- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
11-18-2014 06:45 AM
I don't see a direct option to generate report for only unused rule:
How to Identify Unused Policies on a Palo Alto Networks Device
11-18-2014 06:51 AM
Hi jambulo ,
The unused rule counter is based off the dataplane since the last restart. That means once the device is up and running and one of the rule is never triggered, then that is considered unused rule. Currently there is no way to generate a custom report based on that as it will never generate any report. You can view it on security policy only. Hope this helps. Thank you.
11-18-2014 11:15 AM
Hi Jambulo,
Custom report will not help to determine unused rules. Only following document will help for that.
How to Identify Unused Policies on a Palo Alto Networks Device
Custom report is something used to get daily update of aggregated logs, You need information about unused policy just once. Hence you can use above document.
Regards,
Hardik Shah
11-18-2014 11:28 AM
Hi Hardik,
so if the rule is not listed here
https://live.paloaltonetworks.com/docs/DOC-4229
it is also maybe used at selected time(if I select 1 year) at once you mean ?
I need that info also
Thanks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!