A WildFire submissions log is an automatically generated, time-stamped file that provides an audit trail to track events when a Palo Alto Networks network security platform forwards samples (files and emails links) to the WildFire cloud for analysis based on WildFire Analysis profile settings (Objects > Security Profiles > WildFire Analysis). WildFire Submissions log entries are generated for each sample forwarded to the WildFire cloud that has completed static and/or dynamic analysis of the sample. WildFire Submissions log entries include the Action taken on the sample (allow or block), the WildFire verdict for the submitted sample as determined through WildFire analysis, the severity level of the sample, and other details.

By default, WildFire submissions logs are created for Benign and Malicious samples; while Grayware and Benign samples generate no logs. You can change the WildFire submission log settings to include Grayware and Benign samples as well as additional session information contained in email links.

Enable the following options for WildFire Submissions logs