Setup Alert for Traffic to Specific IPs

Reply
Highlighted
L4 Transporter

Setup Alert for Traffic to Specific IPs

We are trying to figure out if there is a way to have the firewall create an alert in the logs when traffic hits a specific IP range. We don't want to block access to this range of IP addresses but we want to be able to confirm if users are conversing with IPs in a specific range. Any thoughts on this would be appreciated?

Thanks in advance!

Tags (2)
Highlighted
L3 Networker

Re: Setup Alert for Traffic to Specific IPs

Hi,

Yes. You need to specify separate rule for the traffic pertaining to IP range.

e.g. see below rule for source range 10.0.0.0/8

rule.PNG.png

Setup email, log forwarding profile and assign it to the the relevant security rule.

logfwd.PNG.png

For detailed steps to create email, log forwarding profile refer to https://live.paloaltonetworks.com/docs/DOC-3779

Hope this helps!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!