Does anyone know how to specify your traffic logs by vsys and add multiple search parameters of the same type like you can in the gui? We are running PanOS 4.1.7. Notice that the app option does not show up anymore and and there is no vsys option.
PA-1(active)> show log traffic action equal deny app not-equal not-applicable
+ csv-output csv-output
+ direction direction
+ dport dport
+ dst dst
+ dstuser dstuser
+ end-time end-time
+ from from
+ query query
+ receive_time receive_time
+ rule rule
+ sport sport
+ src src
+ srcuser srcuser
+ start-time start-time
+ to to
| Pipe through a command
I cant find it either when looking through the CLI manual for PANOS 4.1.
It seems that only the alarm facility has the vsys option to filter on when doing show log:
> traffic — Displays traffic logs
+ action — Action equals or does not equal allow, deny, or drop
+ app — Equals or does not equal value
+ csv-output — Equals CSV output (no or yes)
+ direction — Backward or forward direction
+ dport — Destination port equals or does not equal (0-65535)
+ dst — Destination IP address in or not in (x.x.x.x/y or IPv6/netmask)
+ dstuser — Equals destination user name
+ end-time — Ending date and time YYYY/MM/DD@hh:mm:ss (e.g., 2011/08/01@10:00:00)
+ from — Equals or does not equal value
+ query — Equal to query value
+ receive_time — Receive time in the last specified time period (press <tab> for list)
+ rule — Equals or does not equal rule value
+ sport — Source port equals or does not equal (0-65535)
+ src — Source IP address in or not in (x.x.x.x/y or IPv6/netmask)
+ srcuser — Equals source user name
+ start-time — Starting date and time YYYY/MM/DD@hh:mm:ss (e.g., 2011/08/01@10:00:00)
+ to — Equals or does not equal value
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!