How to Mask IP Addresses in ACC and Logs

How to Mask IP Addresses in ACC and Logs

17045
Created On 09/25/18 17:50 PM - Last Modified 01/31/25 22:43 PM


Procedure


Overview

This document describes how to hide IP addresses in the Application Command Center (ACC) and Logs (Traffic/Threat/URL filtering and Data filtering). This feature can be used in environments where IP addresses need to be masked for certain administrators for compliance reasons.

 

Steps

  1. Create an Admin Role Profile to disable two Privacy Settings
    • Show Full IP Addresses
    • Show User Names In Logs and Reports

 

2. Create an administrator and assign that profile to that administrator

 

To verify:

When logged in as super user, all the IP addresses in ACC and logs are visible, as shown in the ACC example below:

 

Traffic logs, as shown below:

 

When logged in as 'kadak', IP addresses in ACC and logs are populated in the form of subnets, as shown in ACC example below:

 

Traffic logs, as shown below:

 

owner: kadak
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClKDCA0&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language