Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
Using Find Command" to Return List of PAN-OS CLI Commands by Keyword"

Using Find Command" to Return List of PAN-OS CLI Commands by Keyword"

21058
Created On 09/26/18 13:49 PM - Last Modified 06/14/23 07:28 AM


Resolution


PAN-OS 6.0

 

Details

In PAN-OS 6.0, a CLI command was introduced to help find needed commands, based on a keyword. The find command keyword command returns CLI commands that match the keyword provided and is valid in both operational and configuration modes. The format of the command is:

> find command keyword <value>

 

Example use of the command to return operational commands with the keyword, "ssl-decrypt":

> find command keyword ssl-decrypt

clear session all filter nat <none|source|destination|both> ssl-decrypt <yes|no> type <flow|predict> state <initial|opening|active|discard|closing|closed> from <value> to <value> source <val

ue> destination <value> source-user <value> destination-user <value> source-port <1-65535> destination-port <1-65535> protocol <1-255> application <value> rule <value> nat-rule <value> qos-r

ule <value> pbf-rule <value> dos-rule <value> hw-interface <value> min-kb <1-1048576> qos-node-id <0-5000>|<-2> qos-class <1-8> vsys-name <value>|<any>

show session all start-at <1-2097152> filter nat <none|source|destination|both> ssl-decrypt <yes|no> count <yes|no> type <flow|predict> state <initial|opening|active|discard|closing|closed>

from <value> to <value> source <ip/netmask> destination <ip/netmask> source-user <value> destination-user <value> source-port <1-65535> destination-port <1-65535> protocol <1-255> applicatio

n <value> rule <value> nat-rule <value> qos-rule <value> pbf-rule <value> hw-interface <value> ingress-interface <value> egress-interface <value> min-kb <1-1048576> qos-node-id <0-5000>|<-2>

qos-class <1-8> vsys-name <value>|<any> rematch <security-policy>

show system setting ssl-decrypt setting

show system setting ssl-decrypt certificate-cache

show system setting ssl-decrypt certificate

show system setting ssl-decrypt notify-cache

show system setting ssl-decrypt exclude-cache

show system setting ssl-decrypt session-cache

show system setting ssl-decrypt hsm-request

show system setting ssl-decrypt memory detail

debug dataplane reset ssl-decrypt certificate-cache

debug dataplane reset ssl-decrypt certificate-status

debug dataplane reset ssl-decrypt exclude-cache server <value> application <ssl|ssh>

debug dataplane reset ssl-decrypt notify-cache source <ip/netmask>

debug dataplane reset ssl-decrypt session-cache

debug dataplane reset ssl-decrypt hsm-request

set system setting ssl-decrypt skip-ssl-decrypt <yes|no>

set system setting ssl-decrypt skip-ssl <yes|no>

set system setting ssl-decrypt answer-timeout <1-86400>

set system setting ssl-decrypt notify-user <yes|no>

 

The same command can be used in configuration mode to find the configuration commands:

> configure

# find command keyword ssl-decrypt

 

owner: ialeksov



Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClrECAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language