Prisma Cloud: Unknown Console Login attempt from Prisma Cloud IP using System Admin user name found in Audit Logs

Prisma Cloud: Unknown Console Login attempt from Prisma Cloud IP using System Admin user name found in Audit Logs

587
Created On 01/15/24 12:39 PM - Last Modified 04/01/25 16:15 PM


Symptom


  • Unknown Console Login attempt from Prisma Cloud IP using System Admin user name found in Audit Logs
  • Trusted Login IP Address is configured in Prisma Cloud Console for allowing Console Login access from Trusted IPs
  • Since one of the Prisma Cloud IPs is not part of this List this is resulting in Failure messages seen in Audit Logs

Environment


  • Prisma Cloud

Cause


  • This is expected behaviour as per product design
  • The IP address belongs to Compute and needs to be added to login IP whitelist
  • This is required because Compute services make internal calls to auth-service for authentication purpose

Resolution
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008WbxCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail