What are the Threat Log Values for Threat ID and Direction?

by nrice on ‎03-10-2010 01:40 PM - edited on ‎05-04-2016 12:17 PM by jjosephs (14,476 Views)

Answer

 

ThreatID Field

 

ThreatID Signification
8000 - 8099 Scan detection
8500 - 8599 Flood detection
9999 URL Filtering log
10000 - 19999 Spyware phone home detection
20000 - 29999 Spyware download detection
30000 - 44999 Vulnerability exploit detection
52000 - 52999 File type detection
60000 - 69999 Data filtering detection
100000 - 2999999 Virus detection
3000000 - 3999999 Wildfire signature feed
4000000 - 4999999 DNS Botnet signatures

 

 

Direction Field 

 

Value Direction
0 Client to Server
1 Server to Client

 

 

owner: panagent

Comments
by Mt.103
on ‎05-09-2013 02:38 AM

Hi,

Is the "Virus detection" range 10,000 - 4,000,000 correct?

I feel 2,00,001 - 4,000,000 is correct, isn't it?

by craymond
on ‎05-20-2013 11:43 AM

According to newer Documentation:

8000 – 8099 scan detection

8500 – 8599 flood detection

9999 URL filtering log

10000 – 19999 sypware phone home detection

20000 – 29999 spyware download detection

30000 – 44999 vulnerability exploit detection

52000 – 52999 filetype detection

60000 – 69999 data filtering detection

100000 – 2999999 virus detection

3000000 – 3999999 wildfire signature feed

4000000-4999999 DNS Botnet signatures. Available in PAN-OS 5.0.0 and above.

by shganesh
on ‎10-23-2015 05:30 AM

This DOC should come under handy dandy DOCS section!

Ignite 2018, Amsterdam, Netherlands
Ask Questions Get Answers Join the Live Community
Contributors