Hello Community! Occasionally we get "SYSTEM ALERT" forwarded to the mailbox, in regards to failed authentications where there was an attempt using a non-existent user. Is it possible to add more information in these logs? Specifically whether the user tried to log on using the GlobalProtect client, or the portal
From cloud service to enterprise apps (SaaS or Public Cloud) In the new GlobalProtect Cloud Service (GPCS) plugin 1.1.0, customers can now fetch the public egress IP addresses assigned to their ‘Global Protect Cloud Portals and Gateways‘ and ‘Remote Networks’ instances using an API key that can be generated on
My customer is up and running but he is receiving this error when performing an App ID adoption check: “Completed. This log connector does not have a PANOS device assigned” Thanks in advance for the help!
Question How do I check if Azure real-time alerting is configured correctly? Answer When configuring Azure real-time alerting, Evident Monitoring cannot confirm whether or not the configuration is done properly. However, once real-time alerting is configured, you can check whether or not Evident Monitoring has received any events/messages from Azure.
Good afternoon! I have a quick question about running MineMeld from the OVA. We have some pretty strict policy against installing via GitHub and, the best way for me to get MineMeld installed, would be to use the OVA method. I'm new to running it this way. After I get
Hello there, I represent Kromtech company(https://kromtech.com) which produces MacKeeper app (https://mackeeper.com). We have report from our partners that your WildFire service marks our products as Malware. We would like to report false positive but I didn't find a way how to do that if I don't own your service. I've been
Hi, I'm installing Minemeld behind a proxy server using the Ubuntu 14.04.05LTS image. The strange thing is that last week I've used exactly the same approach for demo purposes and Minemeld worked like a charm and got a 'Go' for it for production. This week, following the same approach
Hello, I tried to download the last Adobe Reader DC package directly on the depository from Adobe and Palo -Alto block my download with the threat detection Virus/Win32.WGeneric.rixgu(2341248)... The URL is ftp://ftp.adobe.com/pub/adobe/reader/win/AcrobatDC/1801120040/AcroRdrDC1801120040_fr_FR.exe So for example, I can download the package for en_US without issue.. but, I need the
Hi, I'd like to know if this file is a false positive: File name: R3p.BDO.Loader.exe Detection: generic.ml SHA-256: 6df80c3431c1a8ae2d4b60c12ede1e94ff20a88f417e373df9b18e5f0c079ddb https://www.virustotal.com/#/file/6df80c3431c1a8ae2d4b60c12ede1e94ff20a88f417e373df9b18e5f0c079ddb/details Download source: https://www27.zippyshare.com/v/E3BSwFxQ/file.html
Just spun up a new Minemeld server and its working however the nodes like to just stop and I am not sure how to get them to start up and stay started. Rebooting will bring everything back up and they wiull be started for about a minute then they all
Hi, on last Wednesday a PA consultant tried to help or migration to Panorama with the help of Expedition, but it didn't work at all (lots of remote exceptions). The version from today sees to work much better. At least the dashboard displays withput errors and I can change
Customer has tons of shared Address Objects in Panorama that are used in some panorama rules but also some of these objects are being used in local FW rules. They want to clean up the unused shared objects in Panorama and not push all of these objects to firewalls because
Hi to all, i've been trying to set up a TAXII client (miner node) in Minemeld but i'm having the same error of #221(that has not solutions): "nodename" - "collectionname" collection does not support TAXII 1.1 message binding (DATA_FEED). Through the discovery service i saw that the poll service accepts
I've added a panorama device into Expedition and i'm trying to import logs that I've exported from panorama and am running into an issue. I put the csv file in /home/expedition/logs. The csv is called panorama.csv. /home/expedition/logs/* (logs path in expedition). I've changed changing permissions on the file/folder and ownership
Hey all, So my Minemeld appliance updated to 0.9.46 at some point which broke the system. I was able to temporarily fix the issue by just changing the symlink in /opt/minemeld/engine from 0.9.46 to 0.9.44. Obviously, this is not ideal. When I look in the 0.9.46 folder I
Before I go down the route of writing a prototype (or attempting to), I was wondering if there was a prototype that I could use to read an IP list in this XML format. I would be interested in pulling out the address and country:
Question Does SSO support just-in-time user provisioning? Answer No, Evident Monitoring's SSO does not support just-in-time provisioning. Users must be manually created in Evident Monitoring before they can login via SSO.
Hi, ever i try to use "Auto Zone Assigments" i got the message: A default gateway is mandatory in order to correctly calculate the zones. Add a Default Gateway to your virtual router and try it again I put already the default route inside the used virtual route, but it