This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

How to log traffic based on FQDN objects ?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How to log traffic based on FQDN objects ?

ldormond
L3 Networker

‎11-04-2011 07:24 AM

Hello,

The traffic log feature is pretty usefull, however when using FQDN objects it becomes very tricky to identify traffic logs. Indeed, I use a lots of groups of FQDN objects, and even groups of groups of FQDN objects. And the traffic logs doesn't display the FQDN but only source and destination IP addresses...

Is there a way to display the FQDN objects, or better : the Objects name in the traffic logs ?

Regards,

Laurent

0 Likes Likes
4 REPLIES 4

Retired Member
Not applicable

‎11-05-2011 10:48 PM

Unfortunately we can only show traffic logs by IP addresses. Basically when we use FQDN in address objects, the PA device will resolve the IPs for those objects and will use that in the policy. Hence you will always see traffic logs showing IP address. However, you can perhaps configure rules with just one specific FQDN as the source or destination. Then you can to use rule name with FQDN name to be able to track in the traffic log.

-Richard

0 Likes Likes

ldormond
L3 Networker
In response to Retired Member

‎11-06-2011 11:57 PM

Hi  Richard,

Thanks for your help.

It's a pity that there is no way to display FQDN in traffc logs.

However I guess it should be quite easy to implement such feature since it's only an object mapping.

I will ask my SE for a feature request I think.

Regards,

Laurent

0 Likes Likes

ldormond
L3 Networker
In response to ldormond

‎11-11-2011 07:13 AM

Hello,

I can see that with PanOS 4.1 there is a "Resolve Hostname" checkbox at the bottom of the traffic log page. It does the trick 😉

Regards,

Laurent

0 Likes Likes

rshah
Not applicable

‎08-01-2012 09:29 AM

Hi Everyone, is there anyway to AutoSave the "Resolve Hostname" checkbox ?

It seems that you need to select that checkbox every time you need to display the Hostnames.

i.e. If you navigate to any other page and then back to Traffic Monitor page, it clears that checkbox.

Is it true or am I missing something ?

0 Likes Likes
  • 6526 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks