https://live.paloaltonetworks.com/t5/advanced-threat-prevention/security-profile-malfunction-detection/m-p/588154#M2229 <P>Hello&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/332460">@JasonRakersKSS</a></P> <P>&nbsp;</P> <P>thanks for posting.</P> <P>&nbsp;</P> <P>Given the criteria it is hard to advice a single solution to meet the requirement. To be honest, I would start with AIOps and BPA:&nbsp;<A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000TopKCAS" target="_self">Palo Alto Best Practice Assessment (BPA) for Security Profiles</A>. The information in the link are addressing scenarios where security posture is not aligning with recommendations / best pracrtises.</P> <P>&nbsp;</P> <P>Kind Regards</P> <P>Pavel&nbsp;</P> Tue, 28 May 2024 23:20:47 GMT PavelK 2024-05-28T23:20:47Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/security-profile-malfunction-detection/m-p/587159#M2218 <P>Does anyone have any good log events to key on for notifying when a security profile (antivirus, anti-spyware, vulnerability protection, url, file blocking, wildfire) may not be functioning properly?&nbsp; I am thinking maybe trying to identify the log event for when dynamic updates have failed to install, and trying to alert when configuration changes to specific security profiles occur might be useful.</P> <P>&nbsp;</P> <P>Any others? Does anyone know of any of log types/events which could imply that a security profile functionality may be impacted?</P> Fri, 17 May 2024 19:30:03 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/security-profile-malfunction-detection/m-p/587159#M2218 JasonRakersKSS 2024-05-17T19:30:03Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/security-profile-malfunction-detection/m-p/588154#M2229 <P>Hello&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/332460">@JasonRakersKSS</a></P> <P>&nbsp;</P> <P>thanks for posting.</P> <P>&nbsp;</P> <P>Given the criteria it is hard to advice a single solution to meet the requirement. To be honest, I would start with AIOps and BPA:&nbsp;<A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000TopKCAS" target="_self">Palo Alto Best Practice Assessment (BPA) for Security Profiles</A>. The information in the link are addressing scenarios where security posture is not aligning with recommendations / best pracrtises.</P> <P>&nbsp;</P> <P>Kind Regards</P> <P>Pavel&nbsp;</P> Tue, 28 May 2024 23:20:47 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/security-profile-malfunction-detection/m-p/588154#M2229 PavelK 2024-05-28T23:20:47Z