How to Document a URL Falsely Detected as Malware

How to Document a URL Falsely Detected as Malware

12231
Created On 09/26/18 13:44 PM - Last Modified 06/08/23 06:42 AM


Resolution


Steps

To identify a URL being incorrectly reported as malware by the Palo Alto Networks device, the following information should be provided:

  1. URL of site.
  2. Which URL database is being used?
    • > show system setting url-database
  3. Which PAN-OS and DB version is in use? 
    • > show system info
  4. Verify that database version is the latest.
  5. Is the URL in question in the dataplane cache?
    • > debug dataplane show top-urls top 20000

 

owner: panagent
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClmZCAS&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language