General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! How to correctly visualize groups and users in security policy

Hi everyone

I’m working with a Palo Alto 3250 (Pan-OS 8.1.1).

I made integration with LDAP, and configurated group mapping setting.

My problem is when I want add any group or user in a security policy the object appear like cn=Admin,ou=groupadmin,dc=exa...

Resolved! Can't create Nat rule using more than one source address

Hi all,

I'm trying to create Nat rule for source translate when the source is address group and it will not be bi-directional.

The address group include 2 address from objects.

The source translate is Static-IP tried to put object and specifric IP add

...

Resolved! Autofocus Mindmeld whitelist microsoft

I'm running into an issue where I can pull in indicators from autofocus by creating a minemeld miner, the only problem is that I am getting a lot of windows.com and microsoft.com domains in the list. I've had the search from autofocus entered as mal

...

User-ID Agent

I have the User-ID agent on one of my domain controllers and I have the firewalls set to get the ID from that and it gets some ID's but doesnt seem to get all. So I thought maybe add active directory and exchange server monitoring.

But I get errors

...

To force client to switch to internal network

Hello all

we have mobile clients with GP which use corporate notebooks at home .It was configured user logon option to force the notebook to connect through GP when it connects to home WI-FI

When the same worker comes back to workplace and plugged in

...

Installation Problem - Ansible

I'm trying to build a new Minemeld box on a fresh install of Ubuntu 16.04 (also tried Centos too) and wehn I run the ansible installer I get to a poin tthen the installer fails with this output, any ideas what's wrong?

FWIW, I've tried installing a

...

Resolved! mapping issue

Good Day to everyone.

I have this issue almost every day. It doesn't happen with all users at one time.

After restart, everything is working as it should work.

I have probe enabled(20 minutes) and Enable User Identification Timeout(720 minutes).

What can

...

Resolved! URL Filtering

I changed some rules around to secure things a little more. I need to allow Netflix/YouTube either by user or subnet because it is now blocked with my changes. What is best practice to create a new policy to do so? I currently have a staff and studen

...

Resolved! celery-worker 100% cpu usage

Hi

I've had 100% CPU usage from the celery-worker processes for a few weeks now, I spent some time trying to resolve this but without resolution.

I'm using a standard Ubuntu 14 appliance build.

The issue is a looping of emerging threats downloa

...

Importing o365-api-any-any.txt

I'm trying to append o365-api-any-any.txt to my existing config.

The top 5 miners are displaying a red x thus I can't append them. If I remove them I can append however then I can't commit as they're missing.

What am I doing wrong? Sorry, new to mine

...

Global Protect LSVPN Dual ISP Redundancy

I'm working on configuring a GP LSVPN Hub in our data center with dual ISP's for redundancy. I'm having some trouble finding a best practice guide for this type of configuration. Can anyone give some incite to this configuration? Can I acheive thi

...

Resolved! stdlib.listIPv4Generic and range format

I'm feel like I'm being a bit obtuse here, however I can't figure this out. The stdlib.listIPv4Generic miner allows for either cidr or a range. However when I enter x.x.x.x-x.x.x.x it doesn't like this format. I've also tried things like x.x.x.[x-x]

...

Mindmeld Whitelist Help (URL Filtering)

We have certain URL categories blocked with our PA firewalls. However, we need to setup a whitelist so we can unblock specific URLs that are in a blocked category. We want to use Mindmeld.

Does anyone have good directions how to set up a whitelist

...

EBL size limit - sorting output feed

I'm using a minemeld server to generate an external dynamic list for a PA-5220 runing version 8.1.4. The dynamic URL list exceeds the 50,000 entry limit.

I've seen other posts recommending to use URL parameters to limit the list to the first 50,00

...

General troubleshooting for Office 365

I have set up the feeds, and the EDLs and added the EDLs into a policy.

Whenk I run the command in the CLI "request system external-list show type url name o365-URLs", I retrieve the list in the PA firewall, and the list there matches the list in

...