如何查找特定设备的日志 Panorama CLI

如何查找特定设备的日志 Panorama CLI

26541
Created On 04/21/22 05:22 AM - Last Modified 03/24/23 07:37 AM


Question


如何检查特定日志firewall使用其序列号PanoramaCLI?

Environment


  • 任何Panorama在管理模式或Panorama模式
  • 管理的防火墙 Panorama
  • 支持的 PAN-OS
笔记:此解决方案不适用于Panorama配置为记录器模式。

Answer


登录到PanoramaCLI并执行以下命令
admin@Panorama> show log <log type> serial equal 0008C10XXX
流量日志示例
admin@Panorama> show log traffic serial equal 0008C10XXX
A maximum of 500 of last 7 day's logs will be displayed.
Please use 'scp export log ...' if more logs are needed
Time Generated      Time                App                             From                           Src Port         Source
Rule                Action              To                              Dst Port                       Destination
Src User            Dst User                        Serial                         End Reason
Rule_UUid
=================================================================================================================================
2022/04/20 21:56:02 2022/04/20 21:56:15 quic                            L3-Trust                        62157            172.17.18.10
Blocking_Internet_C allow               L3-Untrust                      443                             104.17.183.177
                                                    0008C10XXX                     aged-out
 
可以使用 cli 命令“显示日志?”列出日志类型。
admin@Panorama> show log ?
> appstat         Show appstat logs
> auth            Show authentication logs
....
 
NOTE:上面的命令不能运行在“记录器“ 模式。

Additional Information


如何显示每秒的日志事件数
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004ODNCA2&lang=zh_CN&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language