Palo Alto Networks Knowledgebase: Not-applicable in Traffic Logs

Not-applicable in Traffic Logs

14026
Created On 09/19/19 21:55 PM - Last Updated 09/19/19 22:02 PM
Security Policy Policy Hardware PAN-OS
Symptom
The application column shows not-applicable if the traffic matches an allowing/blocking security rule via a service filter rather than an application filter.

Cause
The firewall traffic is matched from left to right and top to bottom in the security rules. If traffic hits a security rule that's set to "deny," based on any parameter before the application, the traffic log shows the application as not-applicable. This occurs because the traffic was dropped or denied before the application match could be performed.

Resolution

Security Policy

Security Policy

Traffic Log

Traffic Log

Log Details appear when you click the icon in a row of traffic logs. 

Log Details appear when you click the icon in a row of traffic logs


The log details above show the bytes and packet count as zero since no traffic was allowed, which is why the application is identified as not-applicable.

 

 



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClspCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language