PanOS CLI show tags?

L1 Bithead

PanOS CLI show tags?

I can tag a rule via CLI, but how can I ask Panorama to show me rules tagged with tag-name?


set device-group DG-Name security rules "Existing-rule-name" tag tag-name

Tags (1)
L4 Transporter

Re: PanOS CLI show tags?

Hello there.


With a little bit a practice, this is what I would do:

(Even though I am showing commands from a FW, the same/similar commands would work on Panorama


admin@firewall-a# run set cli config-output-format set
admin@firewall-a# show | match tag


This is output from what the FW/Panorama would show... (anything with the word tag on it)

If you wanted to be more granular... you could change the | match <granular tag here> to find only the specific tag

set tag danger color color7
set tag egress color color3
set tag dmz color color6
set tag internal color color4
set rulebase nat rules gp-portal-no-nat tag internal
set rulebase nat rules gp-portal-no-nat group-tag internal

Help the community: Like helpful comments and mark solutions
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!