This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

MineMeld: What is the difference of Share Level and stdlib name with/without value

Dear All Brothers, I'm a new user to testing the MineMeld, but I cannot find any document to know the detail information. In our environment testing, we would like to implement the Feed List to deny the traffic to a high-risk IP address and our testing, and we find below information is difficult to know the difference. Case: 1. stdlib.feedHC...

Cisco ISE Miner

I noticed that a new Cisco ISE miner has been released with the latest Minemeld 0.9.28. Can someone give a little bit explanation how does this miner works ? is this miner pulling SGTs from Cisco ISE ? if yes, then what does it do with the tags ? Thanks

PBF with Dual ISP. Once Enabled GlobalProtect Clients no longer can connect.

We have setup a PBF to route traffic to a new ISP link we have in case our primary fails. Both ISP interfaces are in one virtual router. Once we change the default route to the Backup ISP and enable the PBF to forward all traffic to the Primary unless it fails, users can no longer connect to our GlobalProtect portal with the GlobalProtect clie...

blohrer by L0 Member
  • 4994 Views
  • 3 replies
  • 0 Likes

Resolved! Anomali Limo Miner Creation

Hello, First, I am not a programmer, so please keep that in mind 😉 I would like to create a miner for the Anomali Limo TAXII feed. The Anomali documentation is not very good: You can also get the benefits of Limo without STAXX. Simply: ​ Configure your TAXII client to point to: https://limo.anomali.com/api/v1/taxii/taxii-discovery-service/ ...

Capture.PNG

Resolved! API documentation

Hi, i want to query Mineneld using the API, in order to get indicators or information about the tool, to automate some reports. For example, i need to know how many indicatores we have added in the last X days, or last month..., how many indicators are in some feed... I know that Minemeld has an API, but I have not found documentation about ...

Routing Between Virtual Routers in Same Firewall

I have two Virtual routers in same Firewall I wanted to allow traffic between the Virtual routers, I configured rules to allow traffic from Trusted L3 zone in VR1 to Trusted zone in VR2 and vice-verse and put them at the top of the rules and also I configured static routes between VR's.The ICMP is working fine I can ping all of network from one...

Jama by Not applicable
  • 20777 Views
  • 8 replies
  • 0 Likes

Autofocus threat indicator timestamp does not tally with Minemeld logs

Hi all, Got a question regards to the time stamp seen on Minemeld logs then I mine samples from autofocus. Take for example, from AF-Ransomware Node in mine meld, I can see a particular hash having a "first seen" and "last seen" with a format of "1531114747953", however, when I search the SHA 256 hash using Autofocus search feature, the "Creat...

chtoh82 by L2 Linker
  • 5794 Views
  • 3 replies
  • 0 Likes

PAN-OS upgrade problem for google web services

Hi everyone i got the problem for the PAN-OS upgrade from 6.1.X to 7.1.1X, the environment deploy SSL decrypt already, also had security profile include URL-filtering, Anti-virus, Anti-spyware, vulnerability, it like normal use, but when i finished upgrade palo alto appliance, we cannot succeed running google services like google-maps, google-tr...

TysonLiu by L2 Linker
  • 8298 Views
  • 10 replies
  • 0 Likes

Resolved! Session ID 0

Hi , When checking monitoring logs very often especially with ICMP, I come across" Session ID 0" and unable to find any information for the same using CLI . This throws error message as Session ID should start with 1. Not sure, why only WebGui displays as 0. Please assist. admin@PA> show session id 00 should be between 1-2147483648Inv...

PA11.JPG

PAN Hardware & PAN-OS ver. for ACE and PCNSE Certification

Hi all, I'm looking to study for and pass PAN Accredited Configuration Engineer certification and perhaps PCNSE down the road but would like to know what PAN hardware & PAN-OS version software I should get my hands on to help me out. To give some background, I hold CCNA R&S and CCNA Sec and I don't know what ACE and PCNSE would be equiva...

Resolved! Getting "Initializing minemeld...." after upgrade to 0.9.48. Logs, other values not updating

We are running MineMeld on an Ubuntu VM. I upgraded minemeld using ansible. I ran into a glitch the first time I tried the upgrade, and I had to revert to a VM snapshot. I retried the upgrade and all seems ok except when I ssh to the device I always get the "Initializing minemeld. It could take some minutes, please wait ....". I have to do ctl-...

alterioc by L2 Linker
  • 4612 Views
  • 1 replies
  • 0 Likes

MineMeld SIEM integration error

Good morning, we are trying to integrate MineMeld with IBM Qradar but we configured the threat intelligence app in Qradar. We configured the taxi URL: https://X.X.X.X/taxii-discovery-service but when we navigate on it we received the error: 405 Method Not Allowed. Anyone have just deal with this error? thank you

o365 api miners not working - 0.9.48 Ubuntu VM

Running Minemeld on Ubuntu VM. I upgraded from 0.9.44 to 0.9.48 to get the o365 api miners. The API miners fail with "Bad Request" I tried restarting the API but that did not resolve the issue. Can someone advise me on what to do to fix this problem? Thank you

BadReq.JPG
badreq2.JPG
alterioc by L2 Linker
  • 3144 Views
  • 1 replies
  • 0 Likes

Regex for Chromebook Username

Hello all! We have a little hiccup with our chromebook integration. The issue is, when a user logs in, the info is reporting to the PAN as "domain\john_smith". The PAN is setup to read users as "domain\john smith" so it tags the user incorrectly and applies the incorrect policies. Is there a way to use regex to parse the username and if an "_" ...

Screen Shot 2018-07-19 at 9.45.41 PM.png
jcalzada by L0 Member
  • 3807 Views
  • 3 replies
  • 0 Likes

Traffic Logs not showing up on Monitoring Tab

Hi All, Device Type: PA-220Software Version: 8.0.11-h1 Im having an issue with old traffic logs not showing up on the monitoring tab. I can see live logs but if I want to check the logs for the previous day or previous 2 days then nothing shows up. It only goes back to a certain time. We have cleared all the logs on Friday 13 July so that it can...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks