We are trying to reduce our unused Security Policies. We created a custom report to show Security policies run in the past 30 days.
I would like a listing of all Security Policies and then remove the Policies that have not been run in 30 days. I am trying to figure a CLI command to list all security Policies. The custom report only shows policies executed, not policies that have not run(as expected) Thanks in advance
Solved! Go to Solution.
Hello Jshivly,
Try following command, it will display all policy in running configuration. It display used and unused policy.
admin@21-PA-2020> show running security-policy
For more information on unused policy refer following document. Let me know if that helps.
How to Identify Unused Policies on a Palo Alto Networks Device
Regards,
Hardik Shah
Try "show running security-policy".
Hello Jshivly,
Try following command, it will display all policy in running configuration. It display used and unused policy.
admin@21-PA-2020> show running security-policy
For more information on unused policy refer following document. Let me know if that helps.
How to Identify Unused Policies on a Palo Alto Networks Device
Regards,
Hardik Shah
Thanks for the answer and the link.........much appreciated.
Hi Jshively,
Feel free to ask me additional queries.
Regards,
Hardik Shah
got it and thanks for the reply, much appreciated....
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!