How to Change the Configuration Audit Version Limit

How to Change the Configuration Audit Version Limit

21056
Created On 09/25/18 17:52 PM - Last Modified 06/08/23 08:50 AM


Resolution


Overview

Configuration Audit versions are useful for rolling a Palo Alto Networks firewall back to a past configuration or for the purpose of comparing the modifications made across commits. This document explains how to change the limit of saved audit versions using the WebUI and CLI.

Details

The Palo Alto Networks firewall stores Configuration Audit versions each time a commit is performed. The list of configuration versions, along with the associated commit timestamp, can be viewed on the WebUI:

  1. Go to Device > Setup > Operations
  2. Under the Configuration Management section, click Load configuration version

A comparison between two versions of configurations (including the candidate configuration) can be performed and viewed at: Device > Config Audit.

The number of configuration audit versions the system will save has a configurable range of 1-1048576 with a default of 100. The number specifies the maximum number of audit versions that stored before discarding the oldest ones.

Set the number of audit versions on the WebUI

  1. Go to: Device > Setup
  2. In the Management>Logging and Reporting Settings section, update the value for: Number of Versions for Config Audit
    Config Audit.PNG

Set the number of audit versions on the CLI

# set deviceconfig setting management max-audit-versions  <1-1048576>

# commit

owner: akawimandan
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClLHCA0&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language