It’s a bit of an odd situation but sometimes you might want to take information from a cloud service in this case Cortex XDR from Palo Alto Networks and drag it into an on premise logging service. This guide will have a look at how to get this log data in as well as parse it such that you can… Read more
Category: Software
This section looks at what is new in the world of software (Operating Systems included) and how to take best advantage of what is out there.
Using a Raspberry Pi (or any Linux PC) as a Serial Console Server
A handy trick I learnt recently from this video (ICX Serial Console Server with Raspberry Pi by Terry Henry) which I’ve condensed into this screenshot guide. In short the ‘screen’ command in Linux can be used to turn any device into a serial console server – very handy if you need ‘out of band’ access to the management console of… Read more
Intune Certificate Connector and 0x80094800
In configuring the Microsoft Intune Certificate Connector and attempting to issue certificates to your client via Intune you might run into the error message below. IssuePfx – COMException: System.Runtime.InteropServices.COMException (0x80094800): The requested certificate template is not supported by this CA. (Exception from HRESULT: 0x80094800)at CERTENROLLLib.IX509CertificateRequestPkcs10V2.InitializeFromTemplateName (X509CertificateEnrollmentContext Context, String strTemplateName) at Microsoft.Management.Services.NdesConnector.MicrosoftCA.GetCertificate (PfxRequestDataStorage pfxRequestData, String& certificate, String& password) Failed to issue… Read more
PRTG, Graphs and the alternatives to just displaying the average
The default graph options in PRTG (Setup > System Administration > User Interface) for extended periods of time (e.g. over 10 days) will display the average over a set period (e.g. 1 hour) – while this may be ideal for some data on occasion you may want to display the maximum or minimum value for the data over that period…. Read more
MBR2GPT: Disk layout validation failed for disk 0
So after realising that my desktop PC has been running in BIOS mode (how 1970s and probably the result of multiple clones from HDD to 10k HDD, to 10k HDD in RAID0 to SSD and to another SSD) and with a free weekend I thought it was time to have a look at the MBR2GPT tool. However in running the… Read more
Extracting TRAFFIC, THREAT, CONFIG and SYSTEM syslog from a Palo Alto Networks Next Generation Firewall with Graylog
Graylog is a brilliant (and Open Source) tool to easily capture logs from a variety of systems including good old fashioned syslog. In the screenshot guide below you will learn how to use a set of extractors I constructed to parse out useful information from PAN NGFW syslog. The link to the source files mentioned is: https://github.com/jamesfed/PANOSGraylogExtractor
Backing up a Palo Alto Networks Next Generation Firewall with PowerShell
For some time there have been plenty of examples of backing up Palo Alto Firewalls with curl commands (extracting the files using the XML API) however that may not sit well with some Windows administrators who want to use PowerShell. As such I’ve put together the BackupPANNGFWConfig repo on GitHub which contains the scripts to get ahold of the API… Read more
Server 2019 Network Policy Server (NPS) doesn’t reply to RADIUS requests
Bit of a crazy issue when deploying a new Ruckus wireless network – in first suspecting an issue with the controller software or perhaps some kind of access control list blocking traffic it turns out that the default Windows Firewall rule for allowing NPS traffic is broken in some fashion. Having tried this (and it working fine) on Windows Server… Read more
Ruckus SmartZone – check that an Access Point has received the latest configuration
While iterating through an issue with our Ruckus SmartZone (with Ruckus R510 Access Points) controllers I was looking for a way to see when the Access Points had applied the new configuration; lone behold it’s quite easily done through both the CLI and the GUI. Anyone who has used the new SmartZone controllers will know all too well that’s it’s… Read more
uniFLOW Server Service (MomSvc) will not start
For a little while now we’ve had issues with the uniFLOW Server service (version 5.3) not starting in a timely fashion (2hrs+). After a harrowing tale of working with their support going in circles looking at issues with SQL Server and suchlike we worked out that the issue seemed to be caused by stale files at ‘C:\Program Files (x86)\Common Files\NT-ware… Read more