIPv4Generic and range format

I'm feel like I'm being a bit obtuse here, however I can't figure this out. The stdlib.listIPv4Generic miner allows for either cidr or a range. However when I enter x.x.x.x-x.x.x.x it doesn't like this format. I've also tried things like x.x.x.[x-x]

...

chirss by L3 Networker
  • 2346 Views
  • 1 replies
  • 0 Likes

Mindmeld Whitelist Help (URL Filtering)

We have certain URL categories blocked with our PA firewalls. However, we need to setup a whitelist so we can unblock specific URLs  that are in a blocked category. We want to use Mindmeld.

 

Does anyone have good directions how to set up a whitelist

...

EBL size limit - sorting output feed

I'm using a minemeld server to generate an external dynamic list for a PA-5220 runing version 8.1.4.  The dynamic URL list exceeds the 50,000 entry limit.

 

I've seen other posts recommending to use URL parameters to limit the list to the first 50,00

...

dhenke by L1 Bithead
  • 2245 Views
  • 1 replies
  • 0 Likes

General troubleshooting for Office 365

 

I have set up the feeds, and the EDLs and added the EDLs into a policy.

Whenk I run the command in the CLI "request system external-list show type url name o365-URLs", I retrieve the list in the PA firewall, and the list there matches the list in

...

Minemeld.JPG

Updating MineMeld

Hi Guys

 

I am running 0.9.48 and want to get to 0.9.50+ to utilise the latest Office365 feeds.  I have checked the old method and I don't have the auto update utility installed 

/usr/sbin/minemeld-auto-update

 If it try this method as suggested

sud...

Custom search filters for Anomali

Hello,

 

Is it possible to configure the Anomali miner to allow for custom queries? For example, in threatstream, I like to search for the following string in Analyze -> Observables. How can I configure the anomali.opticAPI miner to allow for this?

 

((...

otlaP5 by L0 Member
  • 1889 Views
  • 1 replies
  • 0 Likes

Minemeld installation errors on ubuntu 16.04

Hi,

 

I'm trying to setup a new installation of Minemeld using the cloud installer and am seeing the following errors. it appears the Minemeld install never completes. I'm not well versed in ubuntu so any help is appreciated.

 

The following packages

...

neuadmin by L1 Bithead
  • 10429 Views
  • 19 replies
  • 0 Likes

Failover Link Monitoring too long

Hello guys,

 

I have 2 plao alto configured with HA Active/passive mode.

 

On both firewall, I configured link monitoring on link group with ethernet 1/11 and ethernet1/13 that are aggregated on Ae1 with condition "ALL". Those interfaces are plugged to a

...

Issue passing traffic thru PA 500

Hello I'm not very proficent in configuring PA and been trying for 3 weeksto do it. So now I figure I ask for help and learn something in the process. So my network layout: I have a Cisco ASA that is pointed towards the internet and is doing NAT/PAT

...

Top Solution Authors
Top Liked Authors