This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

How to find out the IPS/IDS logs.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to find out the IPS/IDS logs.

Go to solution
Satish
L4 Transporter

‎12-30-2014 03:03 AM

Hi Friends,

How to find out the IPS/IDS/Anti-spoofing Logs with CLI or GUI.

Regards

Satish

Labels:
0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
Satish
L4 Transporter

‎01-01-2015 11:09 PM

Thanks all for reply.

I think IPS, IDS, anti-virus, anti-spyware and vulnerability combined of all is called threat logs.

Regards

Satish

View solution in original post

0 Likes Likes
9 REPLIES 9

Go to solution
gbogojevic
L0 Member

‎12-30-2014 03:07 AM

Hi Satish

You can find it under Monitor-> Threat tab.

0 Likes Likes

Go to solution
DctrG
L4 Transporter

‎12-30-2014 03:14 AM

And CLI:

> show log threat

Regards,

Guillermo.

0 Likes Likes

Go to solution
NickySorot
L2 Linker
In response to DctrG

‎12-30-2014 03:23 AM

can you suggest where we can see only IPS logs for audit purpose?

0 Likes Likes

Go to solution
Satish
L4 Transporter
In response to DctrG

‎12-30-2014 03:31 AM

panos HULK Steven Puluka hshah please suggest !!!

0 Likes Likes

Go to solution
panos
L6 Presenter
In response to Satish

‎12-30-2014 04:39 AM

can you check that

What are the Threat Log Values for Threat ID and Direction

you can filter the threat logs then.

Go to solution
mivaldi
L7 Applicator

‎12-30-2014 02:52 PM

> show log threat start-time equal 2014/10/01@10:00:00 end-time equal 2014/12/30@10:00:00 suppress-threatid-mapping equal no csv-output equal no direction equal backward

Additional suggestions:

Adjust your start-time and end-time

Remove 'direction equal backward' if your want to make newest event show last

Use "csv-output equal yes" if you want to export to a spreadsheet

Use " > set cli pager off " to avoid being asked to press spacebar (useful for logging TTY session output at one strike)

Go to solution
pulukas
L7 Applicator
In response to Satish

‎01-01-2015 06:03 AM

I'm not sure I follow exactly what kind of report you are looking for.

As a general rule, I think the ACC tab is the best place to drill into threat activity and reporting.  You have a lot of filtering options to narrow down your area of interest.

The monitor tab and threat monitor can also be a good top level view to understand where you want to drill into the data using the monitor tab reporting functions.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center

Go to solution
Satish
L4 Transporter

‎01-01-2015 11:09 PM

Thanks all for reply.

I think IPS, IDS, anti-virus, anti-spyware and vulnerability combined of all is called threat logs.

Regards

Satish

0 Likes Likes

Go to solution
DctrG
L4 Transporter
In response to Satish

‎01-01-2015 11:55 PM

That is correct Satish

Regards,

Guillermo.

  • 1 accepted solution
  • 11888 Views
  • 9 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks