05-17-2024 12:30 PM
Does anyone have any good log events to key on for notifying when a security profile (antivirus, anti-spyware, vulnerability protection, url, file blocking, wildfire) may not be functioning properly? I am thinking maybe trying to identify the log event for when dynamic updates have failed to install, and trying to alert when configuration changes to specific security profiles occur might be useful.
Any others? Does anyone know of any of log types/events which could imply that a security profile functionality may be impacted?
05-28-2024 04:20 PM
Hello @JasonRakersKSS
thanks for posting.
Given the criteria it is hard to advice a single solution to meet the requirement. To be honest, I would start with AIOps and BPA: Palo Alto Best Practice Assessment (BPA) for Security Profiles. The information in the link are addressing scenarios where security posture is not aligning with recommendations / best pracrtises.
Kind Regards
Pavel
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
