: Visibility on Custom Threat Names
Focus
Focus

Visibility on Custom Threat Names

Table of Contents
End-of-Life (EoL)

Visibility on Custom Threat Names

Custom spyware and vulnerability threat objects are now written on the firewall logging and reporting.
You can create custom spyware and vulnerability threat objects with a custom Threat ID on Panorama on a per-device group level and pushed to managed firewall. In PAN-OS 10.0, maps custom Threat IDs to the corresponding custom threat object name on the firewall and enables the firewall to generate a threat log populated with the configured custom Threat ID. By mapping the custom Threat IDs to the threat object name on the firewall, you provide enhanced monitoring and visibility in to your threat data by allowing you to correlate network events with specific custom threat objects.
For this example, we will configure a custom vulnerability object.
  1. Log in to the Panorama Web Interface.
  2. Configure the custom vulnerability object.
    1. Select ObjectsCustom ObjectsVulnerability and select the appropriate Device Group.
    2. Add a new custom vulnerability object.
    3. Enter the custom Threat ID.
    4. Enter a descriptive Name for the custom vulnerability object.
    5. Select the Severity to indicate the seriousness of the threat.
    6. Select the Direction to indicate whether the threat is assessed from client to server, server to client, or both.
    7. Configure any additional settings for the custom vulnerability object.
    8. Select the Signatures tab and Add a new signature for the custom vulnerability object.
    9. Click OK to save your configuration changes.
  3. Click Commit and Commit and Push your configuration changes.
  4. After your firewalls have processed traffic, select MonitorThreat and export the threat log as a CSV.
  5. Navigate to the Threat/Content ID field to review whether a network threat incident was logged against the custom vulnerability object you created. See Threat Log Fields for more information on the threat syslog field descriptions.