How to disable scheduled update for contents from CLI
11254
Created On 05/06/20 14:36 PM - Last Modified 03/02/21 03:45 AM
Objective
There is a case when the firewall management port doesn't have access to the internet and local admin can't get to the firewall using WebUI. if automatic content update for Anti-virus App & threat and Wildfire was enabled, firewall will try to connect to update server even though there is no internet connectivity. This will generate system log entries for every failed attempts and it will be unnecessary. If you still have access to console port, you can disable the scheduled update from CLI.
Environment
- Any Palo Alto Firewall
- PAN-OS 8.1, 9.0, 9.1
Procedure
To disable content updates from CLI, Run the following commands to disable the required updates and verify the result. This will stop unwanted system log entries.
> configure
# delete deviceconfig system update-schedule anti-virus //schedule for anti-virus deleted
# delete deviceconfig system update-schedule threat //schedule for threat deleted
# delete deviceconfig system update-schedule url-database //schedule for url-database deleted
# delete deviceconfig system update-schedule wf-private //schedule for wf-private deleted
# delete deviceconfig system update-schedule wildfire //schedule for wildfire deleted
# commit
# show deviceconfig system update-schedule //This command is to recheck the schedule.
# exit