How to check if the configured logs getting forwarded to the external device by the firewall?

How to check if the configured logs getting forwarded to the external device by the firewall?

2608
Created On 04/21/23 21:47 PM - Last Modified 05/20/25 02:26 AM


Objective


How to check if the configured logs are getting forwarded to the external device by the firewall?

Environment


  • Palo Alto Firewalls.
  • Supported PAN-OS versions.
  • Log Forwarding

Procedure


  1. SSH to the management interface.
  2. Run the "debug log-receiver statistics"  command multiple times
  3. Check the Send Count of the External Forwarding stats of the interested type/Log component. They should be incrementing when the logs are forwarded
admin@DLP-VM> debug log-receiver statistics 

Logging statistics
-----------------------
External Forwarding stats:
Type      Enqueue Count  Send Count   Drop Count  Queue Depth   Send Rate(last 1min)
syslog         0            0             0            0            0
snmp           0            0             0            0            0
email          0            0             0            0            0
raw            0          76124           0            0            2
http           0            0             0            0            0
autotag        0            0             0            0            0
quarantine     0            0             0            0            0
amqp           0            0             0             0              0
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000g1STCAY&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language