CLI command to get the unused/zero hits security policy.

L2 Linker

CLI command to get the unused/zero hits security policy.

I see unused check box on GUI, what is the command to get similar results on CLI

L7 Applicator

Re: CLI command to get the unused/zero hits security policy.

@sandeep.paul

show running rule-use rule-base <option> type unused vsys vsys1

 

That command will give you, in my opinion, an easier to read list than what the GUI is capable of giving you. 

L2 Linker

Re: CLI command to get the unused/zero hits security policy.

Thanks BPry

L2 Linker

Re: CLI command to get the unused/zero hits security policy.

Does tho command show unused policies since last reboot? Is there any duration or how far it checks on the unused policies. Please let me know.
L7 Applicator

Re: CLI command to get the unused/zero hits security policy.

@sandeep.paul,
Correct. That command, and the firewall in general, is only going to be able to tell you if the policy has been used since the device was last restarted. Once you restart all of your rules will become unused until they actually match to another session.
L2 Linker

Re: CLI command to get the unused/zero hits security policy.

Thanks, is there any command that we will know if sec policy is not being used from Day it was configured?
L6 Presenter

Re: CLI command to get the unused/zero hits security policy.


@sandeep.paul wrote:
Thanks, is there any command that we will know if sec policy is not being used from Day it was configured?

 

Unfortunately no

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!