cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Filename field is empty on threat log

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
Pradeepkumar064
L2 Linker
‎03-20-2020 02:08 AM
‎03-20-2020 02:08 AM

Filename field is empty on threat log

Dear Patrons,

 

There are two IPS in place with following configuration.

 

  • Objects > Security Profiles > Antivirus (Reset- Both)
  • Objects > Security Profiles > Anti-Spyware (no detail found)
  • Objects > Security Profiles > Vulnerability Protection (Reset- Both)

But we noticed that one IPS shows the filename in threat log (setup.exe) but in other IPS the filed is empty.

 

Threat name: (common on both the IPS) virus/win32.wgeneric

 

Dynamic updates are same on both the Firewalls.

 

Someone let me know what's odd in here?

 

Best Regards,

Pradeep

0 Likes
Reply

Accepted Solutions
Coxje
L0 Member
‎04-08-2020 10:31 AM
‎04-08-2020 10:31 AM

Hey Pradeepkumar064,
 
I am running into the same issue. This might help.
 

View solution in original post

0 Likes
Reply

All Replies
reaper
L7 Applicator
‎03-23-2020 05:42 AM
‎03-23-2020 05:42 AM

hi pradeep

 

do you have a file blocking profile in place ?

a filename will only appear in the log where the filename is relevant

in a threat profile you are unlikely to encounter filenames as it is focussed on network layer attacks. antivirus and antispyware target 2 different types of threats so one may find something in a file whil ehte other doesn't match or finds something else

 

without more concrete examples of what you're facing it's difficult to give you a more solid answer

Tom Piens - PANgurus.com
Like my answer? check out my book! amazon.com/dp/1789956374
0 Likes
Reply
Pradeepkumar064
L2 Linker
‎03-25-2020 02:13 AM
‎03-25-2020 02:13 AM

@reaper 

 

Thanks for your kind response, let me collect the required details and reach out to you.

 

Best Regards,

Pradeepkumar

0 Likes
Reply
Coxje
L0 Member
‎04-08-2020 10:31 AM
‎04-08-2020 10:31 AM

Hey Pradeepkumar064,
 
I am running into the same issue. This might help.
 

View solution in original post

0 Likes
Reply
Pradeepkumar064
L2 Linker
‎05-08-2020 09:47 PM
‎05-08-2020 09:47 PM

@Coxje Thanks for the KB, really helpful.

0 Likes
Reply
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks