This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew

About PavelK

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
PavelK
‎02-26-2026
Cyber Elite
since ‎09-03-2021
Cyber Elite
User Activity
User Profile
Latest posts by PavelK
View All
User Badges
Community Statistics
Member Since ‎09-03-2021 06:13 AM
Date Last Visited ‎02-26-2026 01:27 PM
Posts 1,174
Total Likes Received 472

Re: Bulk add existing addresses to an existing group

by Cyber Elite in Panorama Discussions
‎06-26-2022 04:13 PM
‎06-26-2022 04:13 PM
Hello @clwilson   you can use Panorama CLI to configure existing address objects to be member of a specific address group in a Device Group:   SSH to Panorama and issue:   set cli config-output-format set set cli scripting-mode on configure set device-group <Name of Device Group> address-group <Name of Address Group> static [ <Address object 1> <Address object 2> <Address object 3> ]   set cli scripting-mode off   Kind Regards Pavel ... View more

Re: Shared RADIUS Server Profile, and Shared Authentication profile not showing up in a new Template?

by Cyber Elite in Panorama Discussions
‎06-23-2022 11:26 PM
‎06-23-2022 11:26 PM
Hello @AlexandroDelAngel   when you create a new device specific Template for a new device, all the configuration will be blank unless you make configuration changes within that specific Template. There is no process of inheriting until you add a Template to Template Stack where all will be merged and depending which Template is placed on the top, the overlapping configuration will take a precedence.   Based on what you described, I have feeling what you are experiencing is expected. You will only see the RADIUS Server Profile and Authentication Profile in Standards-Template. In order to check the overall result of the configuration how it is going to be pushed to Firewall, you will have check it by looking into Template Stack (Navigate to Device, then select Template Stack from drop down list) instead of looking into individual Firewall specific Templates.   Kind Regards Pavel ... View more

Re: anyone no vaild content package exists know?

by Cyber Elite in General Topics
‎06-22-2022 10:46 PM
‎06-22-2022 10:46 PM
Hello @qmso475   could you please confirm you installed the content packages? Here is corresponding KB: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClcPCAS   Kind Regards Pavel ... View more

Re: After OS upgrade, CPU keeps high value

by Cyber Elite in General Topics
‎06-21-2022 04:48 AM
‎06-21-2022 04:48 AM
Hello @JoHyeonJae   I experienced this issue in the past when I upgraded from 8.1 to earlier releases of 9.1 by hitting this bug: PAN-152106. Below is detailed KB: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HAcfCAG   If possible could you share to what version the customer upgraded to and what process seems causing this issue?   Kind Regards Pavel ... View more

Re: Panorama Log Collector Forwarding Traffic Strings

by Cyber Elite in Panorama Discussions
‎06-20-2022 04:03 PM
‎06-20-2022 04:03 PM
Thank you for reply @ElliotM   for dns log part, I tested it in my Panorama and I got desired result, so I am not sure what the issue is. For other part, I changed syntax. Could you test below string?   !(( app eq dns ) and (( addr.dst in 10.0.0.0/8) or ( addr.dst in 8.8.8.8) or ( addr.dst in 8.8.4.4))) and !(( app eq ping ) and (( addr.src eq 10.29.100.1) or ( addr.src eq 10.29.100.2) or ( addr.src eq 10.10.29.100.3))) and !(( app eq kerberos ) and ( addr.dst eq 10.0.0.0/8))   Kind Regards Pavel ... View more

Re: Traffic logging issue from firewall to Panorama

by Cyber Elite in General Topics
‎06-20-2022 02:57 PM
‎06-20-2022 02:57 PM
Thank you for reply @Kathiravan_R   since PAN-OS 8.1 is already end of life, I would try to upgrade to 9.1.14 first. If your Panorama is running lower version than your target upgrade version, you should upgrade Panorama first. If upgrade does not resolve the issue, I would go through PCAP to see Firewall can establish session with log collector at all, then check system logs and debugs.   Kind Regards Pavel ... View more

Re: Traffic logging issue from firewall to Panorama

by Cyber Elite in General Topics
‎06-19-2022 11:17 PM
‎06-19-2022 11:17 PM
Hello @Kathiravan_R   under assumption that you can see all the logs locally on the Firewall, I would perform below commands on Firewall to confirm log forwarding status:   debug management-server log-collector-agent-status request log-collector-forwarding status   If the Firewall is not connected to log collector, I would be looking further into connectivity issue. Running packet capture might uncover the issue. Assuming you are using management interface for communication with Panorama, I would follow this KB with log collector's IP address as destination filter: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CleECAS If there is nothing obvious in pcap file, then as a next step I would be looking into Firewall system logs: tail lines 500 mp-log ms.log If this does not reveal anything, worse case scenario, failover Firewall, reboot it and fail back.    If the Firewall is connected to log collector and log forwarding has stopped, then latter of these commands will show you last time stamp of forwarded log. In this case, I would suggest to follow this KB to see you can restart log forwarding from Panorama side: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFCCA0   If the logs do not appear even locally in the Firewall, then potentially I would be looking into PAN-OS upgrade. I came across this issue in early releases of PAN-OS 9.1. What version are you running?   Kind Regards Pavel ... View more

Re: How to see geneve encapsualted header information in packet capture

by Cyber Elite in VM-Series in the Public Cloud
‎06-17-2022 02:55 AM
‎06-17-2022 02:55 AM
Hello @aleksandar.astardzhiev   I see. Thank you for input.   Kind Regards Pavel ... View more

Re: Can I export traffic log more than 1 million lines in panorama

by Cyber Elite in General Topics
‎06-17-2022 02:51 AM
‎06-17-2022 02:51 AM
Hello @miaocongcong   it is possible by changing maximum rows for export. The default value is 65536 rows for export, but this can be increased up to: 1048576. Here is corresponding KB:  https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClaPCAS   Kind Regards Pavel ... View more

Re: Panorama Log Collector Forwarding Traffic Strings

by Cyber Elite in Panorama Discussions
‎06-16-2022 05:54 AM
‎06-16-2022 05:54 AM
Hello @ElliotM    thanks for the post.   Could you check whether this string works for your filter?   !(( app eq dns ) and (( addr.dst in 10.0.0.0/8) or ( addr.dst in 8.8.8.8) or ( addr.dst in 8.8.4.4))) and !(( app eq ping ) and (( addr.src notin 10.29.100.1) or ( addr.src notin 10.29.100.2) or ( addr.src notin 10.10.29.100.3))) and !(( app eq kerberos ) and ( addr.dst notin 10.0.0.0/8))   Kind Regards Pavel ... View more

Re: Deny logs on the monitor traffic is not showing. please i need help

by Cyber Elite in VM-Series in the Private Cloud
‎06-15-2022 04:58 PM
‎06-15-2022 04:58 PM
Thank you for reply @THIQAH-CloudNetworks   this configuration is described in this KB: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clt5CAC   Kind Regards Pavel ... View more

Re: Deny logs on the monitor traffic is not showing. please i need help

by Cyber Elite in VM-Series in the Private Cloud
‎06-15-2022 06:07 AM
‎06-15-2022 06:07 AM
Thank you for reply @THIQAH-CloudNetworks   If you have enabled log at session end, you will only see deny logs once session is closed. Could you confirm whether you see the traffic in session browser?   Kind Regards Pavel ... View more

Re: Log Forwarding

by Cyber Elite in General Topics
‎06-15-2022 06:00 AM
1 Kudo
‎06-15-2022 06:00 AM
1 Kudo
Hello @CraigAddison   for Traffic, Threat, URL, Data Filtering, WildFire,...logs you have to enable Log Forwarding profile under each security policy. This type of log gets generated depending on log type when for example security policy is getting hit, threat signature is getting hit, there is a URL category match. As long as you have: "Log at Session End" enabled and a Log Forwarding profile in place with Panorama set as destination, logs will be sent to Panorama's log collector. Here is corresponding KB: https://knowledgebase.paloaltonetworks.com/kcSArticleDetail?id=kA10g000000ClGL   For System, Configuration, User-ID... logs, you can configure it from Device > Log Settings. This log will get forwarded to Panorama's log collector as it gets generated on Firewall. Since this log type is not traffic dependent even passive Firewall will generated some system logs.   If you do not see logs in Panorama, I would recommend to go through this KB: https://knowledgebase.paloaltonetworks.com/kCSArticleDetail?id=kA10g000000ClXA   I would check below points: - Make sure that Firewall is assigned to log collector and this change has been committed and pushed to log collector. - Make sure that on Firewall side from CLI: "show log-collector preference-list" you will see log collectors IP addresses. I had a case before that this was not applied until I restarted management process. - Make sure you will see the log received in Panorama from CLI: show logging-status device <serial number>. - Make sure that Firewall and Panorama are using the same time/time zone. - Make sure there are no restrictions/blocked ports between Firewall and log collector.   Kind Regards Pavel ... View more

Re: Panorama Device Specific Templates Network Settings

by Cyber Elite in Panorama Discussions
‎06-15-2022 02:59 AM
‎06-15-2022 02:59 AM
I am sorry for late response @AOneR   For the first issue, could you please confirm that both options are enabled on Panorama when you are pushing the configuration: "Merge with Candidate Config" and "Include Device and Network Templates"?   For the second issue, after you get the validation error, could you check logs from CLI on both Panorama as well as managed Firewall whether it can give more details what the issue is: tail lines 500 mp-log configd.log.   Kind Regards Pavel ... View more

Re: Deny logs on the monitor traffic is not showing. please i need help

by Cyber Elite in VM-Series in the Private Cloud
‎06-15-2022 02:48 AM
‎06-15-2022 02:48 AM
Thank you for the post @THIQAH-CloudNetworks   unless you have a policy that will block your traffic, all traffic will hit default inter-zone policy that by default does not have logging enabled. If this is the case, then here is corresponding KB to enable logging: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClHkCAK   If this is not case, could you elaborate what rules and action you configured?   Kind Regards Pavel ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎02-26-2026 01:27 PM
Likes Given To
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks