07-24-2023 04:24 AM
files are occupying under traps.
[root@xyz opt]# du -sh * |grep G
5.9G traps
[root@xyz opt]# pwd
/opt
[root@xyz opt]# cd traps
[root@xyz traps]# du -sh * |grep G
4.7G ecl
[root@xyz traps]# du -sh * |grep M
80M bin
479M download
25M glibc
67M lib
11M lib32
16M local_analysis
256M ltee
23M persist
74M python
230M shared_packages
[root@xyz traps]# pwd
/opt/traps
[root@xyz traps]# hostname -i
172.28.10.24
[root@xyz traps]#
/dev/mapper/rhel_rhel7-opt 9.4G 7.6G 1.8G 81% /opt
Kindly help with this
07-24-2023 09:15 AM
Good Day
Just for my own confirmation, are you using TRAPS or Cortex XDR? (Traps was the old name for endpoint security from 4 or 5 years ago.
The PANW engineer did have files available for malicious code to see and try to infect (sort of like a honeypot) so that the endpoint product to see/evaluate/ and ultimately block access to real production files.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
