Prisma Cloud: Network Alerts will not be in the resolved status for auto-remediation

Prisma Cloud: Network Alerts will not be in the resolved status for auto-remediation

3288
Created On 10/26/22 19:25 PM - Last Modified 08/16/24 15:31 PM


Symptom


The alert status is showing 'open' even after customer has done remediation on the resource.

Environment


  • Prisma Cloud
  • Network Alerts
  • Qualys

Cause


Network alerts are not resolved when the resource is remediated as the alert is generated based on violating traffic and that can’t be reversed. They can only be dismissed and this is by design. 

Resolution


Network alerts will only be resolved when resource is deleted or there is an alert rule/policy/account descope.

Additional Information


This is also the case for Audit Events and Anomaly alerts.

Manage Prisma Alerts
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kEm2CAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language