This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

About MikeSangray2019

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
MikeSangray2019
‎04-01-2024
since ‎10-17-2019
L3 Networker
User Activity
User Profile
Latest posts by MikeSangray2019
View All
User Badges
Community Statistics
Member Since ‎10-17-2019 12:50 PM
Date Last Visited ‎04-01-2024 11:19 AM
Posts 60
Total Likes Received 1

Re: Syslog Custom Format for Splunk

by in General Topics
‎02-02-2021 09:29 AM
‎02-02-2021 09:29 AM
Closer, but still seeing an issue.   Firewall config events are being parsed as pan:config, but without before and after change details. Other details are included, but before and after change details are both 0.   When I set a custom log format and test changing an object name on the firewall, the logs are parsed as pan:log (not pan:config) and I can see the change detail in the raw event message, but now I've lost the other fields since it was parsed as pan:log. ... View more

Re: HA Configuration on PA-3220 - HA1 is UP but HA1 Backup is Down

by in General Topics
‎01-15-2021 11:47 AM
‎01-15-2021 11:47 AM
Same issue on a pair of 3320s. Rebooted the passive firewall, but no change, still red. ... View more

Re: Logging to Panorama and Splunk

by in General Topics
‎12-21-2020 07:01 AM
‎12-21-2020 07:01 AM
So Option 2 sending to both Splunk and Panorama is feasible and not a strain on the firewalls? If so, then this is the option I'm leaning toward since it would help provide another layer of redundancy for log shipping. ... View more

Logging to Panorama and Splunk

by in General Topics
‎12-17-2020 01:05 PM
‎12-17-2020 01:05 PM
I am standing up Panorama and not sure where to send logs. I currently have my firewalls sending logs to Splunk via a syslog server, and I want to keep getting logs into Splunk. Is there a best practice or recommended config?   Option 1. Send firewall logs to Panorama and then from Panorama to Splunk Option 2. Configure firewalls to send to both Panorama and Splunk Option 3. something else?   ... View more

Re: HA Upgrade Path 8.1 to 9.1

by in General Topics
‎12-10-2020 09:46 AM
‎12-10-2020 09:46 AM
I understand the path, my question is about HA.   Can I upgrade one of the firewalls all the way to 9.1 and then upgrade the second firewall to 9.1 or do I have to do one to 9.0, then the second to 9.0, and then upgrade to 9.1 on the first and then 9.1 on the second. ... View more

HA Upgrade Path 8.1 to 9.1

by in General Topics
‎12-10-2020 07:44 AM
‎12-10-2020 07:44 AM
I have an HA pair of firewalls on 8.1. Do I need to upgrade both to 9.0 and then 9.1 or can I upgrade one all the way to 9.1 and then the second from 8.1. to 9.1? ... View more

Re: GlobalProtect agent download speed very slow

by in General Topics
‎10-27-2020 02:37 PM
‎10-27-2020 02:37 PM
I never found a solution, agent downloads are still slow. ... View more

Re: Required role to do cli backups

by in General Topics
‎09-17-2020 02:24 PM
‎09-17-2020 02:24 PM
The GUI was a limiting factor in this scenario, but thanks for the information. We're after an automated solution, so maybe Panorama or API. ... View more

Re: Required role to do cli backups

by in General Topics
‎09-15-2020 01:59 PM
‎09-15-2020 01:59 PM
Do you know if the output of 'show config running' in an xml file can be used to restore the config? ... View more

Re: Required role to do cli backups

by in General Topics
‎09-15-2020 09:40 AM
‎09-15-2020 09:40 AM
What are you saying here? Are you saying that if the config is exported as XML that there is no ability to restore it?   "So, to summarize, there does not seem a good ability to load a config in "set" notation, but could export with 1000s of lines as XML." ... View more

Re: Required role to do cli backups

by in General Topics
‎09-11-2020 09:12 AM
‎09-11-2020 09:12 AM
What about using a tool like CatTools to capture the output of 'show config running' ? The readonly permissions lets the user run this command. ... View more

Re: Correlation log subtype action always allowed?

by in General Topics
‎09-11-2020 08:43 AM
‎09-11-2020 08:43 AM
No, actually the PA logs don't display Action for the correlation events like you see for Traffic, Threats, etc. I'm seeing the Action as 'allowed' in Splunk logs. So all correlation events have the action 'allowed'. Just ends up being misleading when reading reports.  ... View more

Correlation log subtype action always allowed?

by in General Topics
‎09-10-2020 09:14 AM
‎09-10-2020 09:14 AM
Is the correlation log_subtype action always allowed? It creates a bit of confusion when the action on the actual event was blocked, but the correlation action shows allowed. Just looking for clarification. ... View more

Required role to do cli backups

by in General Topics
‎09-10-2020 08:17 AM
‎09-10-2020 08:17 AM
We have a process to do backups using the cli. I'm going to create a new role restricted to cli for this purpose. What admin role is required to perform backups? ... View more

Re: DHCP client identifier 61 return VLAN id

by in General Topics
‎08-06-2020 12:04 PM
‎08-06-2020 12:04 PM
Thanks, I've been through the guide and I think I'm configuring it correctly, but it's not working. It would be nice to see an example screenshot or two instead of just instructions. For example a screenshot with Step 3 '(Optional) Configure a vendor-specific or custom DHCP option that the DHCP server sends to its clients' would really help to verify syntax. ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎04-01-2024 11:19 AM
Latest Tags
No tags yet
Likes From
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks