for each WildFire
Inline ML model. This enforces the WildFire Inline ML Actions settings
configured for each protocol on a per model basis.
classification engines available:
PowerShell Scripts 1
PowerShell Scripts 2
Executable Linked Format
inspects traffic according to your selections in the WildFire Inline
ML Action column in the decoders section of the
—WildFire inspects traffic according
to your selections in the WildFire Inline ML Action column in the
decoders section of the
tab and overrides
any action with a severity level higher than
which allows traffic to pass while still generating and saving an alert
in the threat logs.
—WildFire allows traffic to pass without any
Add file exceptions to your WildFire
and Antivirus security profile if you encounter false-positives.
This is typically done for users who are not forwarding files to
WildFire for analysis. You can add the file exception details directly
to the exception list or by specifying a file from the threat logs.
If your WildFire Analysis security profile is configured
to forward the filetypes analyzed using WildFire inline ML, false-positives are
automatically corrected as they are received. If you continue to
see ml-virus alerts for files that have been classified as benign
by WildFire Analysis, please contact Palo Alto Networks Support.
Add file exceptions directly to the exception list.
Add the hash, filename, and description of the file that
you want to exclude from enforcement.