This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Delete logs and ACC monitor data

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Delete logs and ACC monitor data

Go to solution
cityofkingsland
L0 Member

‎12-20-2010 08:20 AM

After testing out PA we wanted to remove all testing logs and data that was produced during the labbing phase.  What would be the CLI command to delete all the data without having to do a private-data-reset?  Want to keep all the current settings, but remove data from ACC and other logs so we can start fresh.

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
mderksen
L4 Transporter

‎12-20-2010 08:25 AM

With the clear command you can wipe information from the system. Try the clear log command to clear the information in the ACC and log files.

Marcel

View solution in original post

3 REPLIES 3

Go to solution
mderksen
L4 Transporter

‎12-20-2010 08:25 AM

With the clear command you can wipe information from the system. Try the clear log command to clear the information in the ACC and log files.

Marcel

Go to solution
rob
Not applicable
In response to mderksen

‎03-30-2011 05:27 AM

I found out that on PAN-OS 4 after clearing all logs:

> acc        ACC database

> alarm      Alarm logs

> config     Configuration logs

> hipmatch   Hipmatch database

> system     System logs

> threat     Threat logs

> traffic    Traffic logs

it seems that all logs are removed.... but.... they are not all Smiley Sad

When I go to Monitor tab, click on Reports, Select Soures from Traffic Reports, then I see al history, sorted on date. So all IP's including usernames is shown. When you click on it, it shows the ACC, fortunately there is no information shown.

Please fix this, because clearing logs is much faster then performing a Private data reset before taking de NFR to a customer for a PoC.

Go to solution
kbrazil
L4 Transporter
In response to rob

‎03-30-2011 09:40 AM

Your best bet might be to create a template of a simple config you want to use for rollouts and then do a "request system private-data-reset" (or factory reset).  Then upload your template config.

Clearing the logs does not clear the old reports in the system.  To do that you can use the "delete report ..." command.  I'm not sure if you can use wildcards or if you need to delete each one individually.

Cheers,

Kelly

0 Likes Likes
  • 1 accepted solution
  • 4964 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks