Palo Alto Networks Knowledgebase: Unable to add a threat ID in DNS signatures for DNS sinkhole

Unable to add a threat ID in DNS signatures for DNS sinkhole

(288 Views)
Created On 09/26/18 13:44 PM - Last Updated 09/26/18 14:00 PM
Categories:  Threat Intelligence,  Threat Prevention

Issue:


Solution:


Issue

When trying to add a specific threat ID for DNS spyware related threat inside Objects > Security profiles > Anti-spyware > Profile > DNS signatures > Threat ID exceptions, you may get the following error:

 

Threat <ID#> must be a value in range 3800000-4999999 or 5800000-5999999

 

 

222.PNG

Error while trying to add for threat ID 14875 Poison DNS request traffic.

 

Resolution

Only threat IDs with value in ranges 3800000-4999999 or 5800000-5999999 can be added to threat ID exceptions.

 

See Also

For more info on threat ID ranges in the Palo Alto Networks Content Database, please see:

Threat ID Ranges in the Palo Alto Networks Content Database

 

Attachments:

Actions:
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClmPCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Change Language: