Rule usage report in PanOS 8?

Reply
Highlighted
L1 Bithead

Rule usage report in PanOS 8?

Is it possible to create (scheduled) rule usage reports in PanOS 8, ideally from Panorama on a per device group basis? 

I see the rule usage data present, seems silly there wouldn't be a capability to query against it.

Rules (not) used withing last X days?

 

Tags (3)
L1 Bithead

Re: Rule usage report in PanOS 8?

PanOS 8, or 8.1?

 

If 8.1, then me responding is fruitless as I do not know the answer.

 

If 8.0, then I would recommend updating to 8.1. The coolest feature, to me, that was introduced with 8.1 is the ability to see how often rules are hit when looking at the policies on a given firewall.

L7 Applicator

Re: Rule usage report in PanOS 8?

Hello,

While I encourage all to read the release notes. Going to 9.0.4 offers additional features, including analyzing the policies over time to see if the policy could be modified with app instead of ports, etc.

 

But definitely move away from 8.0 since it is end of life.

https://docs.paloaltonetworks.com/resources/eol#sort=relevancy&layout=card&numberOfResults=25

Regards,

L7 Applicator

Re: Rule usage report in PanOS 8?

@BoDollis,

This deviated from your original question quickly. 

 

Is it possible to create (scheduled) rule usage reports in PanOS 8, ideally from Panorama on a per device group basis? 

There is not a way to create a scheduled report for this within any current release of PAN-OS, regardless of version. This information is exposed in the API, so it is something that could be scripted. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!