Rule usage report in PanOS 8?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Rule usage report in PanOS 8?

L2 Linker

Is it possible to create (scheduled) rule usage reports in PanOS 8, ideally from Panorama on a per device group basis? 

I see the rule usage data present, seems silly there wouldn't be a capability to query against it.

Rules (not) used withing last X days?

 

1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

@BoDollis,

This deviated from your original question quickly. 

 

Is it possible to create (scheduled) rule usage reports in PanOS 8, ideally from Panorama on a per device group basis? 

There is not a way to create a scheduled report for this within any current release of PAN-OS, regardless of version. This information is exposed in the API, so it is something that could be scripted. 

View solution in original post

3 REPLIES 3

L1 Bithead

PanOS 8, or 8.1?

 

If 8.1, then me responding is fruitless as I do not know the answer.

 

If 8.0, then I would recommend updating to 8.1. The coolest feature, to me, that was introduced with 8.1 is the ability to see how often rules are hit when looking at the policies on a given firewall.

Hello,

While I encourage all to read the release notes. Going to 9.0.4 offers additional features, including analyzing the policies over time to see if the policy could be modified with app instead of ports, etc.

 

But definitely move away from 8.0 since it is end of life.

https://docs.paloaltonetworks.com/resources/eol#sort=relevancy&layout=card&numberOfResults=25

Regards,

Cyber Elite
Cyber Elite

@BoDollis,

This deviated from your original question quickly. 

 

Is it possible to create (scheduled) rule usage reports in PanOS 8, ideally from Panorama on a per device group basis? 

There is not a way to create a scheduled report for this within any current release of PAN-OS, regardless of version. This information is exposed in the API, so it is something that could be scripted. 

  • 1 accepted solution
  • 3518 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!