AutoFocus Known Issues
Table of Contents
Expand all | Collapse all
-
- New Features October 2020
- New Features September 2020
- New Features: August 2020
- New Features: April 2020
- New Features: November 2019
- New Features: May 2019
- New Features: March 2019
- New Features: February 2019
- New Features: November 2018
- New Features: October 2018
- New Features: September 2018
- New Features: August 2018
- New Features: July 2018
- New Features: June 2018
AutoFocus Known Issues
The following list includes known issues found in the
current AutoFocus release.
Issue ID | Description |
|---|---|
ATF-9292 | In some instances, AutoFocus search results
might not properly display when paging through an undetermined number
of samples with the error: No data to display. |
ATF-9290 | Accessing AutoFocus Threat Intelligence
data from the firewall might fail with a 500 server error. |
ATF-9289 | The AutoFocus Dashboard and Report widgets
might fail to load data. |
ATF-9288 | The Top Tags widget fails to load data in
the Total # Samples and Last Hit columns. |
ATF-9287 | The Top Sample widget fails to load properly
in the My Industry and All reports. |
ATF-9284 | AutoFocus advanced searches using the Threat
Name indicator do not properly generate results. |
ATF-9283 | AutoFocus sample and session search results
cannot be sorted, with the exception of a Sort Descending / First
Seen option for sample searches. |
ATF-7419 | Changes to the Preferred Scope
setting on the AutoFocus Settings page does not take affect until
you perform one of the following tasks:
|
ATF-7331 | When using the AutoFocus advanced
search, the show search history feature does not display any entries. |
ATF-7200 | The timestamp shown on email report
titles do not accurately reflect when the report was actually sent
because report scheduling is based on a PDT system, while reports
are generated using UTC time. As a result, an email report configured
to be sent on Monday, 9:00 PM will be display Tuesday, 5:00 AM on
the report cover. |
ATF-7199 | A private sample cannot be changed
to a public sample from an AutoFocus Wildfire (sample) search. |
— | When viewing the API request of
an AutoFocus search, the Python and Curl commands might not properly
reflect the from, size, and sort, parameters. |
— | Attempting to add or remove the
configured preferred hash column from the WildFire (samples) or
Activity (sessions) page might result in: the de-selection of some
or all other columns in the list or the inability to remove the
configured preferred hash. |
ATF-7025 | Tag labels might not be displayed
in it’s entirety depending on the widget configuration and the length
of the tag name. |
ATF-6992 | In some instances, the Search option
on the custom feeds page takes some time to reload the new query results. |
ATF-6795 | Changes made to the preferred
hash setting does not have any effect on AutoFocus searches. Instead,
only SHA256 results display regardless of
the preferred hash setting. |
ATF-6768 | If the required query parameters
are missing when issuing a Threat Indicator Card API call, the API
returns in the incorrect status codes. |
ATF-6735 | Time stamps shown in various AutoFocus
queries are displayed in a non-human readable format when editing
custom feeds. |
ATF-6686 | When editing the Remote
System configuration, the verification check used to
find duplicate settings, is not properly executed. Make sure to
manually check for duplicate settings before editing your existing
remote systems. |
— | If AutoFocus experiences a supporting
service outage when configuring a custom feed query or when initiating
a search, the UI erroneously displays No Results or No Data instead
of Service Temporarily Unavailable. |
ATF-6586 | The search condition that is automatically
populated by AutoFocus when performing a Quick Search is
not refreshed when followed up by another Quick Search . |
ATF-6559 | AutoFocus automatically populates
the search condition field when pivoting from an Indicators search
to a WildFire or Activity search,
however, returning to the Indicators search
results in an empty search string. |
ATF-6524 | Error message banners shown under
AutoFocus Feeds do not automatically close. |
ATF-6243 | Some samples might be missing
the ssdeep and imp_hash values on the File Analysis tab
of a WildFire (sample) search. |
ATF-6148 | The session artifact API call
is unable to decode special characters. |
ATF-6090 | Some of the identifiers contained
in the AutoFocus advanced search drop down list are not listed in
alphabetical order. |
ATF-6043 | Certain samples do not properly
display matching YARA file analysis details. |
ATF-6015 | Some threat signatures might not
be available to view in AutoFocus under certain operational conditions. |
ATF-6012 | The Malware Session
Percentage By Day widget does not auto-zoom to the proper
level when opened using a saved search. |
ATF-5985 | The AutoFocus license exception
page does not correctly display the user entity name. |
ATF-5945 | In some instances, AutoFocus might
not allow you to create a new private tag because it erroneously
believes the 100 tag limit was reached. |
ATF-5635 | In some instances, an AutoFocus
search using the Tag identifier might produce
results that do not match the selected tag(s). |
ATF-5633 | In some instances, the Updated field
in the AutoFocus tag detail page might not properly reflect the
actual revision date. |
ATF-5570 | In some instances, creating a
search using the File Type indicator and subsequently adding an
additional indicator before the first one finishes loading, might
result in the second indicator converting to a File Type indicator. |
ATF-5366 | MineMeld might send double the
number of entries in an EDL link to a connected firewall running
PAN-OS 8.0. |
ATF-5333 | When the AutoFocus interface font
size is increased, some elements of the information panel (such
as the Give Feedback link) might not display
correctly. |
ATF-5331 | The filetype counts shown in the Top Filetypes widget
do not always match the figures provided through the API. |
ATF-5254 | When the maximum allowable tag
limit of 100 is reached, subsequent attempts to add tags will fail
without an displaying an error. |
ATF-5074 | In some instances, deleted scheduled
reports might continue to automatically generate and send reports
to specified recipients. |
ATF-4881 | Certain APK samples might not
show the Suspicious Pattern section in the File Analysis page. |
ATF-4859 | In some instances, scheduled email
reports might not be sent as configured. |
ATF-4751 | New custom reports are not displayed
in Reports until the page is refreshed. |
ATF-4750 | Threat Name searches
using the is in the list operator do not
generate consistent search results. |
ATF-4682 | The sort functionality present
in Open Saved Search does not properly display
content, depending on the sort settings used. |
ATF-4435 | Certain widgets displaying verdicts
are not impacted by the dashboard and report verdict filter settings. |
ATF-4252 | Top Malware Family Tags , Top
Campaign Tags , and Top Malicious Behavior Tags widgets
are preconfigured to display only Unit 42, Private, and Commodity
tags. However, the Top Tags widget can be configured using
any and all tags. |
ATF-3796 | In some instances, exported PDF
reports containing a Malware Percentage by Day widget might
result in the data graph overlapping with the explanatory key, depending
on the browser used. |
ATF-3748 | External links contained in exported
PDF reports have limited functionality. |
ATF-2833 | The Disk widget located in the MineMeld
System tab does not show accurate disk space usage. |