This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Farouk.Kahoul
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Farouk.Kahoul
11-30-2022
6Posts
1Like
0Solutions
Nov 30, 2022Last Visited
User
Activity
User
Profile
Latest posts by Farouk.Kahoul
| Subject | Views | Posted |
|---|---|---|
| 3867 | 11-24-2022 01:32 PM | |
| 5542 | 03-06-2020 02:49 AM | |
| 6632 | 03-04-2020 03:22 AM | |
| 6698 | 03-02-2020 09:16 AM | |
| 5702 | 02-28-2020 06:48 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 03-06-2020 02:49 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like |
User Badges
Community Statistics
| Member Since | 02-27-2020 08:54 AM |
| Date Last Visited | 11-30-2022 05:27 PM |
| Posts | 6 |
| Total Likes Received | 1 |
11-24-2022
01:32 PM
Hello what do you think about the use of EDL prepared by Palo Alto for the major SaaS providers ? https://docs.paloaltonetworks.com/resources/edl-hosting-service is there someone already using it since few months ?
... View more
03-06-2020
02:49 AM
1 Kudo
hi Luigi
thx for your answer.
im using the VERSION: 0.9.66.
i have found a way to filter using the syntax: contains(xxxxx_list, 'yyyyyyy') == true
... View more
03-04-2020
03:22 AM
Merci milles Dpurton !
my experience:
- use combinations of filters as conditions: contains(xxxxxx_xxxx_list, 'lowercasename') == true
note the lowercase !
also, if you want to filter on a field that contains a "." like name or id, it seems it doesn't work, you will have to use others fields like region+service for example.
this is my prototype based on stdlib.feedHCWithValue :
infilters: - actions: - accept conditions: - __method == 'withdraw' name: accept withdraws - actions: - accept conditions: - contains(azure_system_service_list, 'azureappservice') == true name: accept AzureAppService - actions: - accept conditions: - contains(azure_region_list, 'northeurope') == true - contains(azure_system_service_list, '') == true name: accept northeurope_system_service_empty - actions: - accept conditions: - contains(azure_region_list, 'westeurope') == true - contains(azure_system_service_list, '') == true name: accept westeurope_system_service_empty - actions: - accept conditions: - contains(azure_system_service_list, 'azuread') == true name: accept azuread - actions: - accept conditions: - contains(azure_system_service_list, 'azureadvancedthreatprotection') == true name: accept AzureAdvancedThreatProtection - actions: - accept conditions: - contains(azure_system_service_list, 'azureappservicemanagement') == true name: accept AzureAppServiceManagement - actions: - drop name: drop all store_value: true
... View more
03-02-2020
09:16 AM
think the question is: "how to build a condition to ACCEPT the entry if at least one variable is on the list"
my filter is azure_name_list == 'AzureActiveDirectory'
this one has been accepted:
azure_name_list:[azureactivedirectory]
this one has been dropped:
azure_name_list:[azureactivedirectory,azureactivedirectorydomainservices]
because this IP entry is used for both ranges "azureactivedirectory" and "azureactivedirectorydomainservices".
i tried
conditions: - share_level == "green" - type == "IPv4" - contains(azure_name_list, 'AzureActiveDirectory') == true
but syntax should not be good.
is there someone able to help me on the YAML syntax to build a condition where at least the variable is present on the list?
... View more
02-28-2020
06:48 AM
hi
did you resolved your problem of filtering by service name?
i have the same problem.
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks