https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194867#M58266 <P>Thanks you guys, We hope to upgrade to 8 soon</P> Thu, 11 Jan 2018 20:15:00 GMT raji_toor 2018-01-11T20:15:00Z https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194693#M58226 <P>We have an open wifi network and do see lot of coinhive spyware threat alerts. Recently a user genrated in excess 30000 email alerts for&nbsp;CoinHive JavaScript Detection. We don't want to block the user and also the external IP is not single one. Firewall is set to reset-bot on detection. We just don't want to see this email alert, is there a workaround to disable&nbsp;alert on a specific spyware.</P> Wed, 10 Jan 2018 19:37:55 GMT https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194693#M58226 raji_toor 2018-01-10T19:37:55Z https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194717#M58232 <P>Hello,</P><P>Yes there is. Just use the exception tab to filter the one you dont want to see out. Set it something lower and change the action.</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="image.png" style="width: 800px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/13191i138E7947055FF094/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="image.png" alt="image.png" /></span></P><P>&nbsp;</P><P>Hope that helps.</P> Wed, 10 Jan 2018 22:14:45 GMT https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194717#M58232 OtakarKlier 2018-01-10T22:14:45Z https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194736#M58241 <P>How would you change the severity of threat under exceptions? SMTP Alerts are set for anything medium to critical.</P><P>Just to mention this is for antispyware although it should be similar to vulnerability protection.</P> Wed, 10 Jan 2018 22:50:44 GMT https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194736#M58241 raji_toor 2018-01-10T22:50:44Z https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194739#M58243 <P>Sorry, that is where my fingers were quicker than my brain. You are correct the severity cannot be changed. If you have a SIEM you can just use it for the alerts and silence the PAN.</P><P>&nbsp;</P><P>Just a thought.</P> Wed, 10 Jan 2018 22:57:00 GMT https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194739#M58243 OtakarKlier 2018-01-10T22:57:00Z https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194740#M58244 <P>PAN-OS 8.0 introduced "Filtered Log Forwarding".&nbsp; This would allow you to further "tweak" the rule that generates e-mail notifications.&nbsp; You could easily exempt certain events from generating e-mails, regardless of severity.&nbsp; Read more about it here:</P><P>&nbsp;</P><P><A href="https://live.paloaltonetworks.com/t5/Community-Blog/Make-more-sense-using-filtered-log-forwarding/ba-p/146395" target="_blank">https://live.paloaltonetworks.com/t5/Community-Blog/Make-more-sense-using-filtered-log-forwarding/ba-p/146395</A></P><P><A href="https://live.paloaltonetworks.com/t5/Tutorials/Tutorial-Filtered-Log-Forwarding/ta-p/145950" target="_blank">https://live.paloaltonetworks.com/t5/Tutorials/Tutorial-Filtered-Log-Forwarding/ta-p/145950</A></P> Wed, 10 Jan 2018 23:02:11 GMT https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194740#M58244 jvalentine 2018-01-10T23:02:11Z https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194867#M58266 <P>Thanks you guys, We hope to upgrade to 8 soon</P> Thu, 11 Jan 2018 20:15:00 GMT https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/194867#M58266 raji_toor 2018-01-11T20:15:00Z https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/599191#M119172 <P>Where would one do this in PANOS 11.X?</P> Tue, 01 Oct 2024 15:37:45 GMT https://live.paloaltonetworks.com/t5/general-topics/exempt-alerting-for-specific-threat/m-p/599191#M119172 ThomasBezak 2024-10-01T15:37:45Z