After testing out PA we wanted to remove all testing logs and data that was produced during the labbing phase. What would be the CLI command to delete all the data without having to do a private-data-reset? Want to keep all the current settings, but remove data from ACC and other logs so we can start fresh.
I found out that on PAN-OS 4 after clearing all logs:
> acc ACC database
> alarm Alarm logs
> config Configuration logs
> hipmatch Hipmatch database
> system System logs
> threat Threat logs
> traffic Traffic logs
it seems that all logs are removed.... but.... they are not all
When I go to Monitor tab, click on Reports, Select Soures from Traffic Reports, then I see al history, sorted on date. So all IP's including usernames is shown. When you click on it, it shows the ACC, fortunately there is no information shown.
Please fix this, because clearing logs is much faster then performing a Private data reset before taking de NFR to a customer for a PoC.
Your best bet might be to create a template of a simple config you want to use for rollouts and then do a "request system private-data-reset" (or factory reset). Then upload your template config.
Clearing the logs does not clear the old reports in the system. To do that you can use the "delete report ..." command. I'm not sure if you can use wildcards or if you need to delete each one individually.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!