How to Filter Logs on Application Category or Subcategory Filter

How to Filter Logs on Application Category or Subcategory Filter

21018
Created On 09/25/18 19:45 PM - Last Modified 06/06/23 19:21 PM


Resolution


Details

Applications can be filtered in Logs (Traffic, Threat, URL, Wildfire and Data Filtering) using the following filters for category and subcategory:

  • (category-of-app eq application_category)
  • (subcategory-of-app eq application_subcategory)

 

The following screenshot shows an example of a filter in the traffic logs (Monitor > Logs > Traffic) for the subcategory, file-sharing:

(subcategory-of-app eq file-sharing)
Capture.JPG.jpg

 

To determine the category or subcategory of an application, search the application on the Application & Threat Research Center (as shown in the screenshot below) or go to Objects > Applications on the Palo Alto Networks firewall.
Capture.JPG.jpg

 

owner: mbutt
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClcaCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language