Hit-Statistics per Security/NAT Policy

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Hit-Statistics per Security/NAT Policy

L1 Bithead

Hi,

I would really like to see how often a security policy is hit. We came from Sonicwall to Palo alto, and this is one of the things i miss the most.

Maybe there's a CLI command for it ? I didn't find it so far.

Hope you can help me out.

Kind regards,

René Posthumus

2 REPLIES 2

L6 Presenter

I think contacting your sales engineer and propose this as a feature request is the thing you need to do.

A workaround is described in (using custom reports).

According to the CLI manual for PANOS 4.1 it seems that stuff like this is already being used internally:

"

set deviceconfig

...

> security-policy-limits — Security rule violation notification threshold (count 1-4294967295; time-

interval 30-86400). Security policy limits affect each individual rule in the security policy.  If any

rule hits the specified count within the time-interval, an alarm is generated.

"

Hi Mikand,

Thanx for the reply. I'll certainly will notify our sales engineer for this. I didn't believe that this feature wasn't part of the OS.

Kind regards,

René

  • 2273 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!