How to export External Dynamic List (EDL) content to an external file using the CLI
1994
Created On 05/08/22 13:54 PM - Last Modified 08/30/25 01:33 AM
Objective
By default only 100 entries from the list will be shown and sometimes there is a need to export all entries of the EDL to an external file.
Environment
- Any Palo Alto Firewall
- PAN-OS versions 8.1 and above
- External Dynamic List (EDL)
Procedure
- By entering the below command only 100 entries of the EDL will be displayed by default:
> request system external-list show type predefined-ip name panw-highrisk-ip-list
panw-highrisk-ip-list
Total valid entries : 3317
Total ignored entries : 0
Total invalid entries : 0
Total displayed entries : 100
Valid predefined-ips:
190.252.242.69
72.252.157.93
120.132.81.27
.
- To show all 3317 entries and export them via an SSH tool (in this example Putty is used) follow the steps below:
> request system external-list show type predefined-ip num-records 3317 name panw-highrisk-ip-list
panw-highrisk-ip-list
Total valid entries : 3317
Total ignored entries : 0
Total invalid entries : 0
Total displayed entries : 3317
Valid predefined-ips:
To save this output in Putty:
- Click on the top left corner icon. The main menu will appear.
- Select "Change Settings...".
- Under Category select "Session/Logging".
- Under Session logging select "All session output".
- Under log file name write the file name and click Browse.... to select the location of the file.
- Click Apply.
- Execute the EDL command again if necessary and confirm the output is saved to the file.