Palo Alto Networks Knowledgebase: Not-applicable" in Traffic Logs"
Not-applicable" in Traffic Logs"
Created On 09/26/18 13:50 PM - Last Updated 09/26/18 13:59 PM
The application column shows not-applicable if the traffic matches an allowing/blocking security rule via a service filter rather than an application filter.
The firewall traffic is matched from left to right and top to bottom in the security rules. If traffic hits a security rule that's set to "deny," based on any parameter before the application, the traffic log shows the application as not-applicable. This occurs because the traffic was dropped or denied before the application match could be performed.
Log Details appear when you click the icon in a row of traffic logs.
The log details above show the bytes and packet count as zero since no traffic was allowed, which is why the application is identified as not-applicable.