Unused rules

Reply
Highlighted
L0 Member

Unused rules

I know it is possible to get unused rules since last reboot, but it is obvious the data is in Panorama.  Is there no way to get a list of rules not used since a specified date?

 

https://live.paloaltonetworks.com/t5/Learning-Articles/How-to-Identify-Unused-Policies-on-a-Palo-Alt...

 

Tags (2)
L7 Applicator

Re: Unused rules

It's an all or nothing feature. If the rule has been hit since last reboot then it isn't going to be shown as unused. I know that there is a manual way to reset this without actually restarting the thing, I can't think of it at the moment. 

Community Team Member

Re: Unused rules

Hi @SSaady,

 

How about using the ACC feature ?

Add the rule usage widget and specify a custom timeframe ... any rule not showing up in the report is unused.

 

2017-03-09_09-42-16.jpgACC Rule Usage

 

I hope this works for you.

 

Cheers,

-Kiwi

 

L7 Applicator

Re: Unused rules

Love the new ACC lots of good stuff under the hood.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
L4 Transporter

Re: Unused rules

I have a rule that shows unused in the ACC and on the traffic monitor but when I choose to highlight unused rules it show used and this was before and  after a reboot

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!