- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
05-14-2020 01:25 PM
The best way to investigate these would be to access the Threat Vault at https://threatvault.paloaltonetworks.com/
Search for the Threat ID's and find the SHA256 hashes of the samples tied to the signatures.
You can then use the SHA256 hashes to research the samples on the internet. A good place to begin that research is http://virustotal.com
If you believe the signatures are built based on WildFire false positives or potential Signature Collisions you can open a request with Support to investigate.
If you know for sure that these triggers are false positives, and they're interrupting critical business tasks, you can opt to create an exception in your Antivirus profile. You can see instructions at https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/threat-prevention/create-threat-exceptions