Prisma Cloud Compute: What does the warning message “Failed to query wildfire, capacity reached” mean on the defender logs from Prisma Cloud?

Prisma Cloud Compute: What does the warning message “Failed to query wildfire, capacity reached” mean on the defender logs from Prisma Cloud?

3235
Created On 10/03/22 08:44 AM - Last Modified 12/09/24 20:36 PM


Question


What does the warning message "Failed to query wildfire, capacity reached” mean on the defender logs from Prisma Cloud?

SCR-20221003-er8.png

Environment


  • Prisma Cloud Enterprise Edition with Compute
  • Prisma Cloud Compute Edition (Self-Hosted 19.11 and later)

Answer


This warning message "Failed to query wildfire, capacity reached" indicates that you have reached a limit with WildFire uploads.

As per official documentation:
  • You can submit up to 5000 files per day, and get up to 50,000 verdicts on your submissions to the WildFire service.
  • Wildfire is supported on Linux only.
    Windows containers and hosts aren’t currently supported.
In addition, you can't select which files to send and which ones not to send. Alternatively what you can do is decide which containers use wildfire. Meaning by specifying a scope in the runtime rule in which Wildfire is enabled.


    Additional Information
    Other users also viewed:
    Actions
    • Print
    • Copy Link

      https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sZLlCAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

    Choose Language