MineMeld upgrade process from cloud

Hello!

We have MineMeld directly on our Autofocus web service, and it shows currently that it is on version 0.9.44.post1 (AF), and after doing some reading it seems that there are a few versions after that. I have seen a lot of posts and walk throu

HA Setup

I have firewall in HA(A-P) mode.

If device priority is same on both , will there any delay in switching A-P role during failover activity ?

How to know what output and processors to use?

Hello! Forgive me if this is too broad of a question, or something that i had overlooked, but i am still quite new to using MineMeld and i've ran into a few issues where i apparently had used the wrong processor or output node, and people have correc

config on passive & pushing to active ?

Dear All,

As I have always been practicing to do the configuration and changes on the primary device and then it is its responsibility to push the configuration on the secondary device but as I have also been seeing people to do the configuration on

PAN-SA-2019-0020 ... really?

Hello Paloalto Team

Last thursday you published the securityadvisory for a critical RCE vulnerability and today you notified the customers again with an "Action recommended" article here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Actio

session end reason threat

We have vendor traffic coming to PA and session end reason is threat.

Under threat i can see the threat id number

They are lot of them

For easy way I have disabled the security profile vulner protection for that rule.

Need to confirm by doing this PA

Threat log types

For threat logs in PA  i see below options

( subtype neq vulnerability ) and ( subtype neq spyware ) and ( subtype neq packet ) and ( subtype neq scan )

need to know if this makes sense ??

where vulnerability is part of vul protection scecurity prof

Aplication Dependency commit Warnings after 8.1.8 upgrade

Hi,

Recently we had to upgrade our customer PA-3050 from a 8.0.10 to 8.1.8 version.

After we did it everything works fine, but when they did a commit of the configuration a lot of Aplication Dependency commit Warnings appears:

We check all the policies

Unable to get into maintenance mode

Hello All,

I was in the process of upgrading our firmware of our PA500 to 8.1 and when the device rebooted, it did not want to come back online.  Checked the startup and noticed I was getting this error message.  I did read online that it might be an

Critical system logs

Hello,

I'am planning to install a monitoring tool, and i need critical system logs generated by the PAN-device. Is there any docs that mention it?

Regards.

Overlaping subnets in IPsec VPN between palo alto firewalls hosted in AWS VPC,need help to configure

We have 2 VPC each having Palo alto VM-100 hosted in AWS ,both VPC are having overlapping subnet and we are try to setup ipsec site to site vpn ,kindly let me know the fesable configuration solution with configuration example if possible.Thanks .

TAXII into Proofpoint TRAP - Minemeld Output

I am trying to integrate MineMeld and Proofpoint TRAP. It should be relatively simple and feel I am overlooking something.

The first step was easy. Create an output using stdlib.taxiiDataFeed.

Because this is the community edition auth is turned of

Minemeld Log Location

Using Minemeld and I have miners, aggregators and output configured. I want to be able to get as much details from the indicators into a log server or even Splunk. Where would I find these logs? See below: