で特定のデバイスのログを見つける方法 Panorama CLI

で特定のデバイスのログを見つける方法 Panorama CLI

27526
Created On 04/21/22 05:22 AM - Last Modified 01/30/26 22:41 PM


Objective


この記事では、特定のトラフィックやその他のログを確認する方法について説明します。firewallシリアル番号の使用Panorama(混合モード)

Environment


  • どれでもPanorama管理モードまたはPanoramaモード
  • が管理するファイアウォール Panorama
  • 対応 PAN-OS
ノート:このソリューションは適用されませんPanoramaロガーモードで設定。

Procedure


ログインPanoramaCLI以下のコマンドを実行します
admin@Lab32-252-M-100> show log <log type> serial equal 0008C10XXX

Example with traffic logs 

admin@Lab32-252-M-100> show log traffic serial equal 0008C10XXX
A maximum of 500 of last 7 day's logs will be displayed.
Please use 'scp export log ...' if more logs are needed
Time Generated      Time                App                             From                           Src Port         Source
Rule                Action              To                              Dst Port                       Destination
Src User            Dst User                        Serial                         End Reason
Rule_UUid
=================================================================================================================================
2022/04/20 21:56:02 2022/04/20 21:56:15 quic                            L3-Trust                        62157            172.17.18.10
Blocking_Internet_C allow               L3-Untrust                      443                             104.17.183.177
                                                    0008C10XXX                     aged-out

ログの種類は、リストから何でもかまいません
admin@Lab32-252-M-100> show log ?
> appstat         Show appstat logs
> auth            Show authentication logs
> config          Show config logs
> corr            Show correlation object event logs
> corr-categ      Show correlation event category logs
> corr-detail     Show correlation event detailed information
> dailygtpsum     Show daily tunnel and gtp summary logs
> dailysctpsum    Show daily sctp summary logs
> dailythsum      Show dailythsum logs
> dailytrsum      Show dailytrsum logs
> dailyurlsum     Show dailyurlsum logs
> data            Show data logs
> globalprotect   Show globalprotect logs
> gtp             Show GTP logs
> gtpsum          Show tunnel and gtp summary logs
> hipmatch        Show hipmatch logs
> hourlygtpsum    Show hourly tunnel and gtp summary logs
> hourlysctpsum   Show hourly sctp summary logs
> hourlythsum     Show hourlythsum logs
> hourlytrsum     Show hourlytrsum logs
> hourlyurlsum    Show hourlyurlsum logs
> iptag           Show iptag logs
> mdm             Show mdm logs
> sctp            Show SCTP logs
> sctpsum         Show sctp summary logs
> system          Show system logs
> threat          Show threat logs
> thsum           Show thsum logs
> traffic         Show traffic logs
> trsum           Show trsum logs
> tunnel          Show Tunnel logs
> url             Show url logs
> urlsum          Show urlsum logs
> userid          Show User-ID logs
> weeklygtpsum    Show weekly tunnel and gtp summary logs
> weeklysctpsum   Show weekly sctp summary logs
> weeklythsum     Show weeklythsum logs
> weeklytrsum     Show weeklytrsum logs
> weeklyurlsum    Show weeklyurlsum logs
> wildfire        Show wildfire logs

Additional Information


1 秒あたりのログ イベント数を表示する方法
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004ODNCA2&lang=ja&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language