How to check policy rule hit count from Management and Data plane

How to check policy rule hit count from Management and Data plane

15402
Created On 10/17/22 21:45 PM - Last Modified 01/31/25 03:27 AM


Objective


This document provides the command on how to check policy rule hit count from the Management and Data plane

Environment


  • PAN-OS
  • Palo Alto Network Firewall
  • Security Policy Rule
  • Hit Count

Procedure


We will use the security policy rule base to view the policy rule hit count information from the Management Plane (MP) and Data Plane (DP) for this example

  1. The command below will display the Security Policy rule Hit Count information for all Security Rules from Management Plane 
    >show rule-hit-count vsys vsys-name vsys1 rule-base security rules all
  2. The command below will display the Security Policy rule Hit Count information for all Security Rules from Data Plane 
    >show running rule-use hit-count vsys vsys1 rule-base security rules all

Additional Information


View Policy Rule Usage
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kEZrCAM&lang=en_US%E2%80%A9&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language