09-24-2024 08:30 AM
I have Panorama managing 2 HA paired firewalls.
The security rules are pushed to both HA pairs.
I want to clear the hit counts for specific rules.
If I login to the active firewall then I can run this command and it works fine.
show rule-hit-count vsys vsys-name vsys1 rule-base security rules list [ "asdf1" "asdf2" "asdf3" ]And the clear version of that is
clear rule-hit-count vsys vsys-name vsys1 rule-base security rules list [ "asdf" "asdf2" "asdf3" ]However, in Panorama, things are different. I can only show one rule.
show rule-hit-count device-group ASDF-DG post-rulebase security rules rule-name "asdf"and then get weird trying to clear. It makes me specify a rule name and then asks for a list of rules.
clear rule-hit-count device-group ASDF-DF rulebase security rules rule-name "asdf" device [serial number] vsys list ?
[ Start a list of values.
<value> vsys name
Is there a better way to clear a specific list of security rules from Panorama?
Or should we just login to both active firewalls and clear it with the command from above?
09-26-2024 07:32 AM
Luckily, I have a small deployment and so I will just run the clear command on each active firewall.
09-26-2024 07:32 AM
Luckily, I have a small deployment and so I will just run the clear command on each active firewall.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
