URL category shows 'not-resolved' in URL Filtering logs. However, Test A Site Page shows the correct category
10179
Created On 02/15/23 00:02 AM - Last Modified 06/24/25 04:33 AM
Symptom
- URL category shows 'not-resolved' in URL Filtering logs. However, Test A Site Page shows the correct category
- URL Filtering logs shows the url as 'not-resolved'
- URL will show a different category in Test A Site Page
- CLI shows also as not-resolved and Cloud is unavailable
> test url ghcr.io
ghcr.io not-resolved (Base db) mlav_flag=0 expires in 5 seconds
ghcr.io cloud-unavailable (Cloud db)
Environment
- Palo Alto Firewalls
- Supported PAN-OS
- URL Filtering
Cause
- Firewall is not able to resolve our *urlcloud.paloaltonetworks hosts.
- Use the following filter in system logs: (description contains 'PAN-DB')
- The following command can be also used from CLI to identify the issue
> less mp-log devsrv.log
mp devsrv.log 2022-11-29 10:18:50 2022-11-29 10:18:50.457 -0500 curl error: Could not resolve host: serverlist3.urlcloud.paloaltonetworks.com
mp devsrv.log 2022-11-29 10:19:50 2022-11-29 10:19:50.594 -0500 curl error: Could not resolve host: serverlist.urlcloud.paloaltonetworks.com
mp devsrv.log 2022-11-29 10:19:50 2022-11-29 10:19:50.594 -0500 curl error: Could not resolve host: serverlist2.urlcloud.paloaltonetworks.com
Resolution
- The issue is resolved under PAN-193818 in PAN-OS 10.2.3, 10.1.9 and 10.0.12
- Upgrade to the above versions will resolve the issue.
- Create a URL Category object , and select action: allow/alert under URL Filtering Profile
- Restart devsrvr process
> debug software restart process device-server
Note: Restarting devsrvr will have some interruption in commit, edl/fqdn-refresh. However, user's traffic should not be interrupted.