Change hostnames of devices being managed by Panorama

I want to change the hostnames of an HA pair that is being managed by Panorama.  When I go to Panorama > Device I see the hostnames I want to change there.  Are those being pulled from the hosts themselves?  If so can I just change them on each FW an

Forward logs from firewalls to Panorama and from Panorama to external services

Hi, 

I planning to forward the Panorama logs to azure sentinel, while I have log collector  configured to log to Panorama. I found a document that specifies that it not possible "A Panorama virtual appliance running Panorama 6.0 or later releases,

ssh invalid commit error

We have upgraded our palo alto firewall from 9.2.x to 10.2.4 after degradation from Panroma getting error as " out of sync ". we tried to commit and push from Panorma but we were unable to commit getting the error " SSH invalid"

kindly help us to re

Getting Set VSYS message when creating Panorama certificates

I am creating a certificate/CSR for my management TLS login.  I created a cert, but when going to export the CSR, or anything else on the bottom bar, I get a hovering message "You need to assign a default VSYS to current template first"  I can't find

Collect data on and then block file-sharing application IDs.

I'm looking for a method to collect data passing through all location firewalls on what app-id tagged traffic for "file-sharing" is passing through (such as dropbox, onedrive, gdrive, etc.) and consolidate our organize to a single filesharing service

Warning: spyware-profile Profile_Anti-Spyware(id: 251) is considered duplicate of DNSServer_Anti-Spyware(id: 255)

Hello PA community,

I found the problem that

"Warning: spyware-profile Profile_Anti-Spyware(id: 251) is considered duplicate of DNSServer_Anti-Spyware(id: 255)"

I noticed that it's a warning even after I upgraded panorama to 10.2.4, why warning sti

SNMPv3 Panorama Device Monitoring

I am preparing to onboard a new client that has multiple Palo Alto devices at various locations around the globe.  They do have a Panorama management system already, but what I'm curious about is if I can connect my SNMP manager to Panorama and have

inconsistent object structure in Panorama REST API responses

Hello,
I would like to understand if some responses that we receive are valid (via Panorama REST APIs).
The problem is that some object fields may receive different formats for seemingly identical value types.
For example:

I want to integrate LDAP in Panorama

I have Panorama on VM and i am trying to configure LDAP, i have setup LDAP profile and then trying to tie LDAP profile with Management interface but it looks like i am not getting any option where i can select LDAP profile from dropdown list, If LDAP

MIgrate drives from a retiring M200 and install them in a M600 appliance as expansion

I would like to take the 8 gig drives from a retiring M200 appliance, format, and install them in a M600 appliance in the expansion bays for additional storage. Is there a procedure available to 1. Format the drives on the M200, 2. Install in the M60

IPSEC VPN

I am working in a lab with VMware virtual machine and when I do VPN it throws the following error: ike phase 1 negotiation fails as initiator, main mode failed SA: 192.168.1.1[500]-203.0.113.40[500]Due to time. 

My firewall B is on another machine

Query regarding the Log Collector Disk Backup

How to take the backup of all the logs which are currently stored in the Log Collector disk (Approx. 300GB of data over 1 year). I have tried the export of logs from the Monitor TAB in CSV format but it's a really massive task to individually downloa

Python - Check Panorama Template - Certificates expiration

Hello everyone, I hope you are doing well!

We had an issue with certificate that as expired on one of our customer's device.
I know it exist this Github : https://github.com/ip-life-net/palo-check-cert-expiry and it works flawlessly with one device