Policies security rules - filtering issue

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Policies security rules - filtering issue

L2 Linker


Do you know is there any documentation regarding policies security rules filtering?

I have found some strange behavior for filtering. Examples below on the screenshots are from Palo Alto testing firewall (sv 5.0.6). As it can be seen, if I use filter (source-user eq ‘any’) not all relevant results are returned which is obviously wrong.


Also, I have noticed inconsistency in applying complex filters, i.e. with logical operators. One of the issues was incorrect parsing of the following filter: (A and (B or C)) should give the same result set as ((A and B) or (A and C)). However, this is not the case. This was noticed also on 4.1.x versions.

Do you have similar experience and/or do you know where can I find detailed documentation regarding filtering (I cannot find it, am I missing something)?

Thank you in advance.

Best regards,



L4 Transporter


     You aren't missing anything. Please open a case so that we can address this with the developers. Thank you for bringing this to our attention!


Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!