How to Use an ACC Query to Identify Traffic Volume and Export the Query to a Monitor Log

To show customers how the queries from the ACC tab can be exported to the Monitor Logs to generate useful log file submissions for various Threat and Firewall related case.

• PAN-OS 8.1
• PAN-OS 9.0
• PAN-OS 9.1
• PAN-OS 10.*
• PAN-OS 11.*
• Admin Roles with permission to the ACC and Monitor tabs

1. Click on the ACC tab.



2. Select the "Time" drop-down arrow and select the time frame that the threat was noticed.



3. Click on the Threat Activity tab.



4. Click on either the Threat Name or the Threat ID to place it in the local query



5. In the upper right corner of the Threat Activity window, there are 4 icons. Select the square with 3 lines on it. This is the "Jump To Logs" option. Select the Threat Log menu item.

How to Export the ACC Report

Click on the export option which is highlighted and a PDF file will be generated and will be downloaded to the local user PC.

6. The query is automatically formatted within the Threat Log. This is useful log information that can now be exported to a CSV file and uploaded to a case for analysis.


 

Within the Learning Center, there is an ACC Demo video showing this process step by step.
 

• Optimizing Firewall Threat Prevention (EDU-114)
  • Viewing Threat and Traffic Information
    • Application Command Center (ACC) - Demo