This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
- AIOps for NGFW
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- Cloud NGFW for AWS
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
About willembrey-hardware
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- About willembrey-hardware
10-09-2018
6Posts
0Likes
0Solutions
Oct 09, 2018Last Visited
User
Activity
User
Profile
Latest posts by willembrey-hardware
| Subject | Views | Posted |
|---|---|---|
| 31787 | 10-05-2018 02:39 PM | |
| 1321 | 03-17-2018 05:23 PM | |
| 1018 | 06-14-2017 09:45 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 13 Likes | |||
| 3 Likes | |||
| 1 Like |
User Badges
Community Statistics
| Member Since | 01-04-2017 04:34 AM |
| Date Last Visited | 10-09-2018 05:21 AM |
| Posts | 6 |
10-05-2018
02:39 PM
I had no ens33 interface so had to use "ip link" to realise it was ens34 because the VMX file had it as slot 34. Weird.
... View more
03-17-2018
05:23 PM
I have configured the syslogminer node as per https://live.paloaltonetworks.com/t5/MineMeld-Articles/Using-the-syslog-Miner/ta-p/77262
I have checked the firewall is sending syslog for threat events on TCP 13514, BSD format, LOG_USER facility and I can see the events coming into Minemeld by running tcpdump -i eth0 port 13514. It shows the traffic and ack going back:
00:16:15.486176 IP x.x.x.15.56790 > dev-minemeld01.13514: Flags [P.], seq 3360:3920, ack 1, win 115, options [nop,nop,TS val 21990724 ecr 124658], length 560 00:16:15.486195 IP dev-minemeld01.13514 > x.x.x.15.56790: Flags [.], ack 3920, win 2799, options [nop,nop,TS val 138910 ecr 21990724], length 0
There is nothing relevant in the rsyslog.log file:
Mar 17 23:57:59 dev-minemeld01 rsyslogd: [origin software="rsyslogd" swVersion="8.17.0" x-pid="770" x-info="http://www.rsyslog.com"] start Mar 17 23:57:59 dev-minemeld01 rsyslogd: rsyslogd's groupid changed to 104 Mar 17 23:57:59 dev-minemeld01 rsyslogd: rsyslogd's userid changed to 101
The miner shows "no metrics yet" in the stats tab.
What am I missing?
... View more
06-14-2017
09:45 AM
I have a use case where you would want to enforce no split tunnel and possibly no other internet access while connected with a profile to sensitive internal resources. Additionally, you would want to offer a second profile with lower privileges with split tunnel for local internet access. In this instance, the additional restriction for disabling split tunnel only when connecting to sensitive resources does not work with a single user-id and profile with user based rules. You need the ability to choose your access level and it seems the only way is to use different GP gateways - possibly on the same public IP depending how this is supported.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
10-09-2018
05:21 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2022 - Palo Alto Networks