>
    View WildFire Sample Analysis Processing Details
    Focus
    Download PDF
    Focus
    1. Home
    2. Advanced WildFire Powered by Precision AI™
    3. Monitor WildFire Appliance Activity
    4. Use the WildFire Appliance to Monitor Sample Analysis Status
    5. View WildFire Sample Analysis Processing Details
    Download PDF
    Advanced WildFire Powered by Precision AI™

    View WildFire Sample Analysis Processing Details

    Table of Contents

    View WildFire Sample Analysis Processing Details

    Where Can I Use This?What Do I Need?
    • WildFire Appliance
    • WildFire License
    The WildFire appliance retains records of analysis activity within an event log. You can view details about which connected services or appliances in your network analyzed a particular sample, as well as how many samples were analyzed in a given time-frame. You can use this information to monitor activity and develop policies and countermeasures against malicious activity. Unusually heavy activity can indicate suspicious activity. Also consider using a threat intelligence tool such as AutoFocus to investigate and determine the nature of a threat.
    1. View the number of samples processed locally within a specified timespan or based on a maximum number of samples.
      show wildfire local sample-processed {time [last-12-hrs| last-15-minutes | last-1-hr | last-24-hrs | last-30-days | last-7-days| last-calender-day | last-calender-month] \ count <number_of_samples>}. 
      Latest samples information:
+------------------------------------------------------------------+---------------------+-----------+------------+-----------+------------+-------------------+
|                              SHA256                              |     Create Time     | File Name |  File Type | File Size |  Malicious |      Status       |
+------------------------------------------------------------------+---------------------+-----------+------------+-----------+------------+-------------------+
| ce752b7b76ac2012bdff2b76b6c6af18e132ae8113172028b9e02c6647ee19bb | 2018-12-09 16:55:53 |           | Email Link |   31,522  |            | download complete |
| 349e57e51e7407abcd6eccda81c8015298ff5d5ba4cedf09c7353c133ceaa74b | 2018-12-09 16:53:40 |           | Email Link |   39,679  |            | download complete |
+------------------------------------------------------------------+---------------------+-----------+------------+-----------+------------+-------------------+
    2. Identify the device(s) that submitted a specified sample for WildFire analysis.
      show wildfire global sample-device-lookup sha256equal <SHA_256>. 
      
Sample 1024609813c57fe174722c53b3167dc3cf5583d5c7abaf4a95f561c686a2116e last seen on following devices:
+------------------------------------------------------------------+-----------+-----------+---------------------+
|                              SHA256                              | Device ID | Device IP |    Submitted Time   |
+------------------------------------------------------------------+-----------+-----------+---------------------+
| 1024609813c57fe174722c53b3167dc3cf5583d5c7abaf4a95f561c686a2116e |   Manual  |   Manual  | 2019-08-05 19:24:39 |
+------------------------------------------------------------------+-----------+-----------+---------------------+

    © 2025 Palo Alto Networks, Inc. All rights reserved.