Palo Alto MineMeld Example Configuration

MineMeld is an “extensible Threat Intelligence processing framework and the ‘multi-tool’ of threat indicator feeds. Based on an extremely flexible engine, MineMeld can be used to collect, aggregate and filter indicators from a variety of sources and make them available for consumption to peers or to the Palo Alto Networks security platforms.”

It was recently open-sourced by Palo Alto and can be found on Github.

Continue reading Palo Alto MineMeld Example Configuration

Packet Capture on a Palo Alto Management Interface

In this quick how-to I will show you how you can very easily and quickly run a packet capture on a Palo Alto management interface.
Some reasons why you may want to capture packets on the management interface is to capture traffic such as RADIUS and Syslog which is processed via the management plane. Management traffic cannot be captured using the ‘packet capture’ feature on the GUI so we need to do it using the CLI.
Continue reading Packet Capture on a Palo Alto Management Interface