How to View Bytes/Session Usage of Security Policies

How to View Bytes/Session Usage of Security Policies

21479
Created On 09/26/18 13:54 PM - Last Modified 06/12/23 16:42 PM


Resolution


Overview

This document explains how to check usage in bytes and number of sessions of security rules configured on the Palo Alto Networks firewall. The information in the report can be used to help identify the rules are actively being used, seldom used, and not used at all.

Details

Go to Monitor > Reports > Traffic Reports > Security Rules

This page shows the number of bytes encountered by the firewall and number of matching sessions for each rules in use.

For example:

tets.PNG.png

On the CLI, use the following command to check unused rules:

> show running rule-use rule-base security type unused vsys vsys1

Replace 'vsys1' in the command above with the appropriate vsys name.

See Also

How to Identify Unused Policies on a Palo Alto Networks Device

owner: jburugupalli
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClzWCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language