Does anyone have information on how to integrate Hillston brand Firewalls into XSIAMAmazon

Hello community,

Does anyone here have information on how to integrate Hillston brand Firewalls into XSIAM? I have searched but can't find anything concrete. I would greatly appreciate it if you could enlighten me with ideas.

Create custom widget to display data from JamfPro

Hi Everyone,

Greetings

I'm wondering if it's possible to fetch data from JamfPro MDM solution for example user_name, ip address and mac details and add it as a custom widget to the cortex dashboard. If this is possible kindly guide me on how to achieve

Implementing checkov for shared modules

Hello Everyone, I am trying to implement Checkov in one of the portal repositories to validate policies and other configurations. However, I am facing an issue with downloading shared Terraform modules present in the One of the project. Somehow, Chec

Microsoft Sentinel Incident custom details fetch in XSOAR

Hi everyone,

I've configured the Microsoft Sentinel integration instance in XSOAR, and it's successfully fetching incidents along with associated entities. However, I'm unable to retrieve the custom details (also known as additionalData or customDetai

Automating security rules clean up

Hello everyone,

We are wondering if anyone have experience in listing out all security rules in Palo Alto Firewall and get the 'last used' field from the rules using any API.

We are looking into reviewing all our rules and perform clean up to unused r

Modifying Checkpoint FW Access Rule from Cortex XSOAR

Powershell to run CLI Command

Hi All!

I am putting together a PowerShell script to see what IPs are listed in the DoS Block Table. The command (debug dataplane show dos block-table) keeps timing out with the error

"Error executing command 'show config running'. Error: Exception cal

Service Principal issues on Panorama Plugin for Azure

While setting up the Service Principal on Panorama Plugin for Azure, even though the IAM role of reader seems to be properly defined in Azure we get this error message during the validation phase:

ERROR: Validation of #######-####-####-############ fa

Aruba ClearPass integration dynamic group issue

Aruba ClearPass version 6.12 integration with palo alto using API, ClearPass match roles and use the enforcement policy to send roles to palo Alto . Palo Alto has dynamic group matched with the same role name received from Aruba ClearPass. the issue

Cortex XSOAR integration vs XSIAM integrations

Can existing supported Cortex Enrichment integrations work in XSIAM or does there need to be a completely new integration built to support XSIAM.

If you're able to carry the integration from XSOAR to XSIAM is there documentation available for that mo

QoS Monitoring for PRTG network monitor

Open this post to follow up QoS Monitoring for PRTG network monitor 

Anyone still using?

Purpose for this discussion is to explore any possibilities to use LibreNMS/PRTG to monitor & stored the QoS statistics below

Model : PA3410 

PAN-OS : 11.0.2-h3

Checkpoint XDR syslog integration

Dear all,

we have checkpoint infinity xd solution and we need to integrate it with palo alto ngfw (820 model)

checkpoint side give us the guidline and also we made online meeting to check configurations. there are:

1. valid checkpoint certificates

2. pub

ZScaler Integration Error

Hello,

I have installed the ZScaler Internet Access integration version: 1.3.16

Whenever I try to update it to the version 1.3.24, the command !zscaler-activate-changes returns the error:

Failed to execute zscaler-activate-changes command.

Error: 'dict

Cortex Xsoar Elasticsearch Integration - Configuring several Elastic nodes

Hello

We are in the process of implementing the Elasticsearch integration in Cortex XSoar. However, we are wondering what best practices are when you have several Elastic nodes but the integration only allows entering one node address to connect to.

I.

Cortex XDR integration with Qradar

I would like to know the log forwarder IP details for integrating the Cortex XDR to Qradar.

We are looking for the US Region IP