Default log forwarding and profile group

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Default log forwarding and profile group

L2 Linker

HI,

 

I've migrated a firewall with 1000 rules, and i need to set one profile of log forwarding and one security profile group. Is possible set this profile for all rules at once, and not one per one.

 

Marco Poffal Daza

Professional Services Engineer
PCNSE / PCNSC
3 REPLIES 3

L7 Applicator

Hi @MPoffal

 

At least in the WebUI it is not possible. But you can use the following methods:

  • PaloAlto Migration Tool
  • CLI - show all rules, copy the output to notepad, modify or add the log forwarding setting for each rule and past the edited configuration back to CLI
  • API - write a little script with a foreach-function to add the profile to every existing rule

Cyber Elite
Cyber Elite

@MPoffal,

In my mind there are only two options that actually work well. 

1) Modify the XML directly: If you're good with XML then just do it this way, it's by far easier and would take the smallest amount of time. 

2) If you don't want to work with XML then the migration tool actually works very well for making bulk changes. 

 

Other options that work but I wouldn't recommend them. 

 

3) API; You likely won't see any mistakes in the script unless you actually save the output to a file and look through it, which doesn't seem like much fun. 

 

4) If you export the name of all of your rules you can simply write a script to go through and set  log forwarding and security group profiles that way. It isn't the best option but it would be very easy. 

 

L2 Linker

thanks @BPry and @Remo

Professional Services Engineer
PCNSE / PCNSC
  • 3305 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!