Application Usage Report

Which report, and what configuration should I use to get every user/source IP of a user using a specific application?

I currently tried "Device Traffic Summary" sorting by "bytes"  top 5 grouping by user, but I can only have top 50.  So only the "Top

New blockIPS prototype doesn't have URL specified in config

From ETOpen.yml

blockIPs:
author: Gregory Roehl (paloaltonetworks.com)
development_status: STABLE
node_type: miner
description: >
Raw IPs for the firewall block lists. These come from
Spam nets identified by Spamhaus (www.spamhaus.org), Top
Attacke

Multicast on pa-7050

We are attempting to configure pim sparse mode via the PA-7050 which is going to be used as a control point for various virtual routers on our juniper mx core.   From what I can tell the pim is configured correctly, and the proper rp has been selecte

minemeld-engine exits after auto-update to 9.20

from minemeld-engine log jjust after the update 

2016-09-09T06:48:49 (20984)launcher.main INFO: mm-run.py arguments: Namespace(config='/opt/minemeld/local/config', multiprocessing=0, verbose=False)
Traceback (most recent call last):
File "/opt/minem

Sidewinder 8.x netmaps and secondary interface ip addresses

Hi

when I upload the netmaps config file, nothing show up under Nat i am not sure what is missing, The second issue i am having, the interfaces i have on the sidwinder have alias IPs attached to each interface (they are secondary IPs), the conversion

Throughput tesing with new ISP Link

After we provison new ISP link and connect directly to firewall is there way we can do throughput testing from Interface to check we are getting correct speed quoted by ISP , IF I connect ISP link directly to laptop assign IP and do speedtest it work

What is your experience of using site-to-site VPN with PA devices and how is the performance?

Im looking for those with reallife experience from running site-to-site VPN with PA devices both pro (good) and con (bad) stuff that might float up to the surface.

How is the reliability, how is the performance, how is the troubleshooting (if any) et

MineMeld Hyper-V support

Hi all,

Has anyone tried installing MineMeld on Hyper-V, I know we support Azure but didn't know if it works on Hyper-V?

Thanks,

Tim

What's New in MineMeld 0.9.20

Release Date: 2016-09-08

How to update: Updating MineMeld

Nodes:

- fixed bugs on TAXII and syslog nodes, and some typos here and there
- add Miner for ThreatQ

Prototypes:

- added new EmerginThreats Open Source prototypes by @Greg_R

- promoted a good bu

RedHat (+Akamai) IP ranges

Would it be possible to add a miner for the Red Hat Subscription Manager (RHSM)?

They do advice to use domains name as filter rather than IP addresess [1] (mainly because they use Akamai's CDN), but we prefer to have that kind of traffic under control

Beta 8 testing

I am curious how we can get the Beta 8 bits on our PA-200s.

Thanks

Bob

What tunnel options do you have for site-to-site using PA devices?

IPsec is the obvious one but lets say you have already taken care of the protection of the traffic, I failed to see if the PA devices for example supports GRE tunneling (basically for performance reasons I would just like the tunneling itself, not th