Palo Alto Networks Knowledgebase: How to Clear Logs on a Palo Alto Networks Device

How to Clear Logs on a Palo Alto Networks Device

Created On 02/08/19 00:07 AM - Last Updated 02/08/19 00:07 AM

When configured for logging, the Palo Alto Networks firewall records configuration changes, system events, security threats, traffic flows, and alarms generated by the device.


The following logs can be cleared on the Palo Alto Networks device:

PAN-OS 6.0, 6.1,7.0 and 7.1
  • ACC database
  • Configuration logs
  • System logs
  • Threat logs
  • Traffic logs
  • Alarm logs
  • HIP Match logs
  • User-ID logs (by CLI command only)
  • Iptag logs (by CLI command only)


Clear logs via the WebGUI

To clear the logs through the WebGUI.

  1. Navigate to Device > Log Setting > Manage Logs.
  2. Click the link that corresponds to the log you would like to clear—traffic, threat, URL, data, configuration, system, HIP Match, Alarm.

PAN-OS 6.0,6.1,7.0

2016-08-24_clear-log2.pngPAN-OS 6.0,6.1,7.0 showing the Manage Logs screen.

PAN-OS 7.12016-08-24_clear-log.pngPAN-OS 7.1 showing the Log Settings - Manage Logs screen.


Clear logs via the CLI

To clear the logs from the CLI, enter the following command:

> clear log <log name>


Where the log name is:









Note: Clearing the threat log also clears the URL log.


Impact of clearing logs

Clearing the logs should not be service impacting.


In the event that any of the logs are not flowing after clearing the logs, you may want to restart the management server process with the following command:


PAN-OS 6.0, 6.1

> debug software restart management-server


PAN-OS 7.0, 7.1

> debug software restart process management-server


Please see this article for complete details.

How to Restart the "mgmtsrvr" Process


If that does not restore the logs, please contact support.


owner: gsamuels

  • Print
  • Copy Link

Choose Language