Process to Rebuild Panorama with Prisma Access & Prisma SDWAN

Posting here while waiting for TAC. We use Panorama to manage NGFW and Prisma Access with Prisma SDWAN integration.

We recently rebuilt Panorama Azure VM. Latest dynamic updates and plugins are installed, device cert is valid, and cloud services OT

XSOAR - Question Regarding Incident Tasks

Hello everyone, I noticed that when a task in a playbook has an error or requires some sort of input, said task appears in the tab "Playbook Tasks" (attached an image for reference). I was wondering how XSOAR gets that specific information in that ta

Client-to-Site IKEv2 IPSec without GlobalProtect

Hello,

I am totally new to Palo Alto and trying to set up VPN connection from Android Strongswan VPN Client app to Palo Alto without GlobalProtect.

I have requirement so client's IP is unknown and can be any public IP. At the moment IPSec tunnel is

XSOAR - Transform Language

Hello everyone, I would like to ask how to get the user.name value from this context data.
I tried using the syntax ${incident.labels.user.name}, but it didn’t work.

Here's the context structure:

Querying Users Who Changed Incident Status to "Action Required"

Hi Team,

We have a process where a user works on an incident and updates its status to "Action Required" for further investigation. While we can see the identity of the user who made this change in the Timeline tab of each incident, reviewing this in

Is there a way to export all the certificates present via the API?

Is it possible to export all Certificates at once from a Palo Alto Firewall via API? Without having to pass the names of the certificates from the API call, because in the documentation I've only seen it possible that way.

Global Protect and AXON fleet 3 Dashboard

Good afternoon,

I am having trouble with connecting to this fleet 3 dashboard, with GP. It appears to be a a DNS issue, because it will find the local network when GP is disabled. The virtual adapter takes over, and uses our  DNS server, so it is

Query about Session Offloading

Hi Team,

How to check the Offloaded session in PAN-OS 10.1.11 ?

In the below image the session is offloaded ?

observing high cpu utilization on daily basis and the main CPU consumers are multiple pan_task processes, each using around 70% CPU, and running cont

below  is  the  output of  show system resources  :  kindly please let me know , is it a  normal behavior or do we need some changes to be done.

top - 06:37:58 up 153 days, 11:11, 1 user, load average: 48.31, 48.22, 40.92
Tasks: 258 total, 43 running,

Changing Multiple Docker Images at once

Hey,

We are offline users

We updated from 6.12 -> 6.14, Then after the update, the docker images changed, and it's causing a lot of ": Script failed to run: failed to pull docker Image "demisto/python 3:3.11.10.113941"

Now, to fix it I need to chan

buttons to allow specific continuation of workplan

Hi everyone,
I need your help. When a task reaches certain thresholds, Cortex XSOAR sends an email to the analyst.

My goal is to have the analyst review all the evidence and then the anayst click a button to either approve or deny the continuation of

sub-playbook looping behavior

Do sub-playbooks self loop on arrays or just lists?

I can get a sub-playbook to loop “for each input” of a list, but not an array of the same data. 

Thx

Unpatched Vulnerabilities Protection

Hi,

I see this written in Unpartched vulnerability protection module section "Modify system settings temporarily as a workaround to protect unpatched endpoints from known vulnerabilities".

I have searched but found no details regarding this, can anyo

Global Protect lose internal resources access

Hello everyone,

I hope you can help us. We have some users who are connected to global protect, but from time to time, they lose access to the internal resources. When this happens, they have to update the connection in the GP client to be able to ac