11-06-2015 08:45 AM
Is there a way to export the current Security and NAT Policies to CSV, or even just PDF?
I need to clean up a dirty firewall that I inherited, but I need other teams to let me know what is active/inactive. Screenshots or CLI outputs can work, but I want to provide this in a clear table format that is usable.
I'd also like to know if there is a way to see the amount of times a rule is hit, I know I could do this through the monitor tab, but that is a cumbersome way to provide that information.
11-09-2015 07:45 AM
Unfortunately, neither of those seem to work. The hit "report" can't be generated in 7.0.x.
11-09-2015 02:27 PM
If you are using PAN-OS 7.0, then inside of the redesigned ACC, there is a section "Rule Usage"
Inside there it allows you to see in detail how much the rules are used based upon sessions, bytes, etc.
It does not appear that you can see the NAT usage, just the Security Policy.
I hope this helps.
11-10-2015 05:44 AM
Close. I can see the session count, but it looks like it's limited to the top 15?
11-12-2015 02:27 PM - edited 11-12-2015 02:34 PM
I was digging around a little.. and discovered the CLI to show this info..
> show running rule-use rule-base security type unused vsys vsys1 (replace vsys1 with the appropriate vsys name)
This was actually inside of this article:
I hope this helps.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
