I would like to know how to use the unexported-only feature with this command:
scp export log traffic to user@ip:/path/test.csv start-time equal 2016/08/14@00:00:00 end-time equal 2016/08/14@23:59:59
Also is it possible to invoke it through the API?
As far as i know there is no 'unexported-only' feature. I've tried looking for it, in case i was not aware of it's existance, but have not encountered any reference to it.
was on old panos versions.You don't need it.
if you have much logs, make sure you changed the maximum csv limit.
Then you can use start time and end time to export.(you need to divide if limit is not enough)
I would have to log start and end times though and still this does not ensure integrity. I can't believe Palo Alto would remove such a feature. While exporting the logs, the device still marks exported logs so why remove this?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!