This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

search traffic logs by vsys in CLI

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

search traffic logs by vsys in CLI

Jinx
L1 Bithead

‎12-11-2012 09:04 AM

Does anyone know how to specify your traffic logs by vsys and add multiple search parameters of the same type like you can in the gui? We are running PanOS 4.1.7. Notice that the app option does not show up anymore and and there is no vsys option.

PA-1(active)> show log traffic action equal deny app not-equal not-applicable

+ csv-output     csv-output

+ direction      direction

+ dport          dport

+ dst            dst

+ dstuser        dstuser

+ end-time       end-time

+ from           from

+ query          query

+ receive_time   receive_time

+ rule           rule

+ sport          sport

+ src            src

+ srcuser        srcuser

+ start-time     start-time

+ to             to

  |              Pipe through a command

Labels:
0 Likes Likes
1 REPLY 1

mikand
L6 Presenter

‎12-12-2012 04:55 AM

I cant find it either when looking through the CLI manual for PANOS 4.1.

It seems that only the alarm facility has the vsys option to filter on when doing show log:

> traffic — Displays traffic logs

+ action — Action equals or does not equal allow, deny, or drop

+ app — Equals or does not equal value

+ csv-output — Equals CSV output (no or yes)

+ direction — Backward or forward direction

+ dport — Destination port equals or does not equal (0-65535)

+ dst — Destination IP address in or not in (x.x.x.x/y or IPv6/netmask)

+ dstuser — Equals destination user name

+ end-time — Ending date and time YYYY/MM/DD@hh:mm:ss (e.g., 2011/08/01@10:00:00)

+ from — Equals or does not equal value

+ query — Equal to query value

+ receive_time — Receive time in the last specified time period (press <tab> for list)

+ rule — Equals or does not equal rule value

+ sport — Source port equals or does not equal (0-65535)

+ src — Source IP address in or not in (x.x.x.x/y or IPv6/netmask)

+ srcuser — Equals source user name

+ start-time — Starting date and time YYYY/MM/DD@hh:mm:ss (e.g., 2011/08/01@10:00:00)

+ to — Equals or does not equal value

0 Likes Likes
  • 2421 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks