Review WildFire Analysis Details

For each file, Traps management service receives a file verdict and the WildFire Analysis Report detailing additional information you can use to assess the nature of a file.
  • Drill down into WildFire Analysis Details.
    WildFire analysis details are available for files that receive a WildFire verdict. You can view the WildFire Analysis Report on the WildFire tab of a Files entry. If the file attempted to run and triggered a Local Analysis or WildFire event, you can also view the report from the associated Security Events entry.
    1. Select the Event on Security Events or the File Name on FilesAnalytics or FilesQuarantine.
      Traps management service displays additional details about the security event or file.
    2. Select WildFire.
      The following figure displays an example of the WildFire analysis details of a file. The details are the same as what you would see on the WildFire tab of a security event.
      tms-file-analytics-wildfire-details.png
    3. Select the testing environment, for example Windows 7 x64 SP1, to review the summary and additional details for that testing environment.
    4. Expand the different sections of the report to view the reported behavior for the file.
  • Download the official WildFire report.
    1. Select the Event on the Security Events page or the File Name on the FilesAnalytics or FilesQuarantine pages.
    2. Select WildFire.
    3. Download download-icon.png the report to view WildFire details.
      Traps management service exports the PDF report for you to save.
  • Report an incorrect verdict to Palo Alto Networks.
    1. Select the Event on the Security Events page or the File Name on the FilesAnalytics or FilesQuarantine pages.
    2. Select WildFire.
    3. Review the sample information and verify the verdict that you are reporting.
    4. Report ( report-icon.png ) the incorrect verdict to Palo Alto Networks.
    5. Suggest a different Verdict for the hash.
    6. (Optional) Enter an email address to receive an email notification after Palo Alto Networks completes the additional analysis.
    7. (Optional but recommended) Enter any details that may help us to better understand why you disagree with the verdict.
    8. Click Report.

Related Documentation