Automating security rules clean up

Hello everyone,

We are wondering if anyone have experience in listing out all security rules in Palo Alto Firewall and get the 'last used' field from the rules using any API.

We are looking into reviewing all our rules and perform clean up to unused r

Modifying Checkpoint FW Access Rule from Cortex XSOAR

Powershell to run CLI Command

Hi All!

I am putting together a PowerShell script to see what IPs are listed in the DoS Block Table. The command (debug dataplane show dos block-table) keeps timing out with the error

"Error executing command 'show config running'. Error: Exception cal

Service Principal issues on Panorama Plugin for Azure

While setting up the Service Principal on Panorama Plugin for Azure, even though the IAM role of reader seems to be properly defined in Azure we get this error message during the validation phase:

ERROR: Validation of #######-####-####-############ fa

Aruba ClearPass integration dynamic group issue

Aruba ClearPass version 6.12 integration with palo alto using API, ClearPass match roles and use the enforcement policy to send roles to palo Alto . Palo Alto has dynamic group matched with the same role name received from Aruba ClearPass. the issue

Cortex XSOAR integration vs XSIAM integrations

Can existing supported Cortex Enrichment integrations work in XSIAM or does there need to be a completely new integration built to support XSIAM.

If you're able to carry the integration from XSOAR to XSIAM is there documentation available for that mo

QoS Monitoring for PRTG network monitor

Open this post to follow up QoS Monitoring for PRTG network monitor 

Anyone still using?

Purpose for this discussion is to explore any possibilities to use LibreNMS/PRTG to monitor & stored the QoS statistics below

Model : PA3410 

PAN-OS : 11.0.2-h3

Checkpoint XDR syslog integration

Dear all,

we have checkpoint infinity xd solution and we need to integrate it with palo alto ngfw (820 model)

checkpoint side give us the guidline and also we made online meeting to check configurations. there are:

1. valid checkpoint certificates

2. pub

ZScaler Integration Error

Hello,

I have installed the ZScaler Internet Access integration version: 1.3.16

Whenever I try to update it to the version 1.3.24, the command !zscaler-activate-changes returns the error:

Failed to execute zscaler-activate-changes command.

Error: 'dict

Cortex Xsoar Elasticsearch Integration - Configuring several Elastic nodes

Hello

We are in the process of implementing the Elasticsearch integration in Cortex XSoar. However, we are wondering what best practices are when you have several Elastic nodes but the integration only allows entering one node address to connect to.

I.

Cortex XDR integration with Qradar

I would like to know the log forwarder IP details for integrating the Cortex XDR to Qradar.

We are looking for the US Region IP 

Cortex XSOAR integration with Symantec Endpoint Protection (EDR)

Dear Community, hello!

I would like to start a conversation about a missing integration that I would like to develop on my own.

I would like to connect PA Cortex XSOAR with Symantec Endpoint Protection (EDR).

I am very new to all this, so I would welc

Integrate Palo Alto Firewalls with IPAM Solution

We are using EfficientIP IPAM solution to efficiently manage IP address allocation within our network. This solution extract ARP tables from devices using SNMP. We have integrated our Palo Alto firewalls to this solution and it is receiving the inter

Generate Traffic and bypass production rule for audit

Hello ,

Hope you can help me with a solution!

I am trying to clean some wide open rules that are receiving traffic that maybe if this same traffic bypass these wide open  rules , the traffic will then be triggered with another specific rules  below .

Issue | "Nist NVD" Integration is not working (01/04/24)

Hi,

We have an issue with "Nist NVD" integration.
When we want to use the commands, we are getting the following error:

"Nist NVD returned an errorHide reason
Command:

!nvd-search-cve cve="CVE-2020-1000"
(Nist NVD)
Hide reason
Reason
Failed to execute nvd-se