如何检查配置的日志是否被转发到外部设备firewall?

如何检查配置的日志是否被转发到外部设备firewall?

2610
Created On 04/21/23 21:47 PM - Last Modified 05/20/25 02:26 AM


Objective


如何检查配置的日志是否被转发到外部设备firewall?

Environment


  • 帕洛阿尔托防火墙。
  • 支持的PAN-OS版本。
  • 日志转发

Procedure


  1. SSH 到管理界面。
  2. 跑过 ”调试日志接收器统计信息”命令多次
  3. 检查发送计数感兴趣的类型/日志组件的外部转发统计信息。 转发日志时它们应该递增
admin@DLP-VM> debug log-receiver statistics 

Logging statistics
-----------------------
External Forwarding stats:
Type      Enqueue Count  Send Count   Drop Count  Queue Depth   Send Rate(last 1min)
syslog         0            0             0            0            0
snmp           0            0             0            0            0
email          0            0             0            0            0
raw            0          76124           0            0            2
http           0            0             0            0            0
autotag        0            0             0            0            0
quarantine     0            0             0            0            0
amqp           0            0             0             0              0
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000g1STCAY&lang=zh_CN&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language