"Scan Skipped: Profile not found" for DLP and configured action is not getting triggered after upgrading to 11.0.1

"Scan Skipped: Profile not found" for DLP and configured action is not getting triggered after upgrading to 11.0.1

2884
Created On 02/13/23 08:24 AM - Last Modified 06/23/23 23:29 PM


Symptom


  • PA-3430 is configured with DLP and sending .ppt files which stopped working on 11.0.1
  • wif counter shows dlp file excluded and the DLP profile action is not being honored
  • DF logs show the Reason for action as Scan Skipped: Profile not found
admin@FIN-PA-3430-2(active)> show counter global filter delta yes | match dlp
ctd_dlp_wif_forward_count   43    15 info   ctd   pktproc   total dlp requests forwarded for WIF
ctd_wif_file_dlp_excluded   336  123 info   ctd   pktproc   file  dlp fwd excluded via inclusion or exclusion filetype list
admin@FIN-PA-3430-2(active)> show counter global filter delta yes | match dlp
ctd_dlp_wif_forward_count   237   18 info   ctd   pktproc   total dlp requests forwarded for WIF
ctd_wif_file_dlp_excluded   1944 148 info   ctd   pktproc   file dlp fwd excluded via inclusion or exclusion filetype list

 

Environment


  • Upgrading PAN-OS from 11.0.0 to 11.0.1.
  • Palo Alto Firewalls
  • Panorama

Cause


Panorama data being out of sync with the data store.

Resolution


Workaround:
Reset dlp plugin in Panorama and re-push to the firewall.

 

Additional Information


DF Logs:
 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kGumCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail