Reporting on Security/NAT Polcies and Hit Counts

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Reporting on Security/NAT Polcies and Hit Counts

L1 Bithead

Is there a way to export the current Security and NAT Policies to CSV, or even just PDF?

 

I need to clean up a dirty firewall that I inherited, but I need other teams to let me know what is active/inactive. Screenshots or CLI outputs can work, but I want to provide this in a clear table format that is usable. 

 

I'd also like to know if there is a way to see the amount of times a rule is hit, I know I could do this through the monitor tab, but that is a cumbersome way to provide that information. 

5 REPLIES 5

Unfortunately, neither of those seem to work. The hit "report" can't be generated in 7.0.x. 

L7 Applicator

If you are using PAN-OS 7.0, then inside of the redesigned ACC, there is a section "Rule Usage" 

rule-usage.jpg

Inside there it allows you to see in detail how much the rules are used based upon sessions, bytes, etc.

It does not appear that you can see the NAT usage, just the Security Policy.

 

I hope this helps.

LIVEcommunity team member
Stay Secure,
Joe
Don't forget to Like items if a post is helpful to you!

Close. I can see the session count, but it looks like it's limited to the top 15? 

I was digging around a little.. and discovered the CLI to show this info.. 

 

> show running rule-use rule-base security type unused vsys vsys1 (replace vsys1 with the appropriate vsys name)

 

This was actually inside of this article:

https://live.paloaltonetworks.com/t5/Management-Articles/How-to-View-Bytes-Session-Usage-of-Security...

 

I hope this helps.

LIVEcommunity team member
Stay Secure,
Joe
Don't forget to Like items if a post is helpful to you!
  • 4704 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!