Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
How to start and stop scans on Prisma Compute Console - Knowledge Base - Palo Alto Networks

How to start and stop scans on Prisma Compute Console

2570
Created On 01/31/23 17:06 PM - Last Modified 07/11/24 19:26 PM


Objective


The objective of this article is guide the user on ways to start and stop scans on the Prisma Compute Console.

Environment


  • Prisma Compute Console - Self hosted & SaaS (all versions)
  • Source environment (Registries, Cluster, Hosts, and so on.)  

Procedure


To start/trigger scans:
  • Navigate to Radar > Cloud, click on the graph icon on the bottom right to start scanning cloud resources as part of Cloud Discovery
Screen Shot 2023-01-31 at 10.28.18 AM.png
  • Navigate to Defend > Vulnerabilities > Images > Registry settings, add a registry or update an existing entry followed by clicking on "Save and scan" to trigger the registry scans
Screen Shot 2023-01-31 at 10.34.06 AM.png
  • Similarly, navigate to Defend > Compliance > Code Repositories > Repositories, add scope or update an existing scope entry followed by clicking on "Save" to trigger code repositories scan
  • Navigate to Monitor > Vulnerabilities > Code repositories/Images/Hosts/VMware Tanzu blobstore, and click on "Scan" to trigger respective scans except CI scans
Screen Shot 2023-01-31 at 10.45.42 AM.png
  • Similarly, navigate to Monitor > Compliance > Code repositories/Images/Hosts/Functions/Trusted images, and click on "Scan" to trigger respective scans except CI scans
  • Lastly, navigate to Manage > System > Scan and update the values present under "Scheduling" followed by clicking "Save" to trigger respective scans
To stop a scan:
  • Navigate to Manage > System > Scan and change the value present under "Scheduling" to "0" followed by clicking "Save" to stop respective scans
  • "Collections" can be used to scope out a specific resource as well as Defender to ultimately stop scans
  • The deletion of Defenders stops scans
  • Lastly, addition of "Exceptions" and features like "Block threshold" can stop further scanning of the affected resource

Additional Information


  • "Configure scanning"  documentation shows how to schedule the scans to determine the start/stop for various scans
  • The Defender agents are responsible for agent based scans, while agentless scans can be stopped at source or from the Console
  • There is no way we can specify an exact time for the start/stop of the scans, using the instructions mentioned above shall help
  • The removal of Defender or Console connectivity from source shall completely stop the scans, and disrupt visibility
Other users also viewed:
How to download GlobalProtect from the Customer Support Portal
Download and Install the GlobalProtect App for Windows
Resource List: GlobalProtect Configuring and Troubleshooting
PAN-OS Software Updates
Where to find the current preferred software versions? (PAN-OS, GlobalProtect, User-ID Agent, Plugins)
Results 1-5 of 239,706
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sajZCAQ&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language