This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Threat Log filter by 'Name' field

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Threat Log filter by 'Name' field

Go to solution
CafNetMatt
L3 Networker

‎04-19-2013 06:17 PM

I've got a potential client that is trying to filter the threat log by the threat 'Name' field.  He wants to see all from a specific threat.

Normally you click on the item and it puts it in the filter bar but here when you click on the name you get a pop up with the details on that threat.  I've tried a bunch of combinations and can't find anything that will filter on the threat name.

Is there syntax for that field?  Another way to filter that traffic?

Thanks.

Matt

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
UhMayYeah
L5 Sessionator

‎04-19-2013 07:40 PM

Agree with emr

You can alternatively just choose the Threat Id from the Available columns in the Threat logs as shown in the Snapshot.

Threats details can also be searched from the Threat Vault.

https://threatvault.paloaltonetworks.com/

Threat Logs.PNG

View solution in original post

0 Likes Likes
5 REPLIES 5

Go to solution
emr_1
L5 Sessionator

‎04-19-2013 06:40 PM

You can use Threat ID instead.

If you click threat Name, you can see threat detail.

This window contain threat ID.

You can use this as follow:

(threatid eq xxxxx)

Regards,

Go to solution
UhMayYeah
L5 Sessionator

‎04-19-2013 07:40 PM

Agree with emr

You can alternatively just choose the Threat Id from the Available columns in the Threat logs as shown in the Snapshot.

Threats details can also be searched from the Threat Vault.

https://threatvault.paloaltonetworks.com/

Threat Logs.PNG

0 Likes Likes

Go to solution
CafNetMatt
L3 Networker

‎04-19-2013 07:47 PM

If I could do two correct answers I would've.  I had to choose and being lazy like all good net engineers, I chose the path of least resistance.  I added the column.  But, both worked and worked perfectly.

Thank you both!

Go to solution
craymond
L4 Transporter

‎06-19-2013 02:37 PM

There should be the capability to filter using text from the Name field also. If you want to search for, let's say, Microsoft vulnerabilities, you should be able to filter using the name field. This would allow an admin to find out what vulnerabilities are trying to be exploited and whether clients or servers have been patched for those vulnerabilities.

The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries.

Go to solution
cmaier
L1 Bithead
In response to craymond

‎07-19-2013 10:10 AM

+1 for the ability to search on threat name and use some sort of wildcard language.

  • 1 accepted solution
  • 5816 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks