Receive time of logs ("Traffic Log") in a custom report

Reply
Highlighted
Not applicable

Receive time of logs ("Traffic Log") in a custom report

Hello all,

I've created a custom report for gettings logs (from Database "Traffic Log") and I need the exact receive time for the entries.

Unfortunately, there is no such column to choose from. The only column that contains time information is "quarter hour" - but this is not precise enough.

Screenshot1.png

If you take a look at the traffic logs directly (no custom report), you see that there is a column with the exact receive time. So this information is definitely stored in the database.

Screenshot2.png

Is it possible to get out the receive time in a custom report?

Thanks in advance

L4 Transporter

Re: Receive time of logs ("Traffic Log") in a custom report

As you have found there is not an available column for 'Receive Time'. One possible workaround is to create a custom report using traffic logdb and then use 'Log View' in the report group.

Here is a sample config:

reports.JPG

A email scheduler profile can be configured to send report-group off the device. This may not be ideal, but it should show the timestamp in the generated report pdf.

-Stefan

Not applicable

Re: Receive time of logs ("Traffic Log") in a custom report

Thanks for your message, Stefan.

The problem is, that I need to create a Excel file via .NET (C#). So I need to get the information via the XML REST API (not via a PDF file).

Do you know if there is a workaround for that problem?

L4 Transporter

Re: Receive time of logs ("Traffic Log") in a custom report

Hi Gerold,

I am not aware of a way to export the log view information from the API.

Beginning in PanOS 5.0 the logs can be exported via API with 'type=log&log-type=traffic', then the xml returned could be transformed into csv.

If you are using pre 5.0, perhaps you could utilize the 'scp export log traffic' option. Here is an example:

scp export log traffic start-time equal 2013/01/12@00:00:00 end-time equal 2013/01/26@00:00:00 to root@172.18.32.143:/root/logbackup/logger.csv

- Stefan

Not applicable

Re: Receive time of logs ("Traffic Log") in a custom report

Hi Stefan,

that's exactly what I was looking for (fortunately, we have upgraded our firewall to version 5).

Once again, thanks for your answer.

Best regards,

Gerold

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!