This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4228 Views
  • 0 replies
  • 0 Likes

Resolved! CSV Output - Missing Attributes\Columns

I am trying to extract a list of IoC's from MM to pull into a SIEM via CSV lookup. When I connect to MineMeld using this syntax:- https://minemeld/feeds/Bad_IPv4?tr=1&v=csv&f=indicator&f=confidence&f=sources I get a list of indicators, but with no confidence\sources data (see output.png). I can check the same output node ...

apackard by L4 Transporter
  • 5998 Views
  • 2 replies
  • 0 Likes

Change encryption of certificate

Hello there!I have a question regarding the encryption of a certificate. Right now I am using a certificate issued by a Class 2 Certification Authority that is using SHA-1 encryption, but this is not satisfactory. How can I update the encryption type so the certificate uses SHA256 encryption?Thanks and regards

Multi-hop VPN

We have an interesting VPN request that's I have not seen yet. User logs into Global Protect from home and RDP's to desktop on campus. The user then tries to open a Global Protect connection from that campus workstation to get access to another restricted host on campus. The issue we have is when the user tries to connect on the second workstati...

mmeehan by L2 Linker
  • 4113 Views
  • 3 replies
  • 0 Likes

Resolved! Using Minemeld to do FQDN refresh for security rules

So we recently started having trouble with our Palo's saying that the FQDN refresh job finished sucessfully but the items still TTL out and die. While waiting for support to look into it it occurs to me that I might beable to feed Minemeld a list of URL's and have it do the resolution and pump the results back to PAN. Anyone have any experience ...

custom app-id for unknown TCP application

good day,i know that answer might be simple but cannot find correct approach.I have an application which identified as unknown-TCP and i have created pattern for it with few conditions.now I have discovered that some devices behave different way and my pattern order not match, so I think to identify app based on first string in ASCII format.for ...

SinOPtik by L1 Bithead
  • 4738 Views
  • 2 replies
  • 0 Likes

WEIRD BEHAVIOR FROM PA 3220!!

Dear experts, I am moving from PA3050 to PA3220. I did export the current configurations from the old PA3050 and imported to the new PA3220, i committed successfully, but when i migrate cables from old device to the new one i get random issues! like some zones are not reachable, like i have ping to internet and telnet and traceroute but i can't ...

PA3200系列防火墙IPv4&IPv6共存设置

各位朋友,现在有这么一个网络环境,公司网络出口部署PA3260,运营商原来分配的公网IP是IPv4地址,但现在运营商分配的是IPv6的地址,想请教各位有没有什么方法可以在内网(内网为IPv4的环境,公司有对外提供服务的服务器)变动不大的情况下出口IP顺利替换成IPv6的地址,之前本来想做一个NAT转换的,但是好像只能做NAT64,不知道新版本PA是否能做NAT46,或者有没有其他更好的法子,请各位朋友不吝赐教,谢谢!

amos.yan by L0 Member
  • 3182 Views
  • 1 replies
  • 0 Likes

Question about number of Daily IoC update

Hi Team, I have a customer who use autofocus with minemeld and receive IoC feed to splunk through minemeld. I have a question about number of Daily IoC update. To our presentation, Daily update is over 230K from wildfire which one of threat feed in Autofocus but, I set minemeld as below picture(most of prototype I set) and I'm receiving IoC ...

jilim by L1 Bithead
  • 3937 Views
  • 1 replies
  • 0 Likes

Resolved! Syslog Miner -> DAG Output

Is it possible to chain a syslog input\miner to a DAG output? Scenario is I'd like to forward critical Threats to MineMeld to block the source address permanently (or at least longer than the max 3,600 seconds available as a block-ip IPS action) by bouncing back a DAG update (or failing that by adding to an EDL source etc). I have a way of d...

apackard by L4 Transporter
  • 3392 Views
  • 1 replies
  • 0 Likes

Installation Problem - mindmeld-ansible CentOS 7 - var/run/minemeld/minemeld.sock no such file

Ran through Install: $ sudo yum install -y wget git gcc python-devel libffi-devel openssl-devel $ wget https://bootstrap.pypa.io/get-pip.py $ sudo -H python get-pip.py $ sudo -H pip install ansible $ git clone https://github.com/PaloAltoNetworks/minemeld-ansible.git $ cd minemeld-ansible $ ansible-playbook -K -i 127.0.0.1, local.yml $ usermod -a...

Monitoring Input Miner Health via API

Just in case anybody else needs to monitor node health (and happens to use a PowerShell-based monitoring system), this may help: https://gist.github.com/hkelley/8a37ec06d3f17ad7117f7d79c233f709

Resolved! MineMeld Install on CentOS 7 with Ansible: NPM Issue

Hi All, Install of MM on CentOS 7 (via Ansible playbook) is failing during the step "minemeld : npm install" with a an error around the node-sass package. the verbose outbout from npm-debug.log is below. I've tried a few different things including installing this with Node versions 6, 7, and 8 and can never seen to get this step to work. T...

Native Vlan for Trunk Ports

I am always a creature of habit with my trunk ports having a different native vlan than "vlan 1". Does a native work with PA? if I set my trunk to the PA as native vlan 999 is there a need or method to set same native vlan on the PA? Is there even a need to do this? What mgmt traffic would pass from switch to PA over a native vlan if any?

Resolved! Unable to logon to the firewalls using the AD account

Hello, I have setup LDAP authentication for login purposes, the server profile has been created along with the authentication profile, user group mapping (which searches for an AD group) and the administrator which uses the authentication profile. However I am unable to logon to the firewalls using the AD account, when I check the system logs fo...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks