How to find logs for a specific device in Panorama CLI
26521
Created On 04/21/22 05:22 AM - Last Modified 03/11/23 03:41 AM
Question
How to check logs for a specific firewall using its serial number in Panorama CLI?
Environment
- Any Panorama in management mode or Panorama mode
- Firewalls managed by Panorama
- Supported PAN-OS
Answer
Login to Panorama CLI and execute the below command
admin@Panorama> show log <log type> serial equal 0008C10XXX
Example with traffic logs
admin@Panorama> show log traffic serial equal 0008C10XXX
A maximum of 500 of last 7 day's logs will be displayed.
Please use 'scp export log ...' if more logs are needed
Time Generated Time App From Src Port Source
Rule Action To Dst Port Destination
Src User Dst User Serial End Reason
Rule_UUid
=================================================================================================================================
2022/04/20 21:56:02 2022/04/20 21:56:15 quic L3-Trust 62157 172.17.18.10
Blocking_Internet_C allow L3-Untrust 443 104.17.183.177
0008C10XXX aged-out
Log Type can be listed using the cli command "show log ?"
admin@Panorama> show log ?
> appstat Show appstat logs
> auth Show authentication logs
....
NOTE: The above commands cannot be run on "logger" mode.