cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Filename field is empty on threat log
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Filename field is empty on threat log

Go to solution
Pradeepkumar064
L2 Linker

‎03-20-2020 02:08 AM

Dear Patrons,

 

There are two IPS in place with following configuration.

 

  • Objects > Security Profiles > Antivirus (Reset- Both)
  • Objects > Security Profiles > Anti-Spyware (no detail found)
  • Objects > Security Profiles > Vulnerability Protection (Reset- Both)

But we noticed that one IPS shows the filename in threat log (setup.exe) but in other IPS the filed is empty.

 

Threat name: (common on both the IPS) virus/win32.wgeneric

 

Dynamic updates are same on both the Firewalls.

 

Someone let me know what's odd in here?

 

Best Regards,

Pradeep

0 Likes Likes
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Coxje
L0 Member

‎04-08-2020 10:31 AM

Hey Pradeepkumar064,
 
I am running into the same issue. This might help.
 

View solution in original post

0 Likes Likes
4 REPLIES 4

Go to solution
reaper
L7 Applicator

‎03-23-2020 05:42 AM

hi pradeep

 

do you have a file blocking profile in place ?

a filename will only appear in the log where the filename is relevant

in a threat profile you are unlikely to encounter filenames as it is focussed on network layer attacks. antivirus and antispyware target 2 different types of threats so one may find something in a file whil ehte other doesn't match or finds something else

 

without more concrete examples of what you're facing it's difficult to give you a more solid answer

Tom Piens
Like my answer? check out my book! https://bit.ly/MasteringPAN
0 Likes Likes

Go to solution
Pradeepkumar064
L2 Linker
In response to reaper

‎03-25-2020 02:13 AM

@reaper 

 

Thanks for your kind response, let me collect the required details and reach out to you.

 

Best Regards,

Pradeepkumar

0 Likes Likes

Go to solution
Coxje
L0 Member

‎04-08-2020 10:31 AM

Hey Pradeepkumar064,
 
I am running into the same issue. This might help.
 

View solution in original post

0 Likes Likes

Go to solution
Pradeepkumar064
L2 Linker
In response to Coxje

‎05-08-2020 09:47 PM

@Coxje Thanks for the KB, really helpful.

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2021 - Palo Alto Networks