Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

WildFire: get PCAP activity

Log in to subscribe to topics and get notified when content changes.

WildFire: get PCAP activity

The WildFire: Get PCAP workflow activity gets the packet capture (PCAP) information generated during the analysis of a specified file hash on WildFire. The result of this activity is attached to a specific record as identified by the TableName and RecordId.

Input variables

Input variables determine the initial behavior of the activity.

Table 1. Input variables
Variable Description
FileSHA256Hash [string] The hash of the file received from the Palo Alto Network Firewall application.
TableName [string] The affected table.
RecordId [string] The security incident or IoC being updated.

Output variables

The output variables contain data that can be used in subsequent activities.

Table 2. Output variables
Variable Description
commandStatus [Boolean] True if a result is obtained and attached successfully.
errorMessage The error, if any, that occurred in the activity.