This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Nick_Davis1639
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Nick_Davis1639
05-19-2023
3Posts
0Likes
0Solutions
May 19, 2023Last Visited
User
Activity
User
Profile
Latest posts by Nick_Davis1639
| Subject | Views | Posted |
|---|---|---|
| 274 | 05-16-2023 09:45 AM | |
| 417 | 02-08-2023 04:37 AM | |
| 475 | 02-07-2023 05:51 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like |
User Badges
Community Statistics
| Member Since | 02-07-2023 05:44 AM |
| Date Last Visited | 05-19-2023 12:51 AM |
| Posts | 3 |
05-16-2023
09:45 AM
Hi All,
I have security profiles on my main egress firewall rules, and the URL filtering is blocking anything malware, high-risk etc. I have some custom reports setup that report on any blocks that take place as a result of this profile.
I am reading you can also setup firewall rules to block inbound/outbound traffic using sources and destinations that are External Dynamic Lists of known malicious IP addresses, high-risk IP addresses, bulletproof IP addresses etc. (https://docs.paloaltonetworks.com/best-practices/10-2/internet-gateway-best-practices/best-practice-internet-gateway-security-policy/define-the-initial-internet-gateway-security-policy/step-1-create-rules-based-on-trusted-threat-intelligence-sources)
Why would I use these rules with EDL's vs URL filtering security profile? Or should both be used for best protection? Am I correct in thinking that the EDL's are a protection at a layer 3 level, and the URL filtering is more of a layer 7 protection?
... View more
02-08-2023
04:37 AM
It does seem like the same issue, and like I mentioned in my original post I was able to get them to send by trimming down the reports. I also determined last night that if I split the large reports into many individual report groups / schedules they also send.
However that is just a workaround and I am searching for a real solution to the issue. I am hoping there is a way to increase this timeout so that I can email the current size of the reports in a single report group.
If there is limitations on these firewalls for how many reports / size of reports before it will trigger a timeout then Palo Alto needs to do a better job at documenting that for customers.
... View more
02-07-2023
05:51 AM
Hello,
I am runnning a mix of PA-820 and PA-850 firewalls, and I have a daily report group setup with about 8 different reports in it that fails to email me successfully. Everyday the error "mail send: curl_easy_perform() failed: Timeout was reached" is shown in the System log. The reports are actually generated daily and I can view them under Monitor > Reports however they are just not emailed to me.
I have found that if I reduce the number of reports on that report schedule, or even if I trim down the reports (changing from Sort By: Count Top 500 to Sort By: Count Top 50) the email is received successfully. I am not hitting a max attachment size on my email server with the reports at their original size. I exported each report separately as PDF's and added up their total size and it's about 1 MB.
I have also played with the CLI command debug reportd set-timeout and increased that to max value "18000" but that made no change. I think this command is more for the actual reports being generated, which again is not an issue. The issue specifically is the email scheduler and actually sending the PDF reports off to me.
I do have a TAC case open for about 2 weeks now with no progress. Does anyone know if there is a way to adjust the email scheduler timeout or get around this error without having to reduce the size of my reports?
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks