topic search traffic logs by vsys in CLI in General Topics https://live.paloaltonetworks.com/t5/general-topics/search-traffic-logs-by-vsys-in-cli/m-p/24702#M17996 <HTML><HEAD></HEAD><BODY><P>Does anyone know how to specify your traffic logs by vsys and add multiple search parameters of the same type like you can in the gui? We are running PanOS 4.1.7. Notice that the app option does not show up anymore and and there is no vsys option.</P><P></P><P>PA-1(active)&gt; show log traffic action equal deny app not-equal not-applicable </P><P>+ csv-output&nbsp;&nbsp;&nbsp;&nbsp; csv-output </P><P>+ direction&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; direction </P><P>+ dport&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dport </P><P>+ dst&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dst </P><P>+ dstuser&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dstuser </P><P>+ end-time&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; end-time </P><P>+ from&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; from </P><P>+ query&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; query </P><P>+ receive_time&nbsp;&nbsp; receive_time </P><P>+ rule&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; rule </P><P>+ sport&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sport </P><P>+ src&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; src </P><P>+ srcuser&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; srcuser </P><P>+ start-time&nbsp;&nbsp;&nbsp;&nbsp; start-time </P><P>+ to&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; to </P><P>&nbsp; |&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Pipe through a command</P></BODY></HTML> Tue, 11 Dec 2012 17:04:42 GMT Jinx 2012-12-11T17:04:42Z search traffic logs by vsys in CLI https://live.paloaltonetworks.com/t5/general-topics/search-traffic-logs-by-vsys-in-cli/m-p/24702#M17996 <HTML><HEAD></HEAD><BODY><P>Does anyone know how to specify your traffic logs by vsys and add multiple search parameters of the same type like you can in the gui? We are running PanOS 4.1.7. Notice that the app option does not show up anymore and and there is no vsys option.</P><P></P><P>PA-1(active)&gt; show log traffic action equal deny app not-equal not-applicable </P><P>+ csv-output&nbsp;&nbsp;&nbsp;&nbsp; csv-output </P><P>+ direction&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; direction </P><P>+ dport&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dport </P><P>+ dst&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dst </P><P>+ dstuser&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dstuser </P><P>+ end-time&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; end-time </P><P>+ from&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; from </P><P>+ query&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; query </P><P>+ receive_time&nbsp;&nbsp; receive_time </P><P>+ rule&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; rule </P><P>+ sport&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sport </P><P>+ src&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; src </P><P>+ srcuser&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; srcuser </P><P>+ start-time&nbsp;&nbsp;&nbsp;&nbsp; start-time </P><P>+ to&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; to </P><P>&nbsp; |&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Pipe through a command</P></BODY></HTML> Tue, 11 Dec 2012 17:04:42 GMT https://live.paloaltonetworks.com/t5/general-topics/search-traffic-logs-by-vsys-in-cli/m-p/24702#M17996 Jinx 2012-12-11T17:04:42Z Re: search traffic logs by vsys in CLI https://live.paloaltonetworks.com/t5/general-topics/search-traffic-logs-by-vsys-in-cli/m-p/24703#M17997 <HTML><HEAD></HEAD><BODY><P>I cant find it either when looking through the CLI manual for PANOS 4.1.</P><P></P><P>It seems that only the alarm facility has the vsys option to filter on when doing show log:</P><P></P><P>&gt; traffic — Displays traffic logs</P><P>+ action — Action equals or does not equal allow, deny, or drop</P><P>+ app — Equals or does not equal value</P><P>+ csv-output — Equals CSV output (no or yes)</P><P>+ direction — Backward or forward direction</P><P>+ dport — Destination port equals or does not equal (0-65535)</P><P>+ dst — Destination IP address in or not in (x.x.x.x/y or IPv6/netmask)</P><P>+ dstuser — Equals destination user name</P><P>+ end-time — Ending date and time YYYY/MM/DD@hh:mm:ss (e.g., 2011/08/01@10:00:00)</P><P>+ from — Equals or does not equal value</P><P>+ query — Equal to query value</P><P>+ receive_time — Receive time in the last specified time period (press &lt;tab&gt; for list)</P><P>+ rule — Equals or does not equal rule value</P><P>+ sport — Source port equals or does not equal (0-65535)</P><P>+ src — Source IP address in or not in (x.x.x.x/y or IPv6/netmask)</P><P>+ srcuser — Equals source user name</P><P>+ start-time — Starting date and time YYYY/MM/DD@hh:mm:ss (e.g., 2011/08/01@10:00:00)</P><P>+ to — Equals or does not equal value</P></BODY></HTML> Wed, 12 Dec 2012 12:55:59 GMT https://live.paloaltonetworks.com/t5/general-topics/search-traffic-logs-by-vsys-in-cli/m-p/24703#M17997 mikand 2012-12-12T12:55:59Z