08-06-2021 02:59 AM
As the title suggest i have on my fw (pan os 10.0.4) Threat Activity (ACC) and Monitor-LOGS-threats totally empty.
Since few weeks ago no problem and all the other logs work fine.
And no changes have been made.
already restart mgmt service withuot success.
08-06-2021 08:51 AM
Have you tried actually restarting the firewall and not just the mgmt server? Are you actually sure that no changes have been made and someone maybe didn't accidentally remove the security group/profile from your policies?
The first thing I would do is verify through my traffic logs that traffic is hitting rules that actually have a security group/profiles assigned to it so that threat logs would actually be generated. Then I would just generate something stupid that I know should be getting logged as a threat, such as a directory traversal attempt or a simple unauthorized brute force attach on a login page.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!