11-26-2014 09:45 PM
I have question about PaloAlto Custom Report. I can find that document for getting used rules with counter from customer report as How to Create Custom Report to Show The Least Used Rules in Security Policies
But Customer want to know exactly UNUSED RULES WITH COUNTER from custom report. Is it possible?
Customer really want to have that custom report can show entries of rule-name with no count. If not, I want to have feature request to PaloAlto HQ.
Above is a sample of used rules with counter from custom report and that don't contain entry of unused rule with no repeat count.
11-27-2014 03:22 AM
I am not sure about making a report to show you those unused rules. But as an administration task, once a year, I will go into the rules. Tick "Highlight unused rules" , select them all and then move them all to the bottom underneath my "drop all" rule.
That will then show all your unused rules in one easy to see location. I am assuming this is the reason the customer wants such a report?
You could then also export the rules as a CSV file to see all the rules in question. In case you wanted something printable.
11-27-2014 08:28 AM
Thanks for answer.
As you know that "Highlight unused rules" could show only Unused Rules after device started up. I and customer want to know exactly about Unused Rules for particular schedule such as 2 weeks or 1 month or custom schedule. I believe that the PaloAlto Firewall don't have feature about showing Unused Rules with particular time-frame. So it should be requested to PAN HQ as feature requesting by SE.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!