How to Verify Log Deletion

How to Verify Log Deletion

17805
Created On 09/25/18 18:50 PM - Last Modified 06/12/23 10:11 AM


Resolution


Overview

When viewing traffic logs a user may notice that data is only accessible up to a certain date. However, earlier data should be accessible. This document explains how to verify log deletion.

 

Details

Palo Alto Networks firewalls contain the option to delete log data. Data can be deleted for a number of reasons, such as confidentiality or to preserve disk space.

To delete log data, in the WebGUI navigate to the Devices > Log Settings > Manage Logs

WhereToDeleteLogs.PNG

 

To verify whether or not logs have been deleted, and by whom, navigate to the system logs and filter by (description contains 'Log Type'). The output will display the deleted log information.

SystemLog.PNG

 

owner: jperry

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClR2CAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language