Palo Alto Networks Knowledgebase: Not-applicable" in Traffic Logs"

Not-applicable" in Traffic Logs"

3854
Created On 09/26/18 13:50 PM - Last Updated 09/26/18 13:59 PM
Policy
Resolution

 

The application column shows not-applicable if the traffic matches an allowing/blocking security rule via a service filter rather than an application filter.

 

Details

The firewall traffic is matched from left to right and top to bottom in the security rules. If traffic hits a security rule that's set to "deny," based on any parameter before the application, the traffic log shows the application as not-applicable. This occurs because the traffic was dropped or denied before the application match could be performed.

 

Example

Security Policy

Screen Shot 2013-03-08 at 11.11.15 AM.png

 

Traffic Log

Capture1.JPG

 

Log Details appear when you click the icon in a row of traffic logs. 

Capture3.JPG

The log details above show the bytes and packet count as zero since no traffic was allowed, which is why the application is identified as not-applicable.

 

owner: mbutt



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClspCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language