What MM version is support currently recommending fo PAN OS 8.x.x version

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

What MM version is support currently recommending fo PAN OS 8.x.x version

L0 Member

Currently there is a project to upgrade all Palo Alto's to a 8.x.x platform.

What MM version is support currently recommending fo PAN OS 8.x.x version?

Also need to consider Active directory integration as an option within the upgraded design. How we can acheive this?

 

6 REPLIES 6

L4 Transporter

Hi @JeelaniGh

 

I am not working for PAN, so I can't vouch for the recommendation, but at our company we have been using minemeld successfully since summer 2017, and just now starting to use minemeld together with other software stacks, like a SIEM and graylog.

Thanks for reply, looking some suggestions from other folks here...

Hello @borising,

Just wondering, what are you doing exactly with Graylog? Trying to find a good solution to monitor feeds and analyze them.

Thanks 🙂 

Hi @michael.gabriel,

 

We were looking into this article:

https://live.paloaltonetworks.com/t5/MineMeld-Articles/Correlating-PAN-OS-syslog-with-indicators/ta-...

 

And thought of using graylog for the receiving end, as this was a system we already use internally, nothing more special in that 🙂

 

Though I am having some issues getting it to work, as there are no correlations being sent out, so haven't looked more into it the last couple of months.

Very interesting @borising

I actually wound up doing something very similar to this by using MM and Splunk Free. MM sends LogStash info to Splunk, and NGFW sends syslogs to Splunk. Works pretty well! Here are the MM apps for Splunk:

 

https://github.com/gmellini/minemeld-analysis/ 

https://github.com/gmellini/TA-custom-minemeld_ioc 

 

And for the NGFW syslog parsing, the PAN plugins for Splunk work perfectly.  

 

 

Hi @michael.gabriel

 

That´s perfect! I was just looking at the same setup for my home lab, will try it out! Thank you for joining in with your valuable feedback, much appreciated!

  • 7525 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!