General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How to know what output and processors to use?

Hello! Forgive me if this is too broad of a question, or something that i had overlooked, but i am still quite new to using MineMeld and i've ran into a few issues where i apparently had used the wrong processor or output node, and people have correc

...

mjanik01 by L1 Bithead
  • 1555 Views
  • 0 replies
  • 1 Likes

config on passive & pushing to active ?

Dear All,

 

As I have always been practicing to do the configuration and changes on the primary device and then it is its responsibility to push the configuration on the secondary device but as I have also been seeing people to do the configuration on

...

Gchander by L1 Bithead
  • 3488 Views
  • 3 replies
  • 0 Likes

PAN-SA-2019-0020 ... really?

Hello Paloalto Team

 

Last thursday you published the securityadvisory for a critical RCE vulnerability and today you notified the customers again with an "Action recommended" article here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Actio

...

Remo by L7 Applicator
  • 4423 Views
  • 2 replies
  • 0 Likes

session end reason threat

 

We have vendor traffic coming to PA and session end reason is threat.

Under threat i can see the threat id number

They are lot of them

 

For easy way I have disabled the security profile vulner protection for that rule.

 

Need to confirm by doing this PA

...

MP18 by Cyber Elite
  • 5447 Views
  • 1 replies
  • 0 Likes

Threat log types

 

For threat logs in PA  i see below options

 

( subtype neq vulnerability ) and ( subtype neq spyware ) and ( subtype neq packet ) and ( subtype neq scan )

 

need to know if this makes sense ??

 

where vulnerability is part of vul protection scecurity prof

...

MP18 by Cyber Elite
  • 2319 Views
  • 1 replies
  • 0 Likes

Unable to get into maintenance mode

Hello All,

I was in the process of upgrading our firmware of our PA500 to 8.1 and when the device rebooted, it did not want to come back online.  Checked the startup and noticed I was getting this error message.  I did read online that it might be an

...

jsuttor by L0 Member
  • 3713 Views
  • 3 replies
  • 0 Likes

Critical system logs

Hello,

I'am planning to install a monitoring tool, and i need critical system logs generated by the PAN-device. Is there any docs that mention it?

Regards.

asia by L3 Networker
  • 6654 Views
  • 8 replies
  • 0 Likes

TAXII into Proofpoint TRAP - Minemeld Output

I am trying to integrate MineMeld and Proofpoint TRAP. It should be relatively simple and feel I am overlooking something.

 

The first step was easy. Create an output using stdlib.taxiiDataFeed.

Because this is the community edition auth is turned of

...

Romans6 by L1 Bithead
  • 2207 Views
  • 0 replies
  • 0 Likes

Resolved! Connecting WildFire Private Cloud to firewall

When connecting WildFire Private Cloud to firewall (Device > Setup > Wildfire), It appears that we can only add one (1) appliance IP address. However with a cluster there's more than one appliance.

1) Should this be the management IP address of the Pr

...

Minemeld Log Location

Using Minemeld and I have miners, aggregators and output configured. I want to be able to get as much details from the indicators into a log server or even Splunk. Where would I find these logs? See below:

 

 

 

Capture.PNG

Resolved! Disabling HA

Hi Community,

 

Does disabling HA using the master switch ( Device -> High availability -> general -> setup ->enable HA checkbox) will cause the interfaces to go down and up ?. I understand that the interface mac has to be changed from virtual to physi

...

Resolved! MineMeld engine failed to start.

I was attmepoting to configure Minemeld to pull AWS ip addresses, but nothing happened when I hit commit. I noticed the Supervisor had stopped, and came across this earlier article. I issued the commands:

sudo service minemeld stop sudo service minem...

  • 24298 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels