哪些命令可用于在 EDL 中查找关联的 IP 地址

哪些命令可用于在 EDL 中查找关联的 IP 地址

9074
Created On 01/19/22 19:32 PM - Last Modified 02/02/24 06:09 AM


Question


如何找到包含特定 IP 的 EDL(预定义或自定义或第三方)?

Environment


  • PAN-OS 8.1 及以上
  • 帕洛阿尔托防火墙
  • 外部动态列表 (EDL)

Answer


命令“request system external-list global-find string <ip or a part of IP>” 可用于查找属于该 IP 的相关 EDL。 

例子:
  • 查找特定 IP 地址的 EDL 名称。
>request system external-list global-find string 5.2.79.187
/config/predefined/ip-block-list-v2/entry[@name='panw-torexit-ip-list']
The IP 5.2.79.187 is included in the  "Palo Alto Networks Tor Exit IP Addresses".
  • 提供部分 IP 地址还将列出关联的 EDL
>request system external-list global-find string 5.2.6.
/config/predefined/ip-block-list-v2/entry[@name='panw-highrisk-ip-list']
/config/predefined/ip-block-list-v2/entry[@name='panw-torexit-ip-list']
/config/predefined/ip-block-list-v2/entry[@name='panw-known-ip-list']
/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/external-list/entry[@name='EDL_Test']

Additional Information


如何查看 EDL Palo Alto Networks - 已知恶意 IP 地址、高风险 IP 地址、防弹 IP 地址
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000oN2ACAU&lang=zh_CN&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language