Custom Report - Generating a Traffic Volume per Hour report, sorted by date/time

cancel
Showing results for 
Search instead for 
Did you mean: 

Custom Report - Generating a Traffic Volume per Hour report, sorted by date/time

L1 Bithead

 

I've been attempting to create a report requested by a client using the Custom Reports module.

 

The client is requesting a weekly report, containing 7 days of volume usage broken down by hour. I've managed to get the data I require, using the Traffic Log database, grouping by day - however the Sort By options leaves much to be desired. 

 

Are there any native options to achieve the outcome I'm after?

1 ACCEPTED SOLUTION

Accepted Solutions

L7 Applicator

If you want to schedule weekly email then ordering is a bit limited indeed.

 

Try those 2 optins:

- If you review those logs inside Palo then you can click on column name and reorder based on your requirement

- Run weekly report and pull it out with API instead of email and sort it then as required  https://www.paloaltonetworks.com/documentation/71/pan-os/xml-api/pan-os-xml-api-request-types/get-re...

Enterprise Architect @ Cloud Carib www.cloudcarib.com
ACE, PCNSE, PCNSI

View solution in original post

5 REPLIES 5

Cyber Elite
Cyber Elite

Hi @Paul.Collinson

 

so you only need total volume per day per hour ?

volume.png

Tom Piens
PANgurus

L7 Applicator

If you want to schedule weekly email then ordering is a bit limited indeed.

 

Try those 2 optins:

- If you review those logs inside Palo then you can click on column name and reorder based on your requirement

- Run weekly report and pull it out with API instead of email and sort it then as required  https://www.paloaltonetworks.com/documentation/71/pan-os/xml-api/pan-os-xml-api-request-types/get-re...

Enterprise Architect @ Cloud Carib www.cloudcarib.com
ACE, PCNSE, PCNSI

View solution in original post

@PANgurus wrote:

Hi @Paul.Collinson

 

so you only need total volume per day per hour ?

 


 I was hopeful I could have it cleanly sorted by the hour as well.

 






@Raido_Rattameister wrote:

If you want to schedule weekly email then ordering is a bit limited indeed.

 

Try those 2 optins:

- If you review those logs inside Palo then you can click on column name and reorder based on your requirement

- Run weekly report and pull it out with API instead of email and sort it then as required  https://www.paloaltonetworks.com/documentation/71/pan-os/xml-api/pan-os-xml-api-request-types/get-re...


 

The API looks to be how I'll need to manage this - Thank you.

Hi @Paul.Collinson

It appears you can only group per day (but then the hours get sorted in an odd pattern) or group per hour which is even weirder (there is no 'sort' option for hours

 

You could file a Feature Request with your local sales team to improve granularity and sorting options in reports

There's also the option of exporting reports as CSV/XML which will allow you to set your own sorting mechanisms for the output (the API will come in handy for this)

Tom Piens
PANgurus

 

Hi,

 

We have been creating the similar custom report with time-period 24 hrs, and using some filters vailable.

 

However I have a few questions that I still need answers for : 

 

1.) There is an option for grouping the traffic log reports based on destination etc.... There is a maximum limit of 500 logs only that it can produce logs for. Does that mean I get only 500 logs from the time of capture ? If I am right what happens to the traffic generated after that ? Is there a way to incerase the limit >500. Because a custome report on Panorama with a limit of 500 means nothing even if I capture hourly.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!