Commit error profile compiler can not find tid 40006 in threat database

Reply
L1 Bithead

Commit error profile compiler can not find tid 40006 in threat database

Hi,

 

We are having issues with commit in the FWs from last Wednesday. The error that we receive is: "Error: Profile compiler : can not find tid 40006 in threat database". The commit finishes correctly, but with the warning of the error.

Commit error.png

We have revert the content update of the apps and threats to a previous one and the commit finishes correctly. With the latest content updates we are having issues too.

Updates.png

¿Any idea why are we receiving the error? We have checked that the threat ID 40006 exists.

 

Regards.

Highlighted
L7 Applicator

Re: Commit error profile compiler can not find tid 40006 in threat database

Hello,

Try to install a newer version or revert to the previous one and try upgrading again. If this doesnt work, perhaps a call to tech support.

 

Regards,

L7 Applicator

Re: Commit error profile compiler can not find tid 40006 in threat database

You might have an exception for Threat ID 40006 in one or more of your security profiles. A simple way to check your whole config for that can be done in CLI:

> show config running

hit / (forward slash) to begin searching, and enter: 

40006

You'll have to scroll up (using the "J" key, may also work with arrow keys) to the top of that entry to find the profile name, and there may be multiple profiles that have it.

L0 Member

Re: Commit error profile compiler can not find tid 40006 in threat database

Warning message comes from firewall because Threat ID 40006 was disabled starting from Application version 8165 and later.

 

Please find below release note.

https://downloads.paloaltonetworks.com/content/content-8165-5521.html?__gda__=1562631311_252c3916cad...

L2 Linker

Re: Commit error profile compiler can not find tid 40006 in threat database

I did what you suggested from the CLI and found the 40006 threat exception.  The WebUI did not show it in the exceptions list for me to delete from there.  I went back to the CLI, and fumbled my way through it using the following...

 

This is used to get the output in "set" format.  (This helps those of us who are not overly familiar with PAN-OS CLI.)

> set cli config-output-format set

Enter Config mode.

> configure

Show configuration and search for Threat ID 40006.

# show
/40006

or

# show | match 40006

Use the above output results to create a "delete" command.

# delete profiles vulnerability "vuln-profile-name" threat-exception 40006

Commit changes.

# commit

Problem solved.

L1 Bithead

Re: Commit error profile compiler can not find tid 40006 in threat database

Hi,

 

We opened a tech support case, and they confirm that the treat id was disabled. Actually we have received a update that they are going to include the threat id next week.

Thank you everyone for the help!!

L0 Member

Re: Commit error profile compiler can not find tid 40006 in threat database

New Threat update is out 8171-5557 and it does not include threat ID 40006.

Tags (1)
L1 Bithead

Re: Commit error profile compiler can not find tid 40006 in threat database

Hi,

 

Yes, we are still waiting for the update.

 

Regards.

Tags (1)
L0 Member

Re: Commit error profile compiler can not find tid 40006 in threat database

We have also opened escalation case with TAC. Will let you know if something fruitful comes out.
L1 Bithead

Re: Commit error profile compiler can not find tid 40006 in threat database

Hi,

 

Actually with the latest content update, it has been included.

 

Regards.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!