session end reason threat

We have vendor traffic coming to PA and session end reason is threat.

Under threat i can see the threat id number

They are lot of them

For easy way I have disabled the security profile vulner protection for that rule.

Need to confirm by doing this PA

Threat log types

For threat logs in PA  i see below options

( subtype neq vulnerability ) and ( subtype neq spyware ) and ( subtype neq packet ) and ( subtype neq scan )

need to know if this makes sense ??

where vulnerability is part of vul protection scecurity prof

Aplication Dependency commit Warnings after 8.1.8 upgrade

Hi,

Recently we had to upgrade our customer PA-3050 from a 8.0.10 to 8.1.8 version.

After we did it everything works fine, but when they did a commit of the configuration a lot of Aplication Dependency commit Warnings appears:

We check all the policies

Unable to get into maintenance mode

Hello All,

I was in the process of upgrading our firmware of our PA500 to 8.1 and when the device rebooted, it did not want to come back online.  Checked the startup and noticed I was getting this error message.  I did read online that it might be an

Critical system logs

Hello,

I'am planning to install a monitoring tool, and i need critical system logs generated by the PAN-device. Is there any docs that mention it?

Regards.

Overlaping subnets in IPsec VPN between palo alto firewalls hosted in AWS VPC,need help to configure

We have 2 VPC each having Palo alto VM-100 hosted in AWS ,both VPC are having overlapping subnet and we are try to setup ipsec site to site vpn ,kindly let me know the fesable configuration solution with configuration example if possible.Thanks .

TAXII into Proofpoint TRAP - Minemeld Output

I am trying to integrate MineMeld and Proofpoint TRAP. It should be relatively simple and feel I am overlooking something.

The first step was easy. Create an output using stdlib.taxiiDataFeed.

Because this is the community edition auth is turned of

Minemeld Log Location

Using Minemeld and I have miners, aggregators and output configured. I want to be able to get as much details from the indicators into a log server or even Splunk. Where would I find these logs? See below:

Need to allow service for Ping application

Hi Team

We have configured the one Destination NAT policy. My requirement is Ping the NAT IP (Public IP) from the external network.

I have configured one security policy with application as 'ping' and service as 'any'.

For the above configuration, I

ANTLR runtime and generated code versions disagree: 4.7.2!=4.5.1

Seeing this in minemeld-engine.log upon service stop, after installing with latest get-pip.py from wget https://bootstrap.pypa.io/get-pip.py

I'm not seeing any issues, but is there anything that should be done to reslove it?