Set Additional Threat Log Quickplay

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.
L1 Bithead
No ratings








Brief Description

This solution is a tool that allows you to enable additional threat logging on multiple firewalls directly or through Panorama:


  • Enable the firewall to generate Threat logs for a teardrop attack and a DoS attack using ping of death
  • Generate Threat logs for the types of packets listed above if you enable the corresponding packet-based attack protection 



This solution requires the pan-os-python package and access to the NGFW or Panorama.


Solution Details


Github Location:

Github Branches: main

PAN-OS Versions Supported: 8.1.2+


Full Description

The description below gives an overview of the solution elements. For detailed information regarding prerequisites and solution usage please review the PAN-OS Set Additional Threat Log documentation.


Using the solution currently requires python and a command line.


Prepare Environment

  • Clone the repository
  • Open up the repository in a terminal or other python IDE
  • Install packages necessary to run code: 

    pip install pan-os-python


Identify Device Setup

Determine the NGFW and Panorama setup of interest and collect relevant identification for those devices. There are five different options for how to connect and evaluate the solution on the devices.

  • panorama_all: Run on all devices connected to Panorama
  • firewall_list: Run direct on list of firewalls by FQDN or IP
  • panorama_list: Run through Panorama on list of firewalls by Serial, Name, or Management IP
  • firewall_file: Run direct on list of firewalls from a file
  • panorama_file: Run on list of firewalls from a file through Panorama


Build and Run command

Based on the device setup chosen above, build the command to execute the solution as defined in the documentation.

The following command can optionally be run on the NGFW CLI to verify that the setting has been enabled: 


firewall> show system state filter cfg.general.additional-threat-log



Rate this article:
Register or Sign-in
Article Dashboard
Version history
Last Updated:
‎04-22-2021 03:40 PM
Updated by: