Skip to main content
Panther Knowledge Base

How do I resolve getting alerts from an IP address listed in Panther’s Sunburst IP range list?

  1. Last updated
  2. Save as PDF

QUESTION

We are getting false positive alerts from the IP address 34.203.203.23, which is listed in Panther's Sunburst IP range from a few years back. How do I resolve this or remove this IP address from the Sunburst IP range list?

ANSWER

 

The Sunburst IOC rule is deprecated and should be disabled. Please disable the Sunburst IOC detections in your Panther Console. See Panther’s documentation on Detection Packs for more information on disabling packs.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.