1. Home
    2. AutoFocus
    3. AutoFocus™ What's New Guide
    4. Latest AutoFocus Release Information
    5. AutoFocus Known Issues

    AutoFocus Known Issues

    The following list includes known issues found in the current AutoFocus release.
    Issue ID
    Description
    ATF-9292
    In some instances, AutoFocus search results might not properly display when paging through an undetermined number of samples with the error: No data to display.
    ATF-9290
    Accessing AutoFocus Threat Intelligence data from the firewall might fail with a 500 server error.
    ATF-9289
    The AutoFocus Dashboard and Report widgets might fail to load data.
    ATF-9288
    The Top Tags widget fails to load data in the Total # Samples and Last Hit columns.
    ATF-9287
    The Top Sample widget fails to load properly in the My Industry and All reports.
    ATF-9284
    AutoFocus advanced searches using the Threat Name indicator do not properly generate results.
    ATF-9283
    AutoFocus sample and session search results cannot be sorted, with the exception of a Sort Descending / First Seen option for sample searches.
    ATF-7419
    Changes to the Preferred Scope setting on the AutoFocus Settings page does not take affect until you perform one of the following tasks:
    • Log out of AutoFocus and then log back in.
    • Exit the AutoFocus search, refresh your browser window, and then return to the AutoFocus search page.
    ATF-7331
    When using the AutoFocus advanced search, the show search history feature does not display any entries.
    ATF-7200
    The timestamp shown on email report titles do not accurately reflect when the report was actually sent because report scheduling is based on a PDT system, while reports are generated using UTC time. As a result, an email report configured to be sent on Monday, 9:00 PM will be display Tuesday, 5:00 AM on the report cover.
    ATF-7199
    A private sample cannot be changed to a public sample from an AutoFocus Wildfire (sample) search.
    When viewing the API request of an AutoFocus search, the Python and Curl commands might not properly reflect the from, size, and sort, parameters.
    Attempting to add or remove the configured preferred hash column from the WildFire (samples) or Activity (sessions) page might result in: the de-selection of some or all other columns in the list or the inability to remove the configured preferred hash.
    ATF-7025
    Tag labels might not be displayed in it’s entirety depending on the widget configuration and the length of the tag name.
    ATF-6992
    In some instances, the
    Search
     option on the custom feeds page takes some time to reload the new query results.
    ATF-6795
    Changes made to the preferred hash setting does not have any effect on AutoFocus searches. Instead, only
    SHA256
     results display regardless of the preferred hash setting.
    ATF-6768
    If the required query parameters are missing when issuing a Threat Indicator Card API call, the API returns in the incorrect status codes.
    ATF-6735
    Time stamps shown in various AutoFocus queries are displayed in a non-human readable format when editing custom feeds.
    ATF-6686
    When editing the
    Remote System
     configuration, the verification check used to find duplicate settings, is not properly executed. Make sure to manually check for duplicate settings before editing your existing remote systems.
    If AutoFocus experiences a supporting service outage when configuring a custom feed query or when initiating a search, the UI erroneously displays No Results or No Data instead of Service Temporarily Unavailable.
    ATF-6586
    The search condition that is automatically populated by AutoFocus when performing a
    Quick Search
     is not refreshed when followed up by another
    Quick Search
    .
    ATF-6559
    AutoFocus automatically populates the search condition field when pivoting from an
    Indicators
     search to a
    WildFire
     or
    Activity
     search, however, returning to the
    Indicators
     search results in an empty search string.
    ATF-6524
    Error message banners shown under AutoFocus
    Feeds
     do not automatically close.
    ATF-6243
    Some samples might be missing the ssdeep and imp_hash values on the
    File Analysis
     tab of a WildFire (sample) search.
    ATF-6148
    The session artifact API call is unable to decode special characters.
    ATF-6090
    Some of the identifiers contained in the AutoFocus advanced search drop down list are not listed in alphabetical order.
    ATF-6043
    Certain samples do not properly display matching YARA file analysis details.
    ATF-6015
    Some threat signatures might not be available to view in AutoFocus under certain operational conditions.
    ATF-6012
    The
    Malware Session Percentage By Day
    widget does not auto-zoom to the proper level when opened using a saved search.
    ATF-5985
    The AutoFocus license exception page does not correctly display the user entity name.
    ATF-5945
    In some instances, AutoFocus might not allow you to create a new private tag because it erroneously believes the 100 tag limit was reached.
    ATF-5635
    In some instances, an AutoFocus search using the
    Tag
     identifier might produce results that do not match the selected tag(s).
    ATF-5633
    In some instances, the
    Updated
     field in the AutoFocus tag detail page might not properly reflect the actual revision date.
    ATF-5570
    In some instances, creating a search using the File Type indicator and subsequently adding an additional indicator before the first one finishes loading, might result in the second indicator converting to a File Type indicator.
    ATF-5366
    MineMeld might send double the number of entries in an EDL link to a connected firewall running PAN-OS 8.0.
    ATF-5333
    When the AutoFocus interface font size is increased, some elements of the information panel (such as the
    Give Feedback
     link) might not display correctly.
    ATF-5331
    The filetype counts shown in the
    Top Filetypes
     widget do not always match the figures provided through the API.
    ATF-5254
    When the maximum allowable tag limit of 100 is reached, subsequent attempts to add tags will fail without an displaying an error.
    ATF-5074
    In some instances, deleted scheduled reports might continue to automatically generate and send reports to specified recipients.
    ATF-4881
    Certain APK samples might not show the
    Suspicious Pattern
     section in the
    File Analysis
     page.
    ATF-4859
    In some instances, scheduled email reports might not be sent as configured.
    ATF-4751
    New custom reports are not displayed in
    Reports
     until the page is refreshed.
    ATF-4750
    Threat Name
     searches using the
    is in the list
     operator do not generate consistent search results.
    ATF-4682
    The sort functionality present in
    Open Saved Search
     does not properly display content, depending on the sort settings used.
    ATF-4435
    Certain widgets displaying verdicts are not impacted by the dashboard and report verdict filter settings.
    ATF-4252
    Top Malware Family Tags
    ,
    Top Campaign Tags
    , and
    Top Malicious Behavior Tags
     widgets are preconfigured to display only Unit 42, Private, and Commodity tags. However, the
    Top Tags
     widget can be configured using any and all tags.
    ATF-3796
    In some instances, exported PDF reports containing a
    Malware Percentage by Day
     widget might result in the data graph overlapping with the explanatory key, depending on the browser used.
    ATF-3748
    External links contained in exported PDF reports have limited functionality.
    ATF-2833
    The
    Disk
     widget located in the MineMeld System tab does not show accurate disk space usage.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo