So finden Sie Protokolle für ein bestimmtes Gerät in Panorama CLI

So finden Sie Protokolle für ein bestimmtes Gerät in Panorama CLI

27528
Created On 04/21/22 05:22 AM - Last Modified 01/30/26 22:41 PM


Objective


In diesem Artikel erfahren Sie, wie Sie den Datenverkehr und andere Protokolle mithilfe der Seriennummer Panorama(im gemischten Modus) auf eine bestimmte firewall Version überprüfen können.

Environment


  • Beliebig Panorama im Verwaltungsmodus oder Panorama -modus
  • Firewalls, die von Panorama
  • Unterstützt PAN-OS
Anmerkung: Diese Lösung gilt nicht für Panorama im Logger-Modus konfigurierte Geräte.

Procedure


Melden Sie sich an Panorama CLI und führen Sie den folgenden Befehl aus:
admin@Lab32-252-M-100> show log <log type> serial equal 0008C10XXX

Example with traffic logs 

admin@Lab32-252-M-100> show log traffic serial equal 0008C10XXX
A maximum of 500 of last 7 day's logs will be displayed.
Please use 'scp export log ...' if more logs are needed
Time Generated      Time                App                             From                           Src Port         Source
Rule                Action              To                              Dst Port                       Destination
Src User            Dst User                        Serial                         End Reason
Rule_UUid
=================================================================================================================================
2022/04/20 21:56:02 2022/04/20 21:56:15 quic                            L3-Trust                        62157            172.17.18.10
Blocking_Internet_C allow               L3-Untrust                      443                             104.17.183.177
                                                    0008C10XXX                     aged-out

Protokolltyp kann beliebig aus der Liste sein
admin@Lab32-252-M-100> show log ?
> appstat         Show appstat logs
> auth            Show authentication logs
> config          Show config logs
> corr            Show correlation object event logs
> corr-categ      Show correlation event category logs
> corr-detail     Show correlation event detailed information
> dailygtpsum     Show daily tunnel and gtp summary logs
> dailysctpsum    Show daily sctp summary logs
> dailythsum      Show dailythsum logs
> dailytrsum      Show dailytrsum logs
> dailyurlsum     Show dailyurlsum logs
> data            Show data logs
> globalprotect   Show globalprotect logs
> gtp             Show GTP logs
> gtpsum          Show tunnel and gtp summary logs
> hipmatch        Show hipmatch logs
> hourlygtpsum    Show hourly tunnel and gtp summary logs
> hourlysctpsum   Show hourly sctp summary logs
> hourlythsum     Show hourlythsum logs
> hourlytrsum     Show hourlytrsum logs
> hourlyurlsum    Show hourlyurlsum logs
> iptag           Show iptag logs
> mdm             Show mdm logs
> sctp            Show SCTP logs
> sctpsum         Show sctp summary logs
> system          Show system logs
> threat          Show threat logs
> thsum           Show thsum logs
> traffic         Show traffic logs
> trsum           Show trsum logs
> tunnel          Show Tunnel logs
> url             Show url logs
> urlsum          Show urlsum logs
> userid          Show User-ID logs
> weeklygtpsum    Show weekly tunnel and gtp summary logs
> weeklysctpsum   Show weekly sctp summary logs
> weeklythsum     Show weeklythsum logs
> weeklytrsum     Show weeklytrsum logs
> weeklyurlsum    Show weeklyurlsum logs
> wildfire        Show wildfire logs

Additional Information


So wird's gemacht: Anzeigen der Anzahl der Protokollereignisse pro Sekunde
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004ODNCA2&lang=de&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language