The commit button is turned to enable without any setting changes

The commit button is turned to enable without any setting changes

7358
Created On 09/06/21 05:20 AM - Last Modified 09/23/25 08:27 AM


Symptom


  • Commit button is turned to enable without any setting changes
  • The config audit shows some changes between running and candidate config without any manual setting changes

Environment


  • PAN-OS 9.1 and above

Cause


The Dynamic Updates Applications and Threats is configured with Schedule Action "download-only" and not "download-and-install" which mean once the content was downloaded and pending an install (which does a partial commit).

You can show application change contents when you click "Review Apps" under dynamic updates if it is available. It can be shown after the download content signature file with application changes (add/modify).
 

Resolution


Clicking the "install" under the Action column or change the Content Update Action to "download-and-install"

Additional Information


Extended Policy Impact Review for Content Releases:
https://docs.paloaltonetworks.com/ngfw/administration/app-id/manage-new-app-ids-introduced-in-content-releases/review-new-app-id-impact-on-existing-policy-rules
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004LlRCAU&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language