How to Delete an Exempt-IP in a Threat Profile

How to Delete an Exempt-IP in a Threat Profile

15919
Created On 09/25/18 19:25 PM - Last Modified 06/07/23 02:32 AM


Resolution


Overview

An exemption can be created for certain IP addresses in a threat profile. However, after the configuration, the IP addresses in the exempt IP list would not be seen when the threat name is clicked. This document describes how to verify the exempt-ip list and delete an exempt-ip from the firewall configuration.

 

Note: This document applies to Palo Alto Networks firewalls running PAN-OS 5.0.

 

Details

To verify the exempt-ip list, the details can be found in the configuration file, as below:
Exempt-IP.PNG

 

Enter the following CLI commands to delete an Exempt-IP from the firewall configuration (for example, 10.250.250.250)

> configure

# delete profiles vulnerability <Profile_name> threat-exception <Threat_ID> exempt-ip 10.250.250.250

 

See also

How to Add Exempt IP Addresses from the Threat Monitor Logs

 

owner: ssunku
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClYSCA0&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language