Do I need Logging Turned on on TAP security rule?

Reply
L4 Transporter

Do I need Logging Turned on on TAP security rule?

I am implementing a tap interface to listen to our internal network traffic.

 

I don't want all the non THREAT traffic loged, if I turn of loggin in the security rule will the threats still go to the threat log?

 

(I am presently listening only on a very quiet interface which has generated only one "informational" alert in 24hrs.

 

Thanks

 

Robin

L7 Applicator

Re: Do I need Logging Turned on on TAP security rule?

The traffic log is separate from the threat log. so you can simply not enable traffic logging on the policy and only get threat logs as a result.

 

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
L4 Transporter

Re: Do I need Logging Turned on on TAP security rule?

Yep working perfectly without the logging on.

 

Rob

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!