Receive time of logs ("Traffic Log") in a custom report

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Receive time of logs ("Traffic Log") in a custom report

Not applicable

Hello all,

I've created a custom report for gettings logs (from Database "Traffic Log") and I need the exact receive time for the entries.

Unfortunately, there is no such column to choose from. The only column that contains time information is "quarter hour" - but this is not precise enough.

Screenshot1.png

If you take a look at the traffic logs directly (no custom report), you see that there is a column with the exact receive time. So this information is definitely stored in the database.

Screenshot2.png

Is it possible to get out the receive time in a custom report?

Thanks in advance

1 accepted solution

Accepted Solutions

Hi Gerold,

I am not aware of a way to export the log view information from the API.

Beginning in PanOS 5.0 the logs can be exported via API with 'type=log&log-type=traffic', then the xml returned could be transformed into csv.

If you are using pre 5.0, perhaps you could utilize the 'scp export log traffic' option. Here is an example:

scp export log traffic start-time equal 2013/01/12@00:00:00 end-time equal 2013/01/26@00:00:00 to root@172.18.32.143:/root/logbackup/logger.csv

- Stefan

View solution in original post

4 REPLIES 4

L4 Transporter

As you have found there is not an available column for 'Receive Time'. One possible workaround is to create a custom report using traffic logdb and then use 'Log View' in the report group.

Here is a sample config:

reports.JPG

A email scheduler profile can be configured to send report-group off the device. This may not be ideal, but it should show the timestamp in the generated report pdf.

-Stefan

Thanks for your message, Stefan.

The problem is, that I need to create a Excel file via .NET (C#). So I need to get the information via the XML REST API (not via a PDF file).

Do you know if there is a workaround for that problem?

Hi Gerold,

I am not aware of a way to export the log view information from the API.

Beginning in PanOS 5.0 the logs can be exported via API with 'type=log&log-type=traffic', then the xml returned could be transformed into csv.

If you are using pre 5.0, perhaps you could utilize the 'scp export log traffic' option. Here is an example:

scp export log traffic start-time equal 2013/01/12@00:00:00 end-time equal 2013/01/26@00:00:00 to root@172.18.32.143:/root/logbackup/logger.csv

- Stefan

Hi Stefan,

that's exactly what I was looking for (fortunately, we have upgraded our firewall to version 5).

Once again, thanks for your answer.

Best regards,

Gerold

  • 1 accepted solution
  • 4396 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!