I currently have one rule, that pertains to one inside and one outside host. I have a few profiles added to the rule such as a/v, spyware, vulnerability and file blocking. I dont see any events in the Threat monitor nor my Syslog server so my assumption is all is well, no threats detected? Is there any other way to confirm the firewall is performing the checks in the profile?
As long as the traffic is communication across the rule that has your threat profiles applied then it should be filtering. I would search the destination and source address and verify that the traffic is not hitting any other rules first.
There are a few sites out there that will test it for you from the Internet IN.
Or go out and find an EICAR - eicar.org
You may also refer to https://www.paloaltonetworks.com/documentation/81/wildfire/wf_api/get-wildfire-information-through-t... to pull some test files through your firewall to generate threat log entries
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!