General Topics

Discussions

Sorted by:

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

minemeld and feeding info via CEF into ArcSight

Can you select formatting or would I need to create a wrapper that manipulates the data pushed by minemeld to forward in CEF? Glad an opensource community on this exist for this. Additionally I need an rpm based package or just a way to compile fro

...

SHA256 and MD5 hash information not sent with CEF Output

Hi Team,

I am seeing strange behaviour the Minemeld instance onsite is seeing Hash values that have been generated from Autofocus custom query using AF+MM instance.

Setup:

AF+MM - 1 Miner --> 1 x MD5 / 1 x SHA256 Processors --> 1 x Output MD5

...

Resolved! nobody user and nginx

show system resources

15017 nobody 20 0 260m 10m 2340 S 0.0 0.3 1:51.05 nginx
15018 nobody 20 0 260m 10m 2336 S 0.0 0.3 1:52.62 nginx
15021 nobody 20 0 259m 10m 2092 S 0.0 0.3 1:21.27 nginx
15133 nobody 20 0 252m 15m 3476 S 0.0 0.4 1:39.49 nginx
15134 n

...

Collector group Forward to all collectors in the preference list

We have 2 M500 working as dedicated log collector.

Under panorama ,collector group, general i see option

Forward to all collectors in the preference list this is not checked?

what is the function of this?

Regards

Mike

Resolved! wildfire local analysis

Does WF local analysis file types is same which go to public cloud?

Minemeld crash

Hi,

I have the Minemeld automatic update. Since a few weeks, the service is failing and does not stop restarting or just does not work. I do not know if it is because it has been updated or there is a mining, etc. what makes it fail.

The Ubuntu

...

No Statistics on Log-Collector local to Panorama

I have an active-standby M-500 setup

Local-log connectors in one device group have been configured

i have also enabled multi interface on the panorama, mgmt has collector group communication only. Log collections is enabled on eth1

have configured log

...

Resolved! Wildfire automatically updates and PA components

Need to confirm WF every 5 mins updates below

Anti spyware

url filtering

vun protection

Resolved! moving old traffic logs to Panorama

Seems we forgot to configure log forwarding on one of Firewalls and now we do not see any logs in Panorama

I was reading this link below

https://www.paloaltonetworks.com/documentation/80/pan-os/cli-gsg/use-the-cli/use-secure-copy-to-import-and-expo

...

Resolved! Active-Passive pair takes long to show the status when one is rebooted.

Folks,

Our Active-Passive pair takes too long to show the status(i.e. active or passive) when one of the firewall is rebooted.

i.e. as of now things are running fine, but if I reboot the passive firewall it will take a very long time to once again com

...

Can you use a URL directly in security policy?

I am trying to creat a basic security policy allowing ftp access to a list of url's. I know that I could do URL filering & white list the urls & add the profile to the security policy but can you put a url directly in the destination address field?

...

Resolved! Allowing Management profile to Physical Interface

If we allow Management PRofile to Physical interface but not to Subinterfaces will be able to access the Firewall?

Resolved! Physical interface zone assignment

Hello guys,

one really simple question, I hope.. when I configure subinterfaces and put them in separate zones, do I necessarly have to put also the physical interface in a zone?

If yes, could be some sort of null zone created only for that?

Thanks