This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

No logging for URL Filtering on Panorama

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

No logging for URL Filtering on Panorama

RollandDavis
L0 Member

‎05-02-2024 11:12 AM

Hello all,

 

Having some trouble getting URL filter logging to work correctly.

 

The PA is currently running version 10.2.6

 

When going to Objects > Security profiles > Url Filtering, I do see red text saying a license is needed for URL filtering. But if I read online  correctly this is only for advanced URL Filtering? 

 

I have gone to Objects > URL Category, to make a custom URL category with a few URL's I would like to allow. Then I go to Objects > Security Profiles > URL filtering and set both actions to alert and alert for the custom URL Category, the rest of the categories provided by PA are set to block. 

 

I then apply the URL Profile I have created to one of my security policies, along with a logging profile that I have created that is set to log the traffic and URL to Panorama. Yet when I go to monitor, all I can see is the traffic logs being allowed, when switching my tab to URL filtering under monitoring nothing seems to be populating despite there being hits for the rule.

 

Looking for any pointers on where to look next, could this be something with encryption interfering and it cannot see the URL?  Or am I SOL with the red text that says I need a license in order to use URL filtering?

 

Thanks.

0 Likes Likes
2 REPLIES 2

Claw4609
Cyber Elite
Cyber Elite

‎05-03-2024 09:27 AM

Hello,

 

Advanced url filtering replaced the legacy url filtering, the old url filtering either doesnt exist anymore or soon will no longer exist. I believe the only thing it regards to url filtering you can do without a license is creating a customer url category and manually adding things there. For the actual url database you'll need a license. 

 

Advanced URL Filtering / URL Filtering
You can still:
 
  • Enforce policy using custom URL categories.
 
You can no longer:
 
  • Get updates to cached PAN-DB categories.
 
  • Connect to the PAN-DB URL filtering database.
 
  • Get PAN-DB URL categories.
 
  • Analyze URL requests in real-time using advanced URL filtering.
 
0 Likes Likes

RollandDavis
L0 Member

‎05-03-2024 09:52 AM

Thanks for the clarification.

 

As an for an update, I was able to get some logs to populate in the URL filtering tab under monitor. I was just trying to see if there was a way I could verify the traffic was actually reaching out to one of the custom URLs I had entered.  From what I can tell it looks like it is, because I was trying to match *.website.com and a few logs returned for subdomains of that URL that said they were not resolved. I'm assuming that's a client machine looking for subdomain.website.com and not receiving a response. 

 

Thanks.

0 Likes Likes
  • 1153 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks