Windows NPS + NXlog to Palo Alto User-ID

NXlog configuration file Configure Palo Alto to accept User-ID Syslog Device -> Setup -> Interfaces -> Management or if you have network profile Network -> Interface Mgmt. Add syslog filter profile. Device -> User identification -> Click gear on the right side of “Palo Alto Networks User-ID Agent Setup” -> Syslog Filters Add new filter … [Read more…]

Windows NPS + NXlog to Graylog

Saving Windows NPS logs to any folder Downloading NXlog Community Edition from here Changing NXlog config file at C:\Program Files (x86)\nxlog\conf\nslog.conf #NoFreeOnExit TRUE define ROOT C:\Program Files (x86)\nxlog define CERTDIR %ROOT%\\cert define CONFDIR %ROOT%\\conf define LOGDIR %ROOT%\\data define LOGFILE %ROOT%\\logs\\nxlog.log LogFile %LOGFILE% Moduledir %ROOT%\\modules CacheDir %ROOT%\\data Pidfile %ROOT%\\data\ SpoolDir %ROOT%\\data <Extension _fileop> Module xm_fileop # … [Read more…]

Cisco ISE Guest API – PHP script

Adds user to ISE via POST request. Returns first/last name and ISE generated username and password. GitHub repository: Postman POST request to the script ISE guest user is created

OSCP Guide. Where to start, what to read, how to practice.

Around a month ago, I started my preparation for OSCP (Offensive Security Certified Professional)  exam and signed up for PWK course from Offensive Security in the mid-January. If you just started your path to OSCP certification you might have a lot of questions. Is there any official guide? What to read? Where to start? What kind … [Read more…]

How to add Palo Alto firewall to VIRL

Get a Palo Alto VM image in *.qcow2 format If you have a Palo Alto support account – login to your Support Panel at and navigate to Software Updates section Look for PAN-OS for VM-Series KVM Base Images section and download PA installation image.