Prisma Cloud Defender status showing Error 'Failed to track application: failed to restore iptables exit status 127' on the Container Network Firewall section

Prisma Cloud Defender status showing Error 'Failed to track application: failed to restore iptables exit status 127' on the Container Network Firewall section

457
Created On 09/27/22 03:57 AM - Last Modified 12/17/25 22:08 PM


Symptom


  • Prisma Cloud Defender status showing Error 'Failed to track application: failed to restore iptables exit status 127' on the Container Network Firewall section.


1.png

 

 

Environment


  • Prisma Cloud

Cause


This could be due to contention over the iptables lockfile visible in the Defender system logs.

Resolution


  1. Reboot/Restart the Defender and confirm if the Error disappears.
  2. If this does not help, disable 'Container network monitoring' and "Host network monitoring" under Radar settings and redeploy the Defender.


Screenshot 2022-09-27 at 11.45.30 AM.png

 

Additional Information


Additionally check the Defender Logs and the Main syslog destination for tre OS (eg -/var/log/messages under RHEL, /var/log/syslog under Debian) for any errors.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sZGvCAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail