Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- 5G
- IoT Security
- Prisma SD-WAN
Network Security
- Prisma Access
- Prisma SaaS
- Prisma Cloud
- CN-Series
- VM-Series:
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
Security Operations
- Resources
- COVID-19 Response Center
- LIVEcommunity
- ›
- About iankanderson
About iankanderson
Announcements
Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
07-25-2017
3Posts
0Likes
0Solutions
Jul 25, 2017Last Visited
User
Activity
User
Profile
Latest posts by iankanderson
| Subject | Views | Posted |
|---|---|---|
| 1022 | 07-08-2013 11:29 AM | |
| 1022 | 07-08-2013 11:05 AM | |
| 1146 | 07-08-2013 09:49 AM |
User Badges
Public Statistics
| Date Registered | 07-08-2013 09:13 AM |
| Date Last Visited | 07-25-2017 12:01 PM |
| Total Messages Posted | 3 |
07-08-2013
11:29 AM
I'm able to get the following to work without issue: show log url query equal "user.src eq 'domain\username'" However it does not transfer cleanly to the ftp export. The ftp export command does not like "equal" after the query command. If I remove it the tab tab key entry provides me with additional options. Also the show log command does not require a time frame but the FTP does. So this works: show log url query equal "user.src eq 'domain\username'" And this does not ftp export log url query "src.user eq 'domain\username'" start-time equal 2013/07/05@00:00:00 end-time equal 2013/07/08@00:00:00 to ftp:username@destination I'm trying to avoid pulling logs for all users from the FW but it appears that may be my only choice.
... View more
07-08-2013
11:05 AM
I tried doing an export of one day and I'm still getting "mark exported failed"
... View more
07-08-2013
09:49 AM
I'm trying to run a report on user activity via the webfilter for a particular user. I would use the GUI but the the GUI is only allowing me the last 500 hits (via a custom report). If I go to the actual monitor and try to export I get a server 500 error. This has led me to the CLI. ftp export log url query "src.user eq '<domain\username>'" start-time equal 2013/06/01@00:00:01 end-time equal 2013/07/08@12:00:00 to ftp:user@server I am receiving the error "mark exported failed"... I have never done a log export like this. Are there any tricks or suggestions?
... View more
Labels:
- Labels:
-
Management
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
07-25-2017
12:01 PM
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2021 - Palo Alto Networks
