Incomplete = The three-way TCP handshake didn’t complete. (Routing issue or destination server not listening on the port) Not-applicable = The data received by the Palo Alto device will be rejected because the port or service through which the traffic is coming in is not authorized, or there is no rule or policy that allows that port or service. Unknown-tcp = The three-way TCP handshake was intercepted by FW, but the application was not identified. Unknown-udp = unknown udp traffic Insufficient data = not enough data to identify the application. tcp-rst-from-client = Client sent a TCP reset to the server. tcp-rst-from-server = Server sent a TCP reset to the client. Aged-Out = Session Timed out
You don’t have to do anything on PA for session end reasons (unless PA genuinely denies it). And a typical TCP session ends with a reset (either by the server or the client). For non-TCP sessions, session timeout is also a common occurrence. So no action is required; they are helpful details provided by PA.