About SinOPtik

good day, i know that answer might be simple but cannot find correct approach. I have an application which identified as unknown-TCP and i have created pattern for it with few conditions. now I have discovered that some devices behave different way and my pattern order not match, so I think to identify app based on first string in ASCII format. for instance, I have following string in pcap:   My Agent 2.43 pour MSWIN32.   if i create such pattern as unknown-rsp-tcp-payload, it works. But I would like to avoid issue in case of other version for application, but when I use new pattern:   My Agent \d\.[\d]{0,}\s pour MSWin32   it fails to apply. if I will convert everything to HEX, I am afraid to be depended on version number...   I am new to regex and would like to understand how to create these custom app-id, so please help. ... View more

Hey All,   had an issue today while migrating apps from 7050 config to pa220R (bloody slow device) with 8.1.5 on board. on 7050 I have few vsyse's with shared applications and application-groups used (to share them in ruleset between vsyses). New PA-220R are installed in network to has one of vsyses config on it. So, after merging config in Expedition (and MigrationTool after), I was trying to load it to device and I got an error while adding shared application part: "Server error : Failed to compose effective config to load. input file doesn't have anything at config/shared/application". Manual editing of xml didn't help, so as workaround I was forced to manualy export/import applications one by one. Application groups were also not migrated, so I was forced to recreate them manualy. Good that I less than 10 apps, what if 50? no possibility to migrate them by group...   I don't know if it is limitation of PA220 or 8.1  so would like to know if anyone had such issue.       ... View more