docs.paloaltonetworks.com
Open in
urlscan Pro
2a02:26f0:3500:18::1724:a291
Public Scan
URL:
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-lo...
Submission: On August 01 via manual from IT — Scanned from IT
Submission: On August 01 via manual from IT — Scanned from IT
Form analysis 2 forms found in the DOM
<form><span class="fieldset">
<p><input type="checkbox" value="check" id="chkMain" checked="checked" class="legacy-group-status optanon-status-checkbox"><label for="chkMain">Active</label></p>
</span></form>Name: search — GET /content/techdocs/en_US/search.html
<form class="td-nav-search__form" name="search" action="/content/techdocs/en_US/search.html" method="get">
<div class="td-selectable">
<div class="td-selectable__button">PAN-OS® Administrator’s Guide</div>
<ul class="td-dropdown__menu td-selectable__body">
<li class="td-selectable__item td-dropdown__link td-selectable__label" data-value="pan:book-type/non-cloud,pan:book-type/panw-yellow-theme,pan:book-name/pan-os-admin">PAN-OS® Administrator’s Guide</li>
<li class="td-selectable__item td-dropdown__link td-selectable__label" data-value="all">All Documentation</li>
</ul>
<div class="td-selectable__radios">
<input type="radio" name="context" value="pan:book-type/non-cloud,pan:book-type/panw-yellow-theme,pan:book-name/pan-os-admin" checked="" data-label="PAN-OS® Administrator’s Guide" aria-label="PAN-OS® Administrator’s Guide"> > <input
type="radio" name="context" value="all" data-label="All Documentation" aria-label="All Documentation">
</div>
</div>
<input type="hidden" name="contextText" value="PAN-OS® Administrator’s Guide">
<input type="hidden" name="product" value="PAN-OS">
<!-- not required if already run in search page -->
<script type="text/javascript">
var dropdownSelectedValue = "all";
facetSearchTags =
"pan:productcategory/panos,pan:osversion/pan-os-9-1-eol,pan:productcategory/ngfw,pan:osversion/9_1,pan:productcategory/network-security,pan:productcategory/strata,pan:book-name/pan-os-admin,pan:book-type/non-cloud,pan:informationtype/admin,pan:feature/syslog,pan:feature-category/reportingandlogging,pan:feature/logs,pan:book-type/panw-yellow-theme";
allTags =
"pan:feature-category/virtualsystems||Virtual Systems,pan:feature-category/device-id||Device-ID,pan:feature-category/endpoint-security-manager||Endpoint Security Manager,pan:feature-category/threatprevention||Threat Prevention,pan:feature-category/threat-intelligence||Threat Intelligence,pan:feature-category/decryption||Decryption,pan:feature-category/traps-management-service||Traps Management Service,pan:feature-category/authentication||Authentication,pan:feature-category/traps||Traps,pan:feature-category/networkintegration||Network Integration,pan:feature-category/installation||Installation,pan:feature-category/plugins||Plugins,pan:feature-category/deployment||Deployment,pan:feature-category/policy||Policy,pan:feature-category/remote-networks||Remote Networks,pan:feature-category/qos||QoS,pan:feature-category/zone-and-dos-protection||Zone and DoS Protection,pan:feature-category/vpns||VPNs,pan:feature-category/analysis||Analysis,pan:feature-category/cloud-infrastructure-protection||Cloud Infrastructure Protection,pan:feature-category/mobile-users||Mobile Users,pan:feature-category/service-connections||Service Connections,pan:feature-category/service-infrastructure||Service Infrastructure,pan:feature-category/mobile-network-infrastructure||Mobile Network Infrastructure,pan:feature-category/device-telemetry||Device Telemetry,pan:feature-category/reportingandlogging||Reporting and Logging,pan:feature-category/certificatemanagement||Certificate Management,pan:feature-category/ztp||ZTP,pan:feature-category/devicemanagement||Device Management,pan:feature-category/containers||Containers,pan:feature-category/useridentification||User-ID,pan:feature-category/certification||Certification,pan:feature-category/highavailability||High Availability,pan:feature-category/hardware||Hardware,pan:feature-category/public-cloud||Public Cloud,pan:feature-category/open-source-software||Open Source Software,pan:feature-category/initialconfiguration||Initial Configuration,pan:feature-category/urlfiltering||URL Filtering,pan:feature-category/app-id||App-ID,pan:feature-category/serverless||Serverless,pan:feature-category/content-release||Content Release,pan:feature-category||Feature Category,pan:feature/pa-500-firewall||PA-500 Firewall,pan:feature/gre-tunnels||GRE Tunnels,pan:feature/pa-800-series||PA-800 Series,pan:feature/activity-reports||Activity Reports,pan:feature/saml||SAML,pan:feature/telemetry||Telemetry,pan:feature/context-switch||Context Switch,pan:feature/ipsec||IPSec,pan:feature/dos-protection||DoS Protection,pan:feature/dlc||DLC,pan:feature/nutanix||Nutanix,pan:feature/fips||FIPS,pan:feature/pa-3050-firewall||PA-3050 Firewall,pan:feature/session-settings||Session Settings,pan:feature/bootstrapping||Bootstrapping,pan:feature/app-data-restrictions||App Data Restrictions,pan:feature/threat-logs||Threat Log,pan:feature/gp-portal||GlobalProtect Portal,pan:feature/tacacs||TACACS+,pan:feature/virtual-router||Virtual Router,pan:feature/scep||SCEP,pan:feature/gke||GKE,pan:feature/tags||Tags,pan:feature/ocsp||OCSP,pan:feature/m-600-appliance||M-600 Appliance,pan:feature/address-objects||Address Objects,pan:feature/pa-5050-firewall||PA-5050 Firewall,pan:feature/dhcp||DHCP,pan:feature/http||HTTP,pan:feature/config-log||Configuration Log,pan:feature/allow-list||Allow List,pan:feature/log-forwarding||Log Forwarding,pan:feature/app-override||App Override,pan:feature/gp-100-appliance||GP-100 Appliance,pan:feature/syslog||Syslog,pan:feature/tcp||TCP,pan:feature/deployment-policy||Deployment Policy,pan:feature/pa-3000-series||PA-3000 Series,pan:feature/nat||NAT,pan:feature/redistribution||Redistribution,pan:feature/botnet-reports||Botnet Reports,pan:feature/ssl-vpn||SSL VPN,pan:feature/exploit-prevention-module||Exploit Prevention Module,pan:feature/enterprise-app||Enterprise App,pan:feature/condition||Conditions,pan:feature/pa-5220-firewall||PA-5220 Firewall,pan:feature/pan-db||PAN-DB,pan:feature/microsoft-azure-government-cloud||Microsoft Azure Government Cloud,pan:feature/block-list||Block List,pan:feature/custom-signatures||Custom Signatures,pan:feature/hip-match-log||HIP Match Log,pan:feature/authentication-sequence||Authentication Sequence,pan:feature/pim||PIM,pan:feature/tap-mode||Tap Mode,pan:feature/vmware-vcloud-air||VMware vCloud Air,pan:feature/ssl-inbound-inspection||SSL Inbound Inspection,pan:feature/ntp||NTP,pan:feature/microsoft-azure||Microsoft Azure,pan:feature/contributor||Contributor,pan:feature/file-blocking||File Blocking,pan:feature/pa-5060-firewall||PA-5060 Firewall,pan:feature/vwire||Virtual Wire,pan:feature/user-id-agent||User-ID agent,pan:feature/cli||CLI,pan:feature/cipher-suites||Cipher Suites,pan:feature/kerberos||Kerberos,pan:feature/console||Console,pan:feature/data-filtering-log||Data Filtering Log,pan:feature/decryption-port-mirroring||Decryption Port Mirroring,pan:feature/directory-sync-service-agent||Directory Sync Agent,pan:feature/pa-5250-firewall||PA-5250 Firewall,pan:feature/device-groups||Device Groups,pan:feature/check-in||Check-in,pan:feature/pa-3260-firewall||PA-3260 Firewall,pan:feature/satellite||Satellite,pan:feature/pa-3020-firewall||PA-3020 Firewall,pan:feature/m-500-appliance||M-500 Appliance,pan:feature/gp-app||GlobalProtect App,pan:feature/pa-5280-firewall||PA-5280 Firewall,pan:feature/data-filtering||Data Filtering,pan:feature/mobile-security-manager||Mobile Security Manager,pan:feature/pa-5000-series||PA-5000 Series,pan:feature/antivirus||Antivirus,pan:feature/wildfire-submissions-log||WildFire Submissions Log,pan:feature/gp-gateway||GlobalProtect Gateway,pan:feature/ips-signature-converter||IPS Signature Converter,pan:feature/external-dynamic-list||External Dynamic List,pan:feature/custom-url||Custom URL,pan:feature/per-app-vpn||Per App VPN,pan:feature/ace||Automated Correlation Engine,pan:feature/dynamic-user-groups||Dynamic User Groups,pan:feature/pa-5260-firewall||PA-5260 Firewall,pan:feature/partner||Partner,pan:feature/dynamic-address-groups||Dynamic Address Groups,pan:feature/x-auth||X-Auth,pan:feature/brightcloud||BrightCloud,pan:feature/ssl-forward-proxy||SSL Forward Proxy,pan:feature/applications||Applications,pan:feature/active-passive||Active-Passive,pan:feature/pa-200||PA-200,pan:feature/exception||Exception,pan:feature/security-events||Security Events,pan:feature/roles||Roles,pan:feature/ts-agent||Terminal Server Agent,pan:feature/pre-logon||Pre-Logon,pan:feature/cisco-csp||Cisco CSP,pan:feature/risk-remediation||Risk Remediation,pan:feature/search||Search,pan:feature/dynamic-updates||Dynamic Updates,pan:feature/packet-capture||Packet Capture,pan:feature/ntlm||NTLM,pan:feature/ecmp||ECMP,pan:feature/google-cloud-platform||Google Cloud Platform,pan:feature/hashes||Hashes,pan:feature/xml-api||XML API,pan:feature/playbook||Playbook,pan:feature/vpp||VPP,pan:feature/quarantine||Quarantine,pan:feature/pbf||Policy Based Forwarding,pan:feature/app-scope||App-Scope,pan:feature/security-profiles||Security Profiles,pan:feature/remediation||Remediation,pan:feature/snmp||SNMP,pan:feature/cloud||Cloud,pan:feature/m-200-appliance||M-200 Appliance,pan:feature/zones||Zones,pan:feature/script||Script,pan:feature/thread-injection||Thread Injection,pan:feature/signatures||Signatures,pan:feature/alarms||Alarms,pan:feature/crl||CRL,pan:feature/certificate-profile||Certificate Profile,pan:feature/admin-access||Admin Access,pan:feature/alibaba-cloud||Alibaba Cloud,pan:feature/openstack||OpenStack,pan:feature/access-domain||Access Domain,pan:feature/apns||APNs,pan:feature/virtual-appliance||Virtual Appliance,pan:feature/pa-220-firewall||PA-220 Firewall,pan:feature/configuration||Configuration File,pan:feature/safe-search||Safe Search,pan:feature/processes||Processes,pan:feature/command||Command,pan:feature/app-store||Enterprise App Store,pan:feature/ospf||OSPF,pan:feature/url-filtering-profile||URL Filtering Profile,pan:feature/authentication-policy||Authentication Policy,pan:feature/traffic-logs||Traffic Log,pan:feature/active-active||Active-Active,pan:feature/netflow||NetFlow,pan:feature/large-scale-vpn||Large Scale VPN,pan:feature/pa-220r-firewall||PA-220R Firewall,pan:feature/tunnel-inspection||Tunnel Inspection,pan:feature/response-page||Response Page,pan:feature/multicast||Multicast,pan:feature/aks||AKS,pan:feature/ssh-proxy||SSH Proxy,pan:feature/group-mapping||Group Mapping,pan:feature/policy-optimizer||Policy Optimizer,pan:feature/vdi||VDI,pan:feature/aws-govcloud||AWS GovCloud,pan:feature/radius||RADIUS,pan:feature/url-filtering-log||URL Filtering Log,pan:feature/cisco-trustsec||Cisco TrustSec,pan:feature/pa-4000-series||PA-4000 Series,pan:feature/acc||ACC,pan:feature/m-series-appliance||M-Series Appliance,pan:feature/single-app-mode||Single App Mode,pan:feature/vmware-nsx||VMware NSX,pan:feature/portal||Portal,pan:feature/minemeld||MineMeld,pan:feature/registration||Registration,pan:feature/wf-500-appliance||WF-500 Appliance,pan:feature/pa-3200-series||PA-3200 Series,pan:feature/aws||AWS,pan:feature/crypto-profile||Crypto Profile,pan:feature/m-100-appliance||M-100 Appliance,pan:feature/pa-850-firewall||PA-850 Firewall,pan:feature/dynamic-block-list||Dynamic Block List,pan:feature/sctp||SCTP,pan:feature/pa-820-firewall||PA-820 Firewall,pan:feature/pa-3060-firewall||PA-3060 Firewall,pan:feature/unknown-applications||Unknown Applications,pan:feature/data-center||Data Center,pan:feature/authentication-profile||Authentication Profile,pan:feature/vulnerability-protection||Vulnerability Protection,pan:feature/directory-sync-service||Directory Sync,pan:feature/layer-2||Layer 2,pan:feature/pa-7000-series||PA-7000 Series,pan:feature/web-interface||Web Interface,pan:feature/correlation-log||Correlation Log,pan:feature/ingestion||Ingestion,pan:feature/mfa||MFA,pan:feature/ike||IKE,pan:feature/logs||Logs,pan:feature/vlan||VLAN,pan:feature/dns||DNS,pan:feature/user-mapping||User Mapping,pan:feature/software-updates||Software Updates,pan:feature/db-configuration-tool||DB Configuration Tool,pan:feature/kvm||KVM,pan:feature/site-to-site-vpn||Site-to-Site VPN,pan:feature/master-key||Master Key,pan:feature/predefined-reports||Predefined Reports,pan:feature/trusted-signers||Trusted Signers,pan:feature/mgt||Management Interface,pan:feature/eks||EKS,pan:feature/integration||Integration,pan:feature/pdf-summary-reports||PDF Summary Reports,pan:feature/dynamic-routing||Dynamic Routing,pan:feature/report-groups||Report Groups,pan:feature/static-routes||Static Routes,pan:feature/automation||Automation,pan:feature/custom-applications||Custom Applications,pan:feature/pa-7050-firewall||PA-7050 Firewall,pan:feature/configuration-profile||Configuration Profile,pan:feature/hsm||HSM,pan:feature/email-notification||Email Notification,pan:feature/interfaces||Interfaces,pan:feature/templates||Templates,pan:feature/microsoft-hyper-v||Microsoft Hyper-V,pan:feature/service-route||Service Route,pan:feature/mapping||Mapping,pan:feature/collector-group||Collector Group,pan:feature/mirantis-openstack||Mirantis OpenStack,pan:feature/pa-3250-firewall||PA-3250 Firewall,pan:feature/layer-3||Layer 3,pan:feature/url-category||URL Category,pan:feature/rip||RIP,pan:feature/licensing||Licensing,pan:feature/common-criteria||Common Criteria,pan:feature/enrollment||Enrollment,pan:feature/decryption-policy||Decryption Policy,pan:feature/upgrade-downgrade||Upgrade-Downgrade,pan:feature/lacp||LACP,pan:feature/managed-domains||Managed Domains,pan:feature/pa-3220-firewall||PA-3220 Firewall,pan:feature/objects||Objects,pan:feature/system-log||System Log,pan:feature/pa-7080-firewall||PA-7080 Firewall,pan:feature/forensics||Forensics,pan:feature/zone-protection||Zone Protection,pan:feature/clientless-vpn||Clientless VPN,pan:feature/api||API,pan:feature/managed-app||Managed App,pan:feature/icmp||ICMP,pan:feature/alg||ALG,pan:feature/igmp||IGMP,pan:feature/malware-prevention||Malware Prevention,pan:feature/python||Python,pan:feature/udp||UDP,pan:feature/oracle-cloud-infrastructure||Oracle Cloud Infrastructure,pan:feature/bfd||BFD,pan:feature/custom-reports||Custom Reports,pan:feature/gtp||GTP,pan:feature/bgp||BGP,pan:feature/captive-portal||Captive Portal,pan:feature/mobile-devices||Mobile Devices,pan:feature/cytool||Cytool,pan:feature/hip||HIP,pan:feature/ldap||LDAP,pan:feature/vmware-esxi||VMware ESXi,pan:feature/vm-information-sources||VM Information Sources,pan:feature/phishing-prevention||Phishing Prevention,pan:feature/dashboard||Dashboard,pan:feature/cisco-aci||Cisco ACI,pan:feature/lldp||LLDP,pan:feature/alerts||Alerts,pan:feature/security-policy||Security Policy,pan:feature/log-collector||Log Collector,pan:feature/citrix-sdx||Citrix SDX,pan:feature/commit||Commit,pan:feature/pa-5200-series||PA-5200 Series,pan:feature/pa-2000-series||PA-2000 Series,pan:feature/exploit-prevention||Exploit Prevention,pan:feature/cisco-encs||Cisco ENCS,pan:feature/powershell||Powershell,pan:feature/anti-spyware||Anti-spyware,pan:feature/services||Services,pan:feature/gcm||GCM,pan:feature/mobile-device-management||Mobile Device Management,pan:feature||Feature,pan:release-information/behavior-changes||Changes to Default Behavior,pan:release-information/addressed-issues||Addressed Issues,pan:release-information/limitations||Limitations,pan:release-information/interoperability||Interoperability,pan:release-information/content-updates||Content Updates,pan:release-information/known-issues||Known Issues,pan:release-information||Release Information,pan:productcategory/virtualization||VM-Series,pan:productcategory/endpoint-security-manager||Endpoint Security Manager,pan:productcategory/advanced-endpoint-protection||Advanced Endpoint Protection,pan:productcategory/traps-management-service||Traps management service,pan:productcategory/traps||Traps,pan:productcategory/device-insights||Device Insights,pan:productcategory/prisma||Prisma,pan:productcategory/cloud-services||Cloud Services,pan:productcategory/logging-service||Logging Service,pan:productcategory/security-lifecycle-review-slr||Security Lifecycle Review (SLR),pan:productcategory/prisma-access||Prisma Access,pan:productcategory/prisma-access-cloud-management||Prisma Access (Cloud Managed),pan:productcategory/demisto||Demisto,pan:productcategory/secdo||Secdo,pan:productcategory/cortex-xdr-analytics||Cortex XDR Analytics,pan:productcategory/cortex||Cortex,pan:productcategory/panos||PAN-OS,pan:productcategory/directory-sync-service||Directory Sync,pan:productcategory/prisma-saas||Prisma SaaS,pan:productcategory/cn-series||CN-Series,pan:productcategory/explore||Explore,pan:productcategory/globalprotect||GlobalProtect,pan:productcategory/hub||Hub,pan:productcategory/strata||Strata,pan:productcategory/prisma-access-panorama-managed||Prisma Access (Panorama Managed),pan:productcategory/aperture||Aperture,pan:productcategory/panorama||Panorama,pan:productcategory/prisma-cloud-compute-edition||Prisma Cloud Compute Edition,pan:productcategory/magnifier||Magnifier,pan:productcategory/cortex-xsoar||Cortex XSOAR,pan:productcategory/globalprotect-cloud-service||GlobalProtect cloud service,pan:productcategory/autofocus||AutoFocus,pan:productcategory/cortex-xdr||Cortex XDR,pan:productcategory/hardware||Hardware,pan:productcategory/redlock||RedLock,pan:productcategory/prisma-cloud||Prisma Cloud,pan:productcategory/log-forwarding-app||Log Forwarding app,pan:productcategory||Product Category,pan:informationtype/task||Task,pan:informationtype/new-feature||New Feature,pan:informationtype/developer||Developer,pan:informationtype/deployment||Deployment,pan:informationtype/usecase||Use Case,pan:informationtype/infographic||Infographic,pan:informationtype/bestpractice||Best Practice,pan:informationtype/reference||Reference,pan:informationtype/translated||Translated,pan:informationtype/troubleshooting||Troubleshooting,pan:informationtype/quickstart||Quick Start,pan:informationtype/video||Video,pan:informationtype/concept||Concept,pan:informationtype||Information Type,pan:book-name/prisma-cloud-admin-compute-and-compute-edition||Prisma Cloud Admin (Compute) and Compute Edition,pan:book-name/globalprotect-admin||GlobalProtect Admin Guide,pan:book-name/autofocus-admin||AutoFocus Admin Guide,pan:book-name/cn-series-deployment||CN-Series Deployment Guide,pan:book-name/prisma-access-panorama-integration-guide||Prisma Access from Panorama Integration Guide,pan:book-name/traps-endpoint-security-manager-new-features||Traps Endpoint Security Manager New Features,pan:book-name/globalprotect-cloud-service-integration||GlobalProtect Cloud Service Integration Guide,pan:book-name/pan-os-cli-quick-start||PAN-OS CLI Quick Start,pan:book-name/redlock-release-notes||RedLock Release Notes,pan:book-name/globalprotect-cloud-service-admin-guide||GlobalProtect Cloud Service Admin Guide,pan:book-name/log-forwarding-app-getting-started||Log Forwarding App Getting Started,pan:book-name/dos-and-zone-protection-best-practices||DoS and Zone Protection Best Practices,pan:book-name/m-200-m-600-appliance-hardware-reference||M-200 and M-600 Appliance Hardware Reference,pan:book-name/prisma-access-panorama-admin||Prisma Access from Panorama Admin Guide,pan:book-name/wildfire-whats-new||WildFire Whats New,pan:book-name/aperture-admin||Aperture Admin Guide,pan:book-name/traps-management-service-admin||Traps Management Service Admin,pan:book-name/prisma-cloud-policy-reference||Prisma Cloud Policy Reference,pan:book-name/pa-3200-hardware-reference||PA-3200 Hardware Reference,pan:book-name/pan-os-release-notes||PAN-OS Release Notes,pan:book-name/test-wildfire-admin||TEST WildFire Admin,pan:book-name/sd-wan-admin||SD-WAN Administrator's Guide,pan:book-name/data-center-best-practices||Data Center Best Practices Guide,pan:book-name/panorama-sd-wan-plugin-help||Panorama SD-WAN Plugin Help,pan:book-name/compatibility-matrix||Compatibility Matrix,pan:book-name/traps-agent-admin||Traps Agent Admin Guide,pan:book-name/traps-esm-agent-admin||Traps ESM Agent Admin Guide,pan:book-name/evident-new-features||Evident New Features Guide,pan:book-name/autofocus-whats-new||AutoFocus Whats New,pan:book-name/directory-sync-service-agent-release-notes||Directory Sync Release Notes,pan:book-name/prisma-cloud-compute-edition-release-notes||Prisma Cloud Compute Edition Release Notes,pan:book-name/prisma-access-panorama-release-notes||Prisma Access from Panorama Release Notes,pan:book-name/device-telemetry-metrics-reference||Device Telemetry Metrics Reference,pan:book-name/pa-5200-hardware-reference||PA-5200 Hardware Reference,pan:book-name/wildfire-admin||WildFire Admin Guide,pan:book-name/redlock-rql-reference||RedLock RQL Reference,pan:book-name/aperture-new-features||Aperture New Features Guide,pan:book-name/prisma-saas-admin||Prisma SaaS Admin Guide,pan:book-name/traps-agent-release-notes||Traps Agent Release Notes,pan:book-name/globalprotect-app-chrome-user-guide||GlobalProtect App Chrome User Guide,pan:book-name/prisma-cloud-admin-compute||Prisma Cloud Admin Guide (Compute),pan:book-name/vm-series-capacity-performance||VM-Series Performance & Capacity,pan:book-name/pan-os-panorama-api||PAN-OS and Panorama API Guide,pan:book-name/wildfire-api||WildFire API Reference,pan:book-name/terminal-services-agent-release-notes||Terminal Services Agent Release Notes,pan:book-name/autofocus-api||AutoFocus API Reference,pan:book-name/security-lifecycle-review-getting-started||Security Lifecycle Review Getting Started Guide,pan:book-name/custom-app-id-and-threat-signatures||Custom App ID and Threat Signatures,pan:book-name/pan-os-xfr-release-notes||PAN-OS XFR Release Notes,pan:book-name/best-practices-for-migrating-to-application-based-policy||Best Practices for Migrating to Application-Based Policy,pan:book-name/test-pan-os-api||TEST PAN-OS API,pan:book-name/prisma-access-cloud-managed-admin||Prisma Access Cloud Managed Admin Guide,pan:book-name/prisma-cloud-admin||Prisma Cloud Admin,pan:book-name/prisma-cloud-compute-edition-admin||Prisma Cloud Compute Edition Admin Guide,pan:book-name/device-insights-getting-started||Device Insights Getting Started,pan:book-name/log-forwarding-app-release-notes||Log Forwarding App Release Notes,pan:book-name/globalprotect-app-new-features||GlobalProtect App New Features,pan:book-name/panorama-admin||Panorama Admin Guide,pan:book-name/decryption-best-practices||Decryption Best Practices Guide,pan:book-name/prisma-cloud-release-notes||Prisma Cloud Release Notes,pan:book-name/pa-220-hardware-reference||PA-220 Hardware Reference,pan:book-name/test-3200-hardware-reference||TEST 3200 hardware reference,pan:book-name/pan-os-admin||PAN-OS Admin Guide,pan:book-name/globalprotect-cloud-service-release-notes||GlobalProtect Cloud Service Release Notes,pan:book-name/pan-os-new-features||PAN OS New Features Guide,pan:book-name/vm-series-and-panorama-plugins-release-notes||VM-Series and Panorama Plugins Release Notes,pan:book-name/prisma-cloud-reference-architecture-compute||Prisma Cloud Reference Architecture (Compute),pan:book-name/magnifier-release-notes||Magnifier Release Notes,pan:book-name/oss-listings||Open-Source Software (OSS) Licenses,pan:book-name/best-practices-getting-started||Best Practices Getting Started,pan:book-name/mobile-network-infrastructure-getting-started||Mobile Network Infrastructure Getting Started Guide,pan:book-name/pa-7000-hardware-reference||PA-7000 Hardware Reference,pan:book-name/hub-getting-started||Hub Getting Started,pan:book-name/vm-series-deployment||VM-Series Deployment Guide,pan:book-name/cloud-services-portal-getting-started||Cloud Services Portal Getting Started,pan:book-name/pa-220r-hardware-reference||PA-220R Hardware Reference,pan:book-name/prisma-cloud-rql-reference||Prisma Cloud RQL Reference,pan:book-name/prisma-saas-release-notes||Prisma SaaS Release Notes,pan:book-name/prisma-cloud-operationalize-compute||Prisma Cloud Operationalize Guide (Compute),pan:book-name/traps-endpoint-security-manager-release-notes||Traps Endpoint Security Manager Release Notes,pan:book-name/traps-agent-user-guide||Traps Agent User Guide,pan:book-name/directory-sync-service-getting-started||Directory Sync Getting Started Guide,pan:book-name/redlock-admin||RedLock Administrator's Guide,pan:book-name/prisma-access-cloud-managed-release-notes||Prisma Access Cloud Managed Release Notes,pan:book-name/iot-security-admin||IoT Security Admin Guide,pan:book-name/bpa-getting-started||Getting Started with the BPA,pan:book-name/zero-trust-best-practices||Zero Trust Best Practices,pan:book-name/internet-gateway-best-practices||Internet Gateway Best Practices Guide,pan:book-name/explore-schema-reference||Explore Schema Reference,pan:book-name/directory-sync-service-agent-help||Directory Sync Help,pan:book-name/evident-getting-started||Evident Getting Started,pan:book-name/iot-security-best-practices||IoT Security Best Practices,pan:book-name/user-id-agent-release-notes||User ID Agent Release Notes,pan:book-name/test-oss-listings||TEST OSS Listings,pan:book-name/globalprotect-app-release-notes||GlobalProtect App Release Notes,pan:book-name/magnifier-getting-started||Magnifier Getting Started Guide,pan:book-name/traps-admin||Traps Endpoint Security Manager Admin Guide,pan:book-name/pa-800-hardware-reference||PA-800 Hardware Reference,pan:book-name/traps-management-service-release-notes||Traps Management Service Release Notes,pan:book-name/explore-getting-started||Explore Getting Started,pan:book-name/globalprotect-app-user-guide||GlobalProtect App User Guide,pan:book-name/pan-os-web-interface-help||PAN-OS Web Interface Help,pan:book-name||Book Name,pan:osversion/4_1||4.1,pan:osversion/3_3||3.3,pan:osversion/2_3||2.3,pan:osversion/6_0||6.0,pan:osversion/8_1||8.1,pan:osversion/4-0-eol||4.0 (EoL),pan:osversion/19_11||Self-Hosted 19.11,pan:osversion/saas||SaaS,pan:osversion/4_2||4.2,pan:osversion/3_0||3.0,pan:osversion/8-0-eol||8.0 (EoL),pan:osversion/4-2-eos||4.2 (EoS),pan:osversion/eol||End-of-Life (EoL),pan:osversion/6-0-eol||6.0 (EoL),pan:osversion/3_1||3.1,pan:osversion/4_0||4.0,pan:osversion/1_0||1.0,pan:osversion/2_2||2.2,pan:osversion/5_5||5.5,pan:osversion/8_0||8.0,pan:osversion/20_08||Self-Hosted 20.08,pan:osversion/7-1-eol||7.1 (EoL),pan:osversion/7_0||7.0,pan:osversion/1_1||1.1,pan:osversion/10_0||10.0,pan:osversion/5_2||5.2,pan:osversion/7-0-eol||7.0 (EoL),pan:osversion/eos||End-of-Sale (EoS),pan:osversion/3_4||3.4,pan:osversion/2_0||2.0,pan:osversion/7_1||7.1,pan:osversion/9_0||9.0,pan:osversion/6_1||6.1,pan:osversion/4-1-eol||4.1 (EoL),pan:osversion/5_0||5.0,pan:osversion/9_1||9.1,pan:osversion/6_2||6.2,pan:osversion/3_2||3.2,pan:osversion/5_1||5.1,pan:osversion/20_04||Self-Hosted 20.04,pan:osversion||OS Version,pan:book-type/non-cloud||Non-Cloud,pan:book-type/cloud-services-app||Cloud Services - App,pan:book-type/cloud-services-service||Cloud Services - Service,pan:book-type/service-providers||Service Providers,pan:book-type/cloud-security||Cloud-Security,pan:book-type/globalprotect-app||GlobalProtect - App,pan:book-type/cloud-delivered||Cloud-Delivered,pan:book-type||Book Type,pan:language/uk-ua||Ukrainian - українська,pan:language/he-il||Hebrew - ישראל,pan:language/de-de||German - Deutsch,pan:language/ru-ru||Russian - Русский,pan:language/ko-kr||Korean - 한국어,pan:language/ar-eg||Arabic - مصر,pan:language/ja-JP||Japanese - 日本語,pan:language/pt-br||Portuguese - Português,pan:language/es-es||Spanish - Español,pan:language/translated||Translated,pan:language/en-us||English,pan:language/fr-fr||French - Français,pan:language/zh-tw||Chinese Traditional - 繁體中文,pan:language/zh-cn||Chinese Simplified - 中文,pan:language||Language,pan:osversion/21_04||Self-Hosted 21.04,pan:osversion/7_3||7.3,pan:osversion/1_7||1.7,pan:osversion/1_8||1.8,pan:osversion/7_2||7.2,pan:feature/cloud-identity-engine||Cloud Identity Engine,pan:productcategory/cloud-identity-engine||Cloud Identity Engine,pan:book-name/pa-5400-hardware-reference||PA-5400 Series Next-Gen Firewall Hardware Reference,pan:book-name/pa-400-hardware-reference||PA-400 Series Next-Gen Firewall Hardware Reference,pan:book-name/pan-os-networking-admin||PAN-OS Networking Administrator’s Guide,pan:book-name/pan-os-openconfig-admin||PAN-OS OpenConfig Administrator’s Guide,pan:osversion/10_1||10.1,pan:osversion/2_1||2.1,pan:book-name/cloud-identity-engine-release-notes||Cloud Identity Engine Release Notes,pan:book-name/cloud-identity-engine-getting-started||Cloud Identity Engine Getting Started,pan:book-name/cloud-identity-agent-help||Cloud Identity Agent Help,pan:productcategory/saas-security-api||SaaS Security API,pan:feature/cloud-identity-agent||Cloud Identity Agent,pan:productcategory/saas-security||SaaS Security,pan:feature/openconfig||OpenConfig,pan:feature/saas-policy-recommendation||SaaS Policy Recommendation,pan:productcategory/saas-security-inline||SaaS Security Inline,pan:feature/app-id-cloud-engine||App-ID Cloud Engine,pan:feature/pa-5400-series||PA-5400 Series,pan:feature/pa-400-series||PA-400 Series,pan:feature/network-packet-broker||Network Packet Broker,pan:productcategory/cloud-identity||Cloud Identity,pan:osversion/9-0-eol||9.0 (EoL),pan:feature/pa-440||PA-440 Firewall,pan:feature/pa-450||PA-450 Firewall,pan:feature/pa-460||PA-460 Firewall,pan:book-name/hosted-services-guide||Hosted Services Guide,pan:osversion/20_09||Self-Hosted 20.09,pan:productcategory/autonomous-dem||Autonomous DEM,pan:osversion/21_08||Self-Hosted 21.08,pan:productcategory/enterprise-dlp||Enterprise DLP,pan:productcategory/iot-security||IoT Security,pan:feature/apoctl||apoctl,pan:book-name/prisma-cloud-identity-based-microsegmentation-release-notes||Prisma Cloud Identity-Based Microsegmentation Release Notes,pan:book-name/prisma-cloud-identity-based-microsegmentation-admin||Prisma Cloud Identity-Based Microsegmentation Admin,pan:osversion/self-hosted-5-0||Self-Hosted 5.0,pan:feature/pa-5450||PA-5450 Firewall,pan:feature-category/government||Government,pan:productcategory/security-automation||Security Operations,pan:osversion/22_01||Self-Hosted 22.01,pan:feature/wf-500b-appliance||WF-500-B Appliance,pan:book-name/aws-transit-gateway-cloudblade-integration||AWS Transit Gateway CloudBlade Integration Guide,pan:osversion/3_1_2||3.1.2 Panorama Managed,pan:osversion/3_1_1||3.1.1 Cloud Managed,pan:osversion/2_1_1||2.1.1 Panorama Managed,pan:osversion/2_1_2||2.1.2 Panorama Managed,pan:osversion/2_0_3||2.0.3 Panorama Managed,pan:osversion/3_0_1||3.0.1 Cloud Managed,pan:osversion/3_1_3||3.1.3 Panorama Managed,pan:book-name/best-practices-for-managing-firewalls-with-panorama||Best Practices for Managing Firewalls with Panorama,pan:osversion/7_7||7.7,pan:osversion/6_8||6.8,pan:book-name/self-serve-application-experience-troubleshooting||Self-Serve Application Experience Troubleshooting,pan:book-name/autonomous-dem||Autonomous DEM Administrator's Guide,pan:book-name/dns-security-admin||DNS Security Administration,pan:book-name/faq||FAQ,pan:informationtype/release-note||Release Notes,pan:book-name/user-id-best-practices||User-ID Best Practices,pan:book-name/zscaler-internet-access-cloudblade-integration||Zscaler Internet Access CloudBlade Integration Guide,pan:book-name/ngfw-release-notes||NGFW Release Notes,pan:book-name/tutorials||Tutorials,pan:book-name/prisma-sd-wan-admin||Prisma SD-WAN Admin Guide,pan:book-name/prisma-sd-wan-symantec-web-security-services-integration||Prisma SD-WAN Symantec Web Security Services Integration,pan:book-name/saas-security-release-notes||SaaS Security Release Notes,pan:book-name/servicenow-cloudblade-integration||ServiceNow CloudBlade Integration Guide,pan:book-name/globalprotect-user-guide||GlobalProtect User Guide,pan:book-name/prisma-sd-wan-virtual-ion-aws-deployment-guide||Prisma SD-WAN Virtual ION on AWS Deployment Guide,pan:book-name/saas-security-admin||SaaS Security Administrator’s Guide,pan:book-name/wildfire-appliance-admin||WildFire Appliance Administrator's Guide,pan:book-name/globalprotect-administration||GlobalProtect Administration,pan:book-name/ztna-agent-user-guide||ZTNA Agent User Guide,pan:book-name/prisma-sd-wan-liveaction-integration||Prisma SD-WAN LiveAction Integration Guide,pan:book-name/tabs||Tabs,pan:book-name/prisma-sd-wan-virtual-ion-gcp-deployment-guide||Prisma SD-WAN Virtual ION on GCP Deployment Guide,pan:book-name/on-premises-controller-for-prisma-sd-wan-release-notes||On-Premises Controller for Prisma SD-WAN Release Notes,pan:book-name/whats-new-in-the-netsec-platform||What’s New in the NetSec Platform,pan:book-name/prisma-sd-wan-cloudblades-release-notes||Prisma SD-WAN CloudBlades Release Notes,pan:book-name/ztna-agent-troubleshooting||ZTNA Agent Troubleshooting Guide,pan:book-name/prisma-sd-wan-ion-cli-reference||Prisma SD-WAN ION CLI Reference,pan:book-name/prisma-sd-wan-virtual-ion-on-azure-deployment-guide||Prisma SD-WAN Virtual ION on Azure Deployment Guide,pan:book-name/prisma-access-amdministration||Prisma Access Administration,pan:book-name/prisma-sd-wan-aws-integration||Prisma SD-WAN AWS Integration Guide,pan:book-name/prisma-sd-wan-release-notes||Prisma SD-WAN Release Notes,pan:book-name/prisma-access-incidents-and-alerts||Prisma Access Incidents & Alerts,pan:book-name/globalprotect-new-features||GlobalProtect New Features,pan:book-name/prisma-sd-wan-virtual-ion-vmware-deployment-guide||Prisma SD-WAN Virtual ION on VMware Deployment Guide,pan:book-name/prisma-sd-wan-incidents-alerts||Prisma SD-WAN Incidents and Alerts,pan:book-name/ngfw-aiops||NGFW AIOps,pan:book-name/prisma-access-integrations||Prisma Access Integrations,pan:book-name/prisma-sase-multitenant-platform||Prisma SASE Multitenant Platform,pan:book-name/prisma-sd-wan-ion-release-notes||Prisma SD-WAN ION Release Notes,pan:book-name/ztna-agent-admin||ZTNA Agent Admin Guide,pan:book-name/prisma-sd-wan-checkpoint-integration-guide||Prisma SD-WAN Checkpoint Integration Guide,pan:book-name/prisma-cloud-intelligence-stream-notifications||Prisma Cloud Inteligence Stream Notifications,pan:book-name/prisma-sd-wan-zoom-qss-cloudblade-integration||Prisma SD-WAN Zoom QSS CloudBlade Integration,pan:book-name/security-policy-best-practices||Security Policy Best Practices,pan:book-name/on-premises-contriller-for-prisma-sd-wan-deployment||On-Premises Controller for Prisma SD-WAN Deployment Guide,pan:book-name/prisma-access-release-notes||Prisma Access Release Notes,pan:book-name/prisma-sd-wan-netskope-integration-guide||Prisma SD-WAN Netskope Integration Guide,pan:book-name/globalprotect-release-notes||GlobalProtect Release Notes,pan:book-name/wf-500-b-appliance-hardware-reference||WF-500-B Appliance Hardware Reference Guide,pan:book-name/prisma-sd-wan-virtual-ion-kvm-nfv-deployment-guide||Prisma SD-WAN Virtual ION on KVM for NFV Deployment Guide,pan:book-name/advanced-wildfire-appliance||Advanced Wildfire Appliance,pan:feature/5g-security||5G Security,pan:book-name/pa-1400-series-hardware-reference||PA-1400 Series Next-Gen Firewall Hardware Reference,pan:book-name/ion-1000-hardware-reference||ION 1000 Hardware Reference,pan:book-name/prisma-access-cloudblade-integration-release-notes-cloud-managed||Prisma Access CloudBlade Integration Release Notes (Cloud managed),pan:book-name/ion-1200-hardware-reference||ION 1200 Hardware Reference,pan:book-name/panorama-interconnect-admin||Panorama Interconnect Administrator’s Guide,pan:book-name/prisma-access-cloudblade-integration-cloud-managed||Prisma Access CloudBlade Integration Guide (Cloud managed),pan:book-name/cloudgenix-ion-device-release-notes||CloudGenix ION Device Release Notes,pan:book-name/m-300-m-700-appliance-hardware-reference||M-300 and M-700 Appliances Hardware Reference,pan:book-name/pan-os-upgrade||PAN-OS Upgrade Guide,pan:book-name/cloudgenix-sd-wan-release-notes||CloudGenix SD-WAN Release Notes,pan:book-name/prisma-access-insights||Prisma Access Insights,pan:book-name/gcp-ncc-cloudblade-integration||GCP-NCC CloudBlade Integration Guide,pan:book-name/iot-security-release-notes||IoT Security Release Notes,pan:book-name/policies-for-network-security||Policies for Network Security,pan:book-name/ion-3000-hardware-reference||ION 3000 Hardware Reference,pan:book-name/prisma-cloud-code-security-policy-reference||Prisma Cloud Code Security Policy Reference,pan:book-name/enterprise-dlp-admin||Enterprise DLP Admin Guide,pan:book-name/iot-security-integration||IoT Security Integration Guide,pan:book-name/ion-3200-hwardware-reference||ION 3200 Hardware Reference,pan:book-name/prisma-access-cloudblade-integration-release-notes||Prisma Access CloudBlade Integration Release Notes,pan:book-name/prisma-cloud-code-security-admin||Prisma Cloud Code Security Admin,pan:book-name/enterprise-dlp-api-reference||Enterprise DLP API Reference,pan:book-name/ion-9000-hardware-reference||ION 9000 Hardware Reference,pan:book-name/iot-security-api||IoT Security API,pan:book-name/prisma-cloud-adoption-guide||Prisma Cloud Adoption Guide,pan:book-name/cloud-ngfw-azure-deployment-guide||Cloud NGFW for Azure Deployment Guide,pan:book-name/ion-2000-hardware-reference||ION 2000 Hardware Reference,pan:book-name/ion-5200-hardware-reference||ION 5200 Hardware Reference,pan:book-name/ion-7000-hardware-reference||ION 7000 Hardware Reference,pan:book-name/common-services-subscription-tenant-management||Common Services Subscription & Tenant Management,pan:book-name/common-services-device-associations||Common Services Device Associations,pan:book-name/prisma-access-cloudblade-integration-panorama-managed||Prisma Access CloudBlade Integration Guide (Panorama managed),pan:book-name/prisma-access-cloudblade-integration-guide||Prisma Access CloudBlade Integration Guide,pan:book-name/ion-1200-s-hardware-reference||ION 1200-S Hardware Reference,pan:book-name/common-services-faq||Common Services FaQ,pan:book-name/enterprise-iot-security-admin||Enterprise IoT Security Administrator’s Guide,pan:book-name/ion-9200-hardware-reference||ION 9200 Hardware Reference,pan:book-name/prisma-access-cloudblade-integration-release-notes-panorama-managed||Prisma Access CloudBlade Integration Release Notes (Panorama managed),pan:book-name/common-services-identity-and-access||Common Services Identity & Access Access Management,pan:book-name/prisma-cloud-compute-edition-public-sector||Prisma Cloud Compute Edition for Public Sector,pan:book-name/pa-3400-series-hardware-reference||PA-3400 Series Next-Gen Firewall Hardware Reference,pan:book-name/log-forwarding-schema-reference||Log Forwarding Schema Reference,pan:osversion/4-0-preferred||4.0 Preferred,pan:osversion/7-3-eol||7.3 (EoL),pan:osversion/7_5ce||7.5 CE,pan:osversion/7_4||7.4,pan:osversion/20-09-eol||Self-Hosted 20.09 (EoL),pan:osversion/4-0-0-panorama-managed||4.0.0 Panorama Managed,pan:osversion/5_6||5.6,pan:osversion/5_x||5.x,pan:osversion/20-04-eol||Self-Hosted 20.04 (EoL),pan:osversion/3-2-preferred-innovation||3.2 Preferred and Innovation,pan:osversion/20-12-eol||Self-Hosted 20.12 (EoL),pan:osversion/7_5||7.5,pan:osversion/20_12||Self-Hosted 20.12,pan:osversion/1_2||1.2,pan:osversion/3-2-0-panorama-managed||3.2.0 Panorama Managed,pan:osversion/6_5||6.5,pan:osversion/self-hosted-30-xx||Self-Hosted 30.xx,pan:osversion/3-0-preferred-innovation||3.0 Preferred and Innovation,pan:osversion/11_0||11.0,pan:osversion/10_2||10.2,pan:osversion/self-hosted-3-14-legacy||Self-Hosted 3.14 (Legacy),pan:osversion/2-1-preferred||2.1 Preferred,pan:osversion/5_4||5.4,pan:osversion/3-1-5-panorama-managed||3.1.5 Panorama Managed,pan:osversion/6_6||6.6,pan:osversion/7_8||7.8,pan:osversion/7-4-eol||7.4 (EoL),pan:osversion/3-1-5-cloud-managed||3.1.5 Cloud Managed,pan:osversion/4-0-and-later||4.0 & Later,pan:osversion/6-2-eol||6.2 (EoL),pan:osversion/2-1-innovation||2.1 Innovation,pan:osversion/prisma-access-china||Prisma Access China,pan:osversion/19-11-eol||Self-Hosted 19.11 (EoL),pan:osversion/2-0-innovation||2.0 Innovation,pan:osversion/prisma-cloud-enterprise-edition||Prisma Cloud Enterprise Edition,pan:osversion/self-hosted-3-14||Self-Hosted 3.14,pan:osversion/3-1-6-panorama-managed||3.1.6 Panorama Managed,pan:osversion/6_9||6.9,pan:osversion/3-1-3-cloud-managed||3.1.3 Cloud Managed,pan:osversion/7-5-eol||7.5 (Eol),pan:osversion/10-0-eol||10.0 (EoL),pan:osversion/7-2-eol||7.2 (EoL),pan:osversion/test||test,pan:osversion/22_06||Self-Hosted 22.06,pan:osversion/8-1-eol||8.1 (EoL),pan:osversion/5_3||5.3,pan:osversion/2-2-preferred||2.2 Preferred,pan:osversion/5-0-eol||5.0 (EoL),pan:osversion/self-hosted-5-0-legacy||Self-Hosted 5.0 (Legacy),pan:osversion/7_6||7.6,pan:osversion/4-1-preferred||4.1 Preferred,pan:osversion/3-1-6-cloud-managed||3.1.6 Cloud Managed,pan:osversion/6-1-eol||6.1 (EoL),pan:osversion/4-2-eol||4.2 (EoL),pan:osversion/2-0-preferred||2.0 Preferred,pan:osversion/4-0-preferred-innovation||4.0 Preferred and Innovation,pan:osversion/10-1-and-later||10.1 & Later,pan:osversion/3-1-preferred-innovation||3.1 Preferred and Innovation,pan:osversion/5-5-eol||5.5 (EoL),pan:osversion/7-6-eol||7.6 (EoL),pan:productcategory/aiops-for-ngfw||AIOps for NGFW,pan:productcategory/activity||Activity,pan:productcategory/cns||Cloud-Native Security,pan:feature-category/mobile-security||Mobile Security,pan:feature-category/cloud-management-ngfws||Cloud Management of NGFWs,pan:feature-category/subscription-tenant-management||Subscription & Tenant Management,pan:feature-category/self-serve||Self Serve,pan:feature-category/run||Run,pan:feature-category/adem-self-serve||Autonomous DEM Self-Serve,pan:feature-category/code-and-build||Code & Build,pan:feature-category/ztna-connector||ZTNA Connector,pan:feature-category/insights||Insights,pan:feature-category/tenant-management||Tenant Management,pan:feature-category/device-associations||Device Associations,pan:feature-category/deploy||Deploy,pan:feature-category/identify-and-access||Identity & Access,pan:feature-category/dashboard||Dashboard,pan:feature-category/explicit-proxy||Explicit Proxy,pan:informationtype/incidents-and-alerts||Incidents & Alerts,pan:informationtype/admin||Administration,pan:informationtype/user-guide||User Guide,pan:informationtype/appliance||Appliance,pan:informationtype/integrations||Integrations,pan:informationtype/experts-corner||Experts Corner,pan:informationtype/interoperability||Interoperability,pan:informationtype/getting-started||Getting Started,pan:informationtype/help||Help,pan:feature/build-your-dashboard||Build Your Dashboard,pan:feature/autonomous-dem-zoom-integration||Autonomous DEM Zoom Integration,pan:feature/autonomous-dem-self-serve||Autonomous DEM Self-Serve,pan:osversion/21-04-eol||Self-Hosted 21.04 (EoL),pan:osversion/21-08-eol||Self-Hosted 21.08 (EoL),pan:osversion/22_12||Self-Hosted 22.12,pan:productcategory/enterprise-iot-security||Enterprise IoT Security,pan:productcategory/cortex-xpanse||Cortex Xpanse,pan:productcategory/common-services||Common Services,pan:productcategory/data-security||Data Security,pan:productcategory/saas-security-posture-management||SaaS Security Posture Management,pan:productcategory/ztna-agent||ZTNA Agent,pan:productcategory/cortex-xsiam||Cortex XSIAM,pan:productcategory/ngfw||Next-Generation Firewall,pan:productcategory/cloud-ngfw-for-aws||Cloud NGFW for AWS,pan:productcategory/cdss||Cloud-Delivered Security Services,pan:productcategory/prisma-sd-wan||Prisma SD-WAN,pan:productcategory/network-security||Network Security,pan:productcategory/okyo-garde||Okyo Garde,pan:productcategory/prisma-sase||Prisma SASE,pan:productcategory/ai-powered-autonomous-dem||AI-Powered Autonomous DEM,pan:productcategory/cloud-ngfw-for-azure||Cloud NGFW for Azure,pan:productcategory/sase||SASE,pan:book-name/azure-virtual-wan-vion-cloudblade-integration||Azure Virtual WAN with vION CloudBlade Integration Guide,pan:book-name/advanced-wildfire-admin||Advanced WildFire Administration,pan:book-name/advanced-threat-prevention-admin||Advanced Threat Prevention Administration,pan:book-name/aiops-for-ngfw||AIOps for NGFW,pan:book-name/aiops-for-sase||AIOPs for SASE,pan:book-name/advanced-url-filtering-admin||Advanced URL Filtering Administration,pan:book-name/chatbot-ms-teams-cloudblade-integration||Chatbot MS Teams CloudBlade Integration Guide,pan:book-name/azure-vwan-cloudblade-integration||Azure vWAN CloudBlade Integration Guide,pan:book-name/cloud-ngfw-aws-deployment||Cloud NGFW for AWS Deployment Guide,pan:book-name/chatbot-slack-cloudblade-integration||Chatbot Slack CloudBlade Integration Guide,pan:book-name/activity||Activity,pan:book-name/advanced-routing-engine-migration-reference||Advanced Routing Engine Migration Reference,pan:book-name/administrative-access-best-practices||Administrative Access Best Practices,pan:book-name/cn-series-release-notes||CN-Series Release Notes,pan:feature/poe||PoE,pan:feature/tunnel||Tunnel,pan:feature/pa-5410-firewall||PA-5410 Firewall,pan:feature/pa-1400-series||PA-1400 Series,pan:feature/pa-445-firewall||PA-445 Firewall,pan:feature/pa-5420-firewall||PA-5420 Firewall,pan:feature/pa-3420-firewall||PA-3420 Firewall,pan:feature/pa-3400-series||PA-3400 Series,pan:feature/pa-5440-firewall||PA-5440 Firewall,pan:feature/pa-3440-firewall||PA-3440 Firewall,pan:feature/pa-410-firewall||PA-410 Firewall,pan:feature/pa-1410-firewall||PA-1410 Firewall,pan:feature/pa-1420-firewall||PA-1420 Firewall,pan:feature/pa-5430-firewall||PA-5430 firewall,pan:feature/pa-3410-firewall||PA-3410 Firewall,pan:feature/pa-3430-firewall||PA-3430 Firewall,pan:feature/panorama-interconnect||Panorama Interconnect,pan:feature/ion-9000||ION 9000,pan:feature/kubernetes||Kubernetes,pan:feature/ion-5200||ION 5200,pan:feature/m-300-appliance||M-300 Appliance,pan:feature/ion-3200||ION 3200,pan:feature/ion-2000||ION 2000,pan:feature/ion-1200||ION 1200,pan:feature/ion-3000||ION 3000,pan:feature/ion-9200||ION 9200,pan:feature/ion-1200-s||ION 1200-S,pan:feature/m-700-appliance||M-700 Appliance,pan:feature/ion-1000||ION 1000,pan:feature/pa-415-firewall||PA-415 Firewall,pan:feature/intelligence-stream||Intelligence Stream,pan:feature/ion-7000||ION 7000,pan:feature/enforcer||Enforcer,pan:feature/configuration2||Configuration,pan:release-date/august-2024||August 2024,pan:release-date/december-2024||December 2024,pan:release-date/december-2023||December 2023,pan:release-date/july-2023||July 2023,pan:release-date/july-2024||July 2024,pan:release-date/june-2023||June 2023,pan:release-date/april-2023||April 2023,pan:release-date/may-2023||May 2023,pan:release-date/february-2024||February 2024,pan:release-date/january-2024||January 2024,pan:release-date/april-2024||April 2024,pan:release-date/august-2023||August 2023,pan:informationtype/aiops||AIOps,pan:release-date/october-2023||October 2023,pan:release-date/november-2023||November 2023,pan:release-date/november-2024||November 2024,pan:release-date/september-2023||September 2023,pan:release-date/october-2024||October 2024,pan:release-date/june-2024||June 2024,pan:release-date/march-2023||March 2023,pan:release-date/may-2024||May 2024,pan:release-date/march-2024||March 2024,pan:informationtype/china-administration||China Administration,pan:release-date/september-2024||September 2024,pan:informationtype/prisma-access-china||Prisma Access China,pan:book-type/panw-yellow-theme||PANW Yellow Theme,pan:book-type/panw-green-theme||PANW Green Theme,pan:book-type/panw-blue-theme||PANW Blue Theme,pan:osversion/11-1||11.1,pan:book-name/remote-browser-isolation-release-notes||Remote Browser Isolation Release Notes,pan:book-name/ngfw-incidents-alerts||NGFW Incidents & Alerts,pan:book-name/prisma-cloud-application-security-policy-reference||Prisma Cloud Application Security Policy Reference,pan:book-name/remote-browser-isolation-administration||Remote Browser Isolation Administration,pan:book-name/quantum-security-admin||Quantum Security Administration,pan:book-name/cn-series-deployment-modes||CN-Series Deployment Modes,pan:book-name/cn-series-getting-started||CN-Series Getting Started,pan:book-name/security-policy-administration||Security Policy Administration,pan:book-name/cn-series-upgrade||CN-Series Upgrade,pan:book-name/ngfw-administration||NGFW Administration,pan:book-name/pa-400r-hardware-reference||PA-400R Hardware Reference,pan:book-name/cn-series-troubleshooting||CN-Series Troubleshooting,pan:book-name/pa-7500-series-ngfw-hardware-reference||PA-7500 Series Next-Gen Firewall Hardware Reference,pan:book-name/cn-series-hsf-deployment||CN-Series HSF Deployment,pan:book-name/ngfw-getting-started||NGFW Getting Started,pan:book-name/prisma-cloud-application-security||Prisma Cloud Application Security,pan:book-name/ipsec-vpn-administration||IPsec VPN Administration,pan:book-name/cn-series-in-cloud-and-on-prem||CN-Series In-Cloud and On-Prem,pan:productcategory/strata-cloud-manager||Strata Cloud Manager,pan:productcategory/remote-browser-isolation||Remote Browser Isolation,pan:osversion/deployment-modes||Deployment Modes,pan:osversion/pan-os-8-1-eol||PAN-OS 8.1 (EoL),pan:osversion/pan-os-10-1||PAN-OS 10.1,pan:osversion/pan-os-10-0-eol||PAN-OS 10.0 (EoL),pan:osversion/pan-os-9-1||PAN-OS 9.1,pan:osversion/pan-os-10-2||PAN-OS 10.2,pan:osversion/5-0-preferred-innovation||5.0 Preferred and Innovation,pan:osversion/3-1-eol||3.1 (EoL),pan:osversion/3-0-eol||3.0 (EoL),pan:osversion/1_3||1.3,pan:osversion/6_3||6.3,pan:osversion/self-hosted-31-xx||Self-Hosted 31.xx,pan:osversion/5-0-preferred||5.0 Preferred,pan:osversion/classic||Classic,pan:osversion/hsf||HSF,pan:osversion/5-0-innovation||5.0 Innovation,pan:osversion/pan-os-9-0-eol||PAN-OS 9.0 (EoL),pan:osversion/11_1||11.1,pan:osversion/cloud-management-and-aiops-for-ngfw||Cloud Management and AIOps for NGFW,pan:release-date||Release Date,pan:informationtype/networking||Networking,pan:informationtype/upgrade||Upgrade,pan:informationtype/security-policy-administration||Security Policy Administration,pan:informationtype/quantum-security-administration||Quantum Security Administration,pan:informationtype/ipsec-vpn-administration||IPsec VPN Administration,pan:osversion/aiops-for-ngfw-app||AIOps for NGFW app,pan:osversion/pan-os-11-0||PAN-OS 11.0,pan:osversion/aiops-for-ngfws||AIOps for NGFWs,pan:osversion/22-06-eol||Self-Hosted 22.06 (EoL),pan:osversion/pan-os-11-1||PAN-OS 11.1,pan:osversion/22-01-eol||Self-Hosted 22.01 (EoL),pan:osversion/ngfws||NGFWs,pan:osversion/aiops-for-ngfw-with-strata-cloud-manager||AIOps for NGFW with Strata Cloud Manager,pan:osversion/4-2-preferred||4.2 Preferred,pan:osversion/cloud-management-of-ngfws||Cloud Management of NGFWs,pan:feature/pa-7500-series||PA-7500 Series,pan:feature/pa-5445-firewall||PA-5445 Firewall,pan:feature/pa-7500-firewall||PA-7500 Firewall,pan:feature/pa-455-firewall||PA-455 Firewall,pan:feature/pa-415-5g-firewall||PA-415-5G Firewall,pan:feature/pa-400r-firewall||PA-400R Firewall,pan:book-name/strata-cloud-manager-getting-started||Strata Cloud Manager Getting Started,pan:osversion/5-0-1-preferred-innovation||5.0.1 Preferred and Innovation,pan:book-name/enterprise-dlp-administration||Enterprise DLP Administration,pan:productcategory/cloudblades||CloudBlades,pan:informationtype/activation-and-onboarding||Activation & Onboarding,pan:feature-category/in-cloud-and-on-prem||In-Cloud and On-Prem,pan:productcategory/dns-security||DNS Security,pan:productcategory/sd-wan||SD-WAN,pan:book-name/strata-cloud-manager-release-notes||Strata Cloud Manager Release Notes,pan:book-name/prisma-access-agent-release-notes||Prisma Access Agent Release Notes,pan:book-name/prisma-access-agent-administration||Prisma Access Agent Administration,pan:productcategory/wildfire||Advanced WildFire,pan:productcategory/casb||Next-Generation CASB,pan:osversion/5-1-preferred-innovation||5.1 Preferred and Innovation,pan:osversion/in-cloud-and-on-prem||In-Cloud and On-Prem,pan:book-name/strata-logging-service-log-reference||Strata Logging Service Log Reference,pan:book-name/strata-logging-service-release-notes||Strata Logging Service Release Notes,pan:book-name/prisma-access-agent-user-guide||Prisma Access Agent User Guide,pan:book-name/strata-logging-service-admin||Strata Logging Service Administration,pan:productcategory/prisma-access-agent||Prisma Access Agent,pan:informationtype/log-reference||Log Reference,pan:osversion/6_4||6.4,pan:osversion/pan-os-11-1-and-later||PAN-OS 11.1 & Later ,pan:productcategory/advanced-dns-security||Advanced DNS Security,pan:feature/pa-410r-5g-firewall||PA-410R-5G Firewall,pan:feature/local-deep-learning||Local Deep Learning,pan:feature/pa-410r-firewall||PA-410R Firewall,pan:feature/pa-450r-firewall||PA-450R Firewall,pan:osversion/11-1-and-later||11.1 & Later,pan:osversion/pan-os-11-2||PAN-OS 11.2,pan:osversion/11_2||11.2,pan:book-name/deploy-vm-series-firewall-private-clouds||Deploy the VM-Series Firewall in Private Clouds,pan:book-name/deploy-vm-series-firewall-public-clouds||Deploy the VM-Series Firewall in Public Clouds,pan:book-name/prisma-sase-fedramp-activation-onboarding||Prisma SASE FedRAMP Activation and Onboarding,pan:informationtype/private-cloud||Private Cloud,pan:informationtype/public-cloud||Public Cloud,pan:productcategory/cortex-data-lake||Strata Logging Service,pan:book-name/vm-series-activation-onboarding||VM-Series Activation and Onboarding,pan:feature/pa-450r-5g-firewall||PA-450R-5G Firewall,pan:feature/pa-455-5g-firewall||PA-455-5G Firewall,pan:feature/quantum-security||Quantum Security,pan:book-name/prisma-sase-fedramp-reference||Prisma SASE FedRAMP Reference,pan:osversion/prisma-sd-wan-cloudblades||Prisma SD-WAN CloudBlades,pan:osversion/3-2-and-later||3.2 & Later,pan:informationtype/cloudblades||CloudBlades,pan:osversion/ion-5-2||ION 5.2,pan:osversion/ion-5-3||ION 5.3,pan:osversion/ion-5-4||ION 5.4,pan:osversion/ion-5-6||ION 5.6,pan:osversion/ion-5-5||ION 5.5,pan:osversion/azure-virtual-wan-vion||Azure vWAN with vION ,pan:osversion/aws-transit-gateway||AWS Transit Gateway,pan:osversion/chatbot-ms-teams||ChatBot for MS Teams,pan:osversion/chatbot-slack||ChatBot for Slack ,pan:osversion/azure-vwan||Azure vWAN,pan:osversion/ion-6-1||ION 6.1,pan:osversion/ion-6-2||ION 6.2,pan:osversion/ion-6-3||ION 6.3,pan:osversion/ion-6-4||ION 6.4,pan:book-name/ai-access-security-release-notes||AI Access Security Release Notes,pan:book-name/ai-access-security-administration||AI Access Security Administration,pan:book-name/ai-access-security-activation-onboarding||AI Access Security Activation & Onboarding,pan:informationtype/cloud-delivered-security-services||Cloud-Delivered Security Services,pan:osversion/zscaler-internet-access||Zscaler Internet Access,pan:osversion/on-premises-controller||On-Premises Controller,pan:productcategory/ai-access-security||AI Access Security,pan:informationtype/prisma-sase||Prisma SASE,pan:osversion/service-now||Service Now,pan:osversion/zoom-qss||Zoom QSS,pan:osversion/gcp-ncc||GCP NCC,pan:book-name/fedramp-for-strata-logging-service||FedRAMP for Strata Logging Service,pan:book-name/fedramp-for-strata-cloud-manager||FedRAMP for Strata Cloud Manager,pan:informationtype/strata-logging-service||Strata Logging Service,pan:book-name/fedramp-for-prisma-sase||FedRAMP for Prisma SASE,pan:informationtype/strata-cloud-manager||Strata Cloud Manager,pan:book-name/fedramp-for-cdss||FedRAMP for CDSS,pan:osversion/pa-cloudblade-panorama-managed||Prisma Access CloudBlade Panorama Managed,pan:osversion/pa-cloudblade-cloud-managed||Prisma Access CloudBlade Cloud Managed ,pan:osversion/prisma-sd-wan-pa-cb||CloudBlades Integration with Prisma Access,pan:book-name/ai-powered-autonomous-dem-admin||AI-Powered Autonomous DEM Administration,pan:book-name/ai-access-security-getting-started||AI Access Security Getting Started,pan:osversion/new-features-guide||New Features Guide,pan:informationtype/autonomous-dem||Autonomous DEM,pan:osversion/ion-6-0||ION 6.0,pan:productcategory/fedramp||FedRAMP,pan:book-name/ai-powered-autonomous-dem-release-notes||AI-Powered Autonomous DEM Release Notes,pan:book-name/ai-powered-autonomous-dem-admin-china||AI-Powered Autonomous DEM Administration for China,pan:book-name/ai-runtime-security-administration||AI Runtime Security Administration,pan:book-name/ai-runtime-security-release-notes||AI Runtime Security Release Notes,pan:book-name/ai-runtime-security-activation-onboarding||AI Runtime Security Activation and Onboarding,pan:book-name/ai-powered-autonomous-dem-user-guide||AI-Powered Autonomous DEM User Guide,pan:feature-category/saas-security||SaaS Security,pan:book-name/fedramp-for-autonomous-dem||FedRAMP for Autonomous DEM,pan:language/vi-vn||Vietnamese - Tiếng Việt,pan:osversion/ai-powered-adem-china||AI-Powered ADEM for China,pan:osversion/ai-powered-adem||AI-Powered ADEM,pan:book-name/prisma-access-browser-activation-onboarding||Prisma Access Browser Activation & Onboarding,pan:book-name/autonomous-dem-administration-for-china||Autonomous DEM Administration for China,pan:book-name/prisma-access-browser-administration||Prisma Access Browser Administration,pan:book-name/prisma-access-browser-deployment||Prisma Access Browser Deployment,pan:osversion/access-experience-agent-5-1||Access Experience Agent 5.1,pan:osversion/autonomous-dem-china||Autonomous DEM for China,pan:productcategory/ai-runtime-security||AI Runtime Security,pan:osversion/pan-os-9-1-eol||PAN-OS 9.1 (EoL),pan:osversion/9-1-eol||9.1 (EoL),pan:book-name/prisma-access-browser-getting-started||Prisma Access Browser Getting Started,pan:book-name/prisma-access-browse-integrations||Prisma Access Browser Integrations,pan:book-name/prisma-access-browser-release-notes||Prisma Access Browser Release Notes,pan:book-name/prisma-access-browser-user-guide||Prisma Access Browser User Guide,pan:productcategory/secure-enterprise-browser||Secure Enterprise Browser,pan:book-name/strata-cloud-manager-activation-onboarding||Strata Cloud Manager Activation & Onboarding,pan:book-name/strata-cloud-manager-aiops||Strata Cloud Manager AIOps";
docsetid = "";
const LANGTAGCODE = "pan:language/";
PRODUCTTAGCODE = "pan:productcategory/";
INFOTYPETAGCODE = "pan:informationtype/";
OSVERTAGCODE = "pan:osversion/";
FEATTAGCODE = "pan:feature/";
FEATCATTAGCODE = "pan:feature-category/";
BNCATAGCODE = "pan:book-name/";
BTTAGCODE = "pan:book-type/";
RELINFOTAGCODE = "pan:release-information/";
PRODUCTFAMILYCODE = "pan:productfamily/";
var langFacetValueCaption = {};
productFacetValueCaption = {};
infoTypeFacetValueCaption = {};
osVersionFacetValueCaption = {};
featureFacetValueCaption = {};
featureCatFacetValueCaption = {};
bookNameFacetValueCaption = {};
bookTypeFacetValueCaption = {};
releaseInfoFacetValueCaption = {};
$.each(allTags.split(","), function(index, value) {
if (value.indexOf(LANGTAGCODE) > -1) {
langFacetValueCaption[value.split(LANGTAGCODE)[1].split("||")[0].replace("-", "_")] = value.split(LANGTAGCODE)[1].split("||")[1]
} else if (value.indexOf(PRODUCTTAGCODE) > -1) {
productFacetValueCaption[value.split(PRODUCTTAGCODE)[1].split("||")[0]] = value.split(PRODUCTTAGCODE)[1].split("||")[1]
} else if (value.indexOf(INFOTYPETAGCODE) > -1) {
infoTypeFacetValueCaption[value.split(INFOTYPETAGCODE)[1].split("||")[0]] = value.split(INFOTYPETAGCODE)[1].split("||")[1]
} else if (value.indexOf(OSVERTAGCODE) > -1) {
osVersionFacetValueCaption[value.split(OSVERTAGCODE)[1].split("||")[0]] = value.split(OSVERTAGCODE)[1].split("||")[1]
} else if (value.indexOf(FEATTAGCODE) > -1) {
featureFacetValueCaption[value.split(FEATTAGCODE)[1].split("||")[0]] = value.split(FEATTAGCODE)[1].split("||")[1]
} else if (value.indexOf(FEATCATTAGCODE) > -1) {
featureCatFacetValueCaption[value.split(FEATCATTAGCODE)[1].split("||")[0]] = value.split(FEATCATTAGCODE)[1].split("||")[1]
} else if (value.indexOf(BNCATAGCODE) > -1) {
bookNameFacetValueCaption[value.split(BNCATAGCODE)[1].split("||")[0]] = value.split(BNCATAGCODE)[1].split("||")[1]
} else if (value.indexOf(BTTAGCODE) > -1) {
bookTypeFacetValueCaption[value.split(BTTAGCODE)[1].split("||")[0]] = value.split(BTTAGCODE)[1].split("||")[1]
} else if (value.indexOf(RELINFOTAGCODE) > -1) {
releaseInfoFacetValueCaption[value.split(RELINFOTAGCODE)[1].split("||")[0]] = value.split(RELINFOTAGCODE)[1].split("||")[1]
}
});
/* Since Coveo has an issue with setting value added captions for upper case, as part of COVEO-187 hardcoding chinese simplified zh_CN */
if (langFacetValueCaption["zh_cn"]) {
langFacetValueCaption["zh_CN"] = langFacetValueCaption["zh_cn"]
}
var sourceValueCaption = {
"TechDocs Sitemap": "Technical Documentation",
"PANW TechDocs Stage": "Technical Documentation",
"Salesforce Knowledge SIT": "Knowledge Base",
"PAN techDOCS": "Technical Documentation",
"Salesforce Knowledge": "Knowledge Base",
"techDocs YouTube": "Videos",
"TD GitHub": "GitHub",
"LIVEcommunity Public": "LIVEcommunity",
"TD pan.dev Docs": "Developer Docs",
"Developer Docs": "Developer Docs"
};
function buildExpressionFromSelectedTags(aemTags, advanceQueryExpFun, langQueryExpfun) {
/** Tag Based Search **/
var languageFacetValues = [];
productFacetValues = [];
infoTypeFacetValues = [];
osVersionFacetValues = [];
featureFacetValues = [];
bookNameFacetValues = [];
featureCatFacetValues = [];
bookTypeFacetValues = [];
releaseInfoFacetValues = [];
productFamilyFacetValues = [];
$.each(aemTags.split(","), function(index, value) {
if (value.indexOf(LANGTAGCODE) > -1) {
languageFacetValues.push(value.split(LANGTAGCODE)[1])
} else if (value.indexOf(PRODUCTTAGCODE) > -1) {
productFacetValues.push(productFacetValueCaption[value.split(PRODUCTTAGCODE)[1]])
} else if (value.indexOf(INFOTYPETAGCODE) > -1) {
infoTypeFacetValues.push(infoTypeFacetValueCaption[value.split(INFOTYPETAGCODE)[1]])
} else if (value.indexOf(OSVERTAGCODE) > -1) {
osVersionFacetValues.push(osVersionFacetValueCaption[value.split(OSVERTAGCODE)[1]])
} else if (value.indexOf(FEATTAGCODE) > -1) {
featureFacetValues.push(featureFacetValueCaption[value.split(FEATTAGCODE)[1]])
} else if (value.indexOf(FEATCATTAGCODE) > -1) {
featureCatFacetValues.push(featureCatFacetValueCaption[value.split(FEATCATTAGCODE)[1]])
} else if (value.indexOf(BNCATAGCODE) > -1) {
bookNameFacetValues.push(bookNameFacetValueCaption[value.split(BNCATAGCODE)[1]])
} else if (value.indexOf(BTTAGCODE) > -1) {
bookTypeFacetValues.push(bookTypeFacetValueCaption[value.split(BTTAGCODE)[1]])
} else if (value.indexOf(RELINFOTAGCODE) > -1) {
releaseInfoFacetValues.push(releaseInfoFacetValueCaption[value.split(RELINFOTAGCODE)[1]])
} else if (value.indexOf(PRODUCTFAMILYCODE) > -1) {
productFamilyFacetValues.push(value.split(PRODUCTFAMILYCODE)[1])
}
});
var expressionBuilder = "";
expressionBuilder = langQueryExpfun(languageFacetValues, "@language");
expressionBuilder = advanceQueryExpFun(productFacetValues, "@panproductcategory", expressionBuilder);
expressionBuilder = advanceQueryExpFun(infoTypeFacetValues, "@paninformationtype", expressionBuilder);
expressionBuilder = advanceQueryExpFun(osVersionFacetValues, "@panosversion", expressionBuilder);
expressionBuilder = advanceQueryExpFun(featureFacetValues, "@panfeature", expressionBuilder);
expressionBuilder = advanceQueryExpFun(featureCatFacetValues, "@panfeaturecategory", expressionBuilder);
expressionBuilder = advanceQueryExpFun(bookNameFacetValues, "@panbookname", expressionBuilder);
expressionBuilder = advanceQueryExpFun(bookTypeFacetValues, "@panbooktype", expressionBuilder);
expressionBuilder = advanceQueryExpFun(releaseInfoFacetValues, "@panreleaseinformation", expressionBuilder);
expressionBuilder = advanceQueryExpFun(productFamilyFacetValues, "@panproductfamily", expressionBuilder);
return expressionBuilder;
}
// Get Coveo config Details
let coveo_config = new CoveoPANConfig();
document.addEventListener("DOMContentLoaded", function() {
if (typeof Coveo == "undefined") return;
Coveo.SearchEndpoint.configureCloudV2Endpoint(coveo_config.orgID, coveo_config.apiKey);
var root = Coveo.$$(document).find("#coveosearcbox");
function generateSearchBoxExpression(facetArray, field, prevExpr) {
if (facetArray.length > 0) {
var expression = '(';
$.each(facetArray, function(index, value) {
value = '"' + value + '"';
expression = (expression == '(') ? expression + value : expression + ',' + value;
});
expression = expression + ')';
expression = field + '==' + expression;
if (prevExpr == '') {
return expression;
} else {
return prevExpr + ' AND ' + expression;
}
}
return prevExpr;
}
function generateSearchBoxLangExpression(languageFacetValues) {
var lExp = "";
if (languageFacetValues.length > 0) {
$.each(languageFacetValues, function(index, value) {
lExp = (lExp == "") ? "@language==" + value : lExp + " AND @language==" + value;
});
}
return lExp;
}
Coveo.$$(root).on('newQuery', function(e, args) {
if ($(".td-nav-search__form .td-dropdown__menu").length > 0) {
try {
/** As selected dropdown value still persisting on clicking back button, when no drodown selected always double the check the default value **/
dropdownSelectedValue = $(".td-nav-search__form .td-dropdown__menu .td-selectable__item:contains(" + $(".td-nav-search__form .td-selectable__button").text() + ")").attr("data-value");
/** Check if docsetid available for the selected value. Ticket No = DOCS-2634 **/
docsetid = $(".td-selectable__radios input[value*='" + dropdownSelectedValue + "']").attr("data-docsetid")
} catch (error) {
console.log(error, 'docset id ')
}
try {
/** console.log("dropdownSelectedValue = "+dropdownSelectedValue);
if(dropdownSelectedValue == "all"){
debugger;
} else {
debugger;
var expressionBuilder = buildExpressionFromSelectedTags(dropdownSelectedValue,generateSearchBoxExpression,generateSearchBoxLangExpression);
if(expressionBuilder !=""){
Coveo.state(this, 'hd', $(".td-nav-search__form .td-selectable__button").text());
Coveo.state(this, 'hq', expressionBuilder);
}
} **/
const dropdownSelectedText = $(".td-nav-search__form .td-selectable__button").text();
/** If docsetid available for the selected value. Then change hidden query to docsetid Ticket No = DOCS-2634 **/
// const allPrdDocResult = dropdownSelectedText.match(new RegExp("All" + "(.*)" + "Documentation"));
// console.log(allPrdDocResult);
// if(allPrdDocResult && allPrdDocResult.length>0 && allPrdDocResult[1].trim() != "" && docsetid != "" && docsetid != undefined){
if (docsetid) {
Coveo.state(this, 'hq', '@td_docsetid==' + docsetid);
Coveo.state(this, 'hd', $(".td-nav-search__form .td-selectable__button").text());
} else {
console.log("dropdownSelectedValue = " + dropdownSelectedValue);
if (dropdownSelectedValue == "all") {
console.log("Selected Value is all");
Coveo.state(this, 'hq', '');
Coveo.state(this, 'hd', '');
} else {
var expressionBuilder = buildExpressionFromSelectedTags(dropdownSelectedValue, generateSearchBoxExpression, generateSearchBoxLangExpression);
if (expressionBuilder != "") {
Coveo.state(this, 'hd', dropdownSelectedText);
Coveo.state(this, 'hq', expressionBuilder);
}
}
}
} catch (err) {
console.log("error from search box = ");
console.log(err);
}
}
});
/** -- used for the redirection - coveo support as example **/
Coveo.initSearchbox(root, "/content/techdocs/en_US/search.html");
});
$(document).ready(function() {
$(".td-nav-search__form .td-dropdown__menu .td-selectable__item").on("click", function() {
dropdownSelectedValue = $(this).attr("data-value");
});
});
</script>
<div id="coveosearcbox" class="CoveoSearchInterface Coveostate CoveoComponentState CoveoComponentOptions CoveoQueryController CoveoDebug coveo-after-initialization" style="display: block;">
<div class="CoveoFacetsMobileMode"></div>
<!-- This Analytics section is for Analytics record and Query suggestion -->
<div class="CoveoAnalytics" data-search-hub="TechDocsPANW_SH"></div>
<!-- The `coveo-search-section` class is for alignment purpose only -->
<div class="coveo-search-section">
<!-- Setting `data-enable-omnibox` and `data-enable-query-suggest-addon` to `true` is not necessary in version 2.x -->
<div id="headerSearch" class="CoveoSearchbox" data-enable-omnibox="true" data-enable-reveal-query-suggest-addon="true" data-enable-query-syntax="true" data-enable-wildcards="true">
<div class="CoveoOmnibox magic-box" role="search" aria-haspopup="listbox">
<div class="magic-box-input">
<div class="magic-box-underlay"><span class="magic-box-highlight-container"><span data-id="start" data-success="true"><span data-id="Start" data-success="true"><span data-id="Empty" data-success="true"
data-value=""></span></span></span></span><span class="magic-box-ghost-text"></span></div><input autocomplete="off" type="text" role="combobox" form="coveo-dummy-form" aria-autocomplete="list"
title="Insert a query. Press enter to send" aria-expanded="false" aria-owns="coveo-magicbox-suggestions-1515c8fd-f83d-488e-e249-dc933435b4c2" aria-controls="coveo-magicbox-suggestions-1515c8fd-f83d-488e-e249-dc933435b4c2"
aria-label="Search">
<div class="magic-box-clear coveo-accessible-button" role="button" aria-label="Clear" tabindex="-1" aria-hidden="true">
<div class="magic-box-icon"><svg focusable="false" enable-background="new 0 0 13 13" viewBox="0 0 13 13" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="Clear" class="magic-box-clear-svg">
<title>Clear</title>
<g fill="currentColor">
<path
d="m7.881 6.501 4.834-4.834c.38-.38.38-1.001 0-1.381s-1.001-.38-1.381 0l-4.834 4.834-4.834-4.835c-.38-.38-1.001-.38-1.381 0s-.38 1.001 0 1.381l4.834 4.834-4.834 4.834c-.38.38-.38 1.001 0 1.381s1.001.38 1.381 0l4.834-4.834 4.834 4.834c.38.38 1.001.38 1.381 0s .38-1.001 0-1.381z">
</path>
</g>
</svg></div>
</div>
</div>
<div class="magic-box-suggestions">
<div class="coveo-magicbox-suggestions" id="coveo-magicbox-suggestions-1515c8fd-f83d-488e-e249-dc933435b4c2" role="listbox" aria-label="Search Suggestions">
<div role="option"></div>
</div>
</div>
</div>
<a class="CoveoSearchButton coveo-accessible-button" role="button" aria-label="Search" tabindex="0"><span class="coveo-search-button"><svg focusable="false" enable-background="new 0 0 20 20" viewBox="0 0 20 20" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="Search" class="coveo-search-button-svg"><title>Search</title><g fill="currentColor"><path class="coveo-magnifier-circle-svg" d="m8.368 16.736c-4.614 0-8.368-3.754-8.368-8.368s3.754-8.368 8.368-8.368 8.368 3.754 8.368 8.368-3.754 8.368-8.368 8.368m0-14.161c-3.195 0-5.793 2.599-5.793 5.793s2.599 5.793 5.793 5.793 5.793-2.599 5.793-5.793-2.599-5.793-5.793-5.793"></path><path d="m18.713 20c-.329 0-.659-.126-.91-.377l-4.552-4.551c-.503-.503-.503-1.318 0-1.82.503-.503 1.318-.503 1.82 0l4.552 4.551c.503.503.503 1.318 0 1.82-.252.251-.581.377-.91.377"></path></g></svg></span><span class="coveo-search-button-loading"><svg focusable="false" enable-background="new 0 0 18 18" viewBox="0 0 18 18" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="Loading" class="coveo-search-button-loading-svg"><title>Loading</title><g fill="currentColor"><path d="m16.76 8.051c-.448 0-.855-.303-.969-.757-.78-3.117-3.573-5.294-6.791-5.294s-6.01 2.177-6.79 5.294c-.134.537-.679.861-1.213.727-.536-.134-.861-.677-.728-1.212 1.004-4.009 4.594-6.809 8.731-6.809 4.138 0 7.728 2.8 8.73 6.809.135.536-.191 1.079-.727 1.213-.081.02-.162.029-.243.029z"></path><path d="m9 18c-4.238 0-7.943-3.007-8.809-7.149-.113-.541.234-1.071.774-1.184.541-.112 1.071.232 1.184.773.674 3.222 3.555 5.56 6.851 5.56s6.178-2.338 6.852-5.56c.113-.539.634-.892 1.184-.773.54.112.887.643.773 1.184-.866 4.142-4.57 7.149-8.809 7.149z"></path></g></svg></span></a>
</div>
</div>
<div aria-live="polite" class="coveo-visible-to-screen-reader-only"></div>
</div>
<!-- <input class="td-nav-search__input" name="q" aria-label="Search query input box">
<button class="td-nav-search__button" aria-label="Submit search" type="submit">
<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 128 128" style="enable-background:new 0 0 128 128;" xml:space="preserve">
<path d="M125.9,115.5L94.5,84.1c0,0,0,0-0.1,0C101,75.3,105,64.4,105,52.6c0-29-23.5-52.5-52.5-52.5S0,23.6,0,52.6 s23.5,52.5,52.5,52.5c12,0,22.9-4,31.8-10.8c0,0,0,0,0,0l31.4,31.4c2.8,2.8,7.4,2.8,10.2,0C128.7,122.9,128.7,118.3,125.9,115.5z M52.5,90.6c-21,0-38-17-38-38c0-21,17-38,38-38s38,17,38,38C90.5,73.6,73.5,90.6,52.5,90.6z"/>
</svg>
</button> -->
</form>Text Content
Cookie Notice
This site uses cookies essential to its operation, for analytics, and for
personalized content and ads. By continuing to browse this site, you acknowledge
the use of cookies. Privacy statement
Close
Cookie Settings
* Your Privacy
* Strictly Necessary Cookies
* Performance Cookies
* Functional Cookies
* Targeting Cookies
* Privacy Statement
Privacy Preference Center
Active
Always Active
Save Settings
Allow All
1. Home
* Products
* Releases
* Best Practices
* Resources
* By Type
EN
Location
* Documentation Home
* Palo Alto Networks
* Support
* Live Community
* Knowledge Base
Products Releases Best Practices Resources By Type
Network Security
Cloud-Delivered Security Services
Advanced DNS Security Advanced WildFire Advanced Threat Prevention Advanced URL
Filtering AI Access Security Enterprise Data Loss Prevention SaaS Security IoT
Security
Cloud Identity Engine Cloud NGFW for AWS Cloud NGFW for Azure CN-Series
Common Services
License Activation & Subscription Management Tenant Management Identity & Access
Management Device Associations FAQ
GlobalProtect
Next-Generation Firewall
PAN-OS AIOps for NGFW Firewalls SD-WAN Service Provider
Panorama Strata Cloud Manager AI Runtime Security VM-Series
Secure Access Service Edge
Common Services
License Activation & Subscription Management Tenant Management Identity & Access
Management Device Associations FAQ
FedRAMP Next-Generation CASB
Prisma Access
Activity Autonomous DEM Prisma Access Insights
Prisma SD-WAN
ION Devices
Remote Browser Isolation Strata Cloud Manager Strata Multitenant Cloud Manager
Cloud-Native Security
Prisma Cloud
Security Operations
Strata Logging Service Cortex XDR Cortex XSOAR Cortex XPANSE Cortex XSIAM
AutoFocus
All Release Notes
View All Release Notes
Recently Updated Release Notes
PAN-OS Release Notes (PAN-OS 10.2) PAN-OS Release Notes (PAN-OS 11.1) PAN-OS
Release Notes (PAN-OS 11.2) Strata Logging Service Release Notes SaaS Security
Release Notes VM-Series and Panorama Plugins Release Notes PAN-OS® Release Notes
(PAN-OS 9.1 (EoL)) Prisma SD-WAN ION Device Release Notes (6.1) GlobalProtect™
App Release Notes (6.2) Strata Cloud Manager Release Notes
See All Recently Updated Release Notes
Recently Updated Documentation
Administration Prisma Access Administration (4.0 & Later) Enterprise DLP
Administration PAN-OS® Networking Administrator’s Guide (PAN-OS 11.1 & Later )
Activation & Onboarding Strata Logging Service Log Reference Strata Logging
Service Administration Advanced WildFire Administration SaaS Security
Administrator's Guide Network Security: Security Policy
See All Recent Updates
Applications and Threats Content Updates
Best Practices for Migrating to Application-Based Policy
Data Center
Decryption
DoS and Zone
Get Started
Internet Gateway Security Policy
Secure Administrative Access
Security Policy
WildFire
Zero Trust
VIEW ALL
All Release Notes
Blog
Compatibility Matrix
Experts Corner
Infographics
Licensing, Registration, and Activation
OSS Listings
Translated Documents
VIEW ALL
API Documentation
Release Notes
PAN-OS® Administrator’s Guide
* PAN-OS® Administrator’s Guide
* All Documentation
>
Clear
SearchLoading
Clear
Threat Log Fields
Updated on
Jul 1, 2024
Focus
Download PDF
Filter
Expand All | Collapse All
NEXT-GENERATION FIREWALL DOCS
--------------------------------------------------------------------------------
*
Getting Started
* Get Started with NGFWs
*
Administration
Version
PAN-OS 9.1 (EoL)
* Cloud Management of NGFWs
* PAN-OS 10.0 (EoL)
* PAN-OS 10.1
* PAN-OS 10.2
* PAN-OS 11.0
* PAN-OS 11.1 & Later
* PAN-OS 9.1 (EoL)
* Getting Started
* Integrate the Firewall into Your Management Network
* Determine Your Management Strategy
* Perform Initial Configuration
* Perform Initial Configuration for an Air Gapped Firewall
* Set Up Network Access for External Services
* Register the Firewall
* Segment Your Network Using Interfaces and Zones
* Network Segmentation for a Reduced Attack Surface
* Configure Interfaces and Zones
* Set Up a Basic Security Policy
* Assess Network Traffic
* Enable Free WildFire Forwarding
* Best Practices for Completing the Firewall Deployment
* Best Practices for Securing Administrative Access
* Subscriptions
* Subscriptions You Can Use With the Firewall
* Activate Subscription Licenses
* What Happens When Licenses Expire?
* Enhanced Application Logs for Palo Alto Networks Cloud Services
* Software and Content Updates
* PAN-OS Software Updates
* Dynamic Content Updates
* Install Content Updates
* Applications and Threats Content Updates
* Deploy Applications and Threats Content Updates
* Tips for Content Updates
* Best Practices for Applications and Threats Content Updates
* Best Practices for Content Updates—Mission-Critical
* Best Practices for Content Updates—Security-First
* Content Delivery Network Infrastructure
* Firewall Administration
* Management Interfaces
* Use the Web Interface
* Launch the Web Interface
* Configure Banners, Message of the Day, and Logos
* Use the Administrator Login Activity Indicators to Detect Account
Misuse
* Manage and Monitor Administrative Tasks
* Commit, Validate, and Preview Firewall Configuration Changes
* Export Configuration Table Data
* Use Global Find to Search the Firewall or Panorama Management Server
* Manage Locks for Restricting Configuration Changes
* Manage Configuration Backups
* Save and Export Firewall Configurations
* Revert Firewall Configuration Changes
* Manage Firewall Administrators
* Administrative Role Types
* Configure an Admin Role Profile
* Administrative Authentication
* Configure Administrative Accounts and Authentication
* Configure a Firewall Administrator Account
* Configure Local or External Authentication for Firewall
Administrators
* Configure Certificate-Based Administrator Authentication to the Web
Interface
* Configure SSH Key-Based Administrator Authentication to the CLI
* Configure API Key Lifetime
* Reference: Web Interface Administrator Access
* Web Interface Access Privileges
* Define Access to the Web Interface Tabs
* Provide Granular Access to the Monitor Tab
* Provide Granular Access to the Policy Tab
* Provide Granular Access to the Objects Tab
* Provide Granular Access to the Network Tab
* Provide Granular Access to the Device Tab
* Define User Privacy Settings in the Admin Role Profile
* Restrict Administrator Access to Commit and Validate Functions
* Provide Granular Access to Global Settings
* Provide Granular Access to the Panorama Tab
* Panorama Web Interface Access Privileges
* Reference: Port Number Usage
* Ports Used for Management Functions
* Ports Used for HA
* Ports Used for Panorama
* Ports Used for GlobalProtect
* Ports Used for User-ID
* Reset the Firewall to Factory Default Settings
* Bootstrap the Firewall
* USB Flash Drive Support
* Sample init-cfg.txt Files
* Prepare a USB Flash Drive for Bootstrapping a Firewall
* Bootstrap a Firewall Using a USB Flash Drive
* Authentication
* Authentication Types
* External Authentication Services
* Multi-Factor Authentication
* SAML
* Kerberos
* TACACS+
* RADIUS
* LDAP
* Local Authentication
* Plan Your Authentication Deployment
* Configure Multi-Factor Authentication
* Configure MFA Between RSA SecurID and the Firewall
* Configure MFA Between Okta and the Firewall
* Configure MFA Between Duo and the Firewall
* Configure SAML Authentication
* Configure Kerberos Single Sign-On
* Configure Kerberos Server Authentication
* Configure TACACS+ Authentication
* Configure RADIUS Authentication
* Configure LDAP Authentication
* Connection Timeouts for Authentication Servers
* Guidelines for Setting Authentication Server Timeouts
* Modify the PAN-OS Web Server Timeout
* Modify the Captive Portal Session Timeout
* Configure Local Database Authentication
* Configure an Authentication Profile and Sequence
* Test Authentication Server Connectivity
* Authentication Policy
* Authentication Timestamps
* Configure Authentication Policy
* Troubleshoot Authentication Issues
* Certificate Management
* Keys and Certificates
* Default Trusted Certificate Authorities (CAs)
* Certificate Revocation
* Certificate Revocation List (CRL)
* Online Certificate Status Protocol (OCSP)
* Certificate Deployment
* Set Up Verification for Certificate Revocation Status
* Configure an OCSP Responder
* Configure Revocation Status Verification of Certificates
* Configure Revocation Status Verification of Certificates Used for
SSL/TLS Decryption
* Configure the Master Key
* Obtain Certificates
* Create a Self-Signed Root CA Certificate
* Generate a Certificate
* Import a Certificate and Private Key
* Obtain a Certificate from an External CA
* Install a Device Certificate
* Restore an Expired Device Certificate
* Deploy Certificates Using SCEP
* Export a Certificate and Private Key
* Configure a Certificate Profile
* Configure an SSL/TLS Service Profile
* Replace the Certificate for Inbound Management Traffic
* Configure the Key Size for SSL Forward Proxy Server Certificates
* Revoke and Renew Certificates
* Revoke a Certificate
* Renew a Certificate
* Secure Keys with a Hardware Security Module
* Set Up Connectivity with an HSM
* Set Up Connectivity with a SafeNet Network HSM
* Set Up Connectivity with an nCipher nShield Connect HSM
* Encrypt a Master Key Using an HSM
* Encrypt the Master Key
* Refresh the Master Key Encryption
* Store Private Keys on an HSM
* Manage the HSM Deployment
* High Availability
* HA Overview
* HA Concepts
* HA Modes
* HA Links and Backup Links
* HA Ports on Palo Alto Networks Firewalls
* Device Priority and Preemption
* Failover
* LACP and LLDP Pre-Negotiation for Active/Passive HA
* Floating IP Address and Virtual MAC Address
* ARP Load-Sharing
* Route-Based Redundancy
* HA Timers
* Session Owner
* Session Setup
* NAT in Active/Active HA Mode
* ECMP in Active/Active HA Mode
* Set Up Active/Passive HA
* Prerequisites for Active/Passive HA
* Configuration Guidelines for Active/Passive HA
* Configure Active/Passive HA
* Define HA Failover Conditions
* Verify Failover
* Set Up Active/Active HA
* Prerequisites for Active/Active HA
* Configure Active/Active HA
* Determine Your Active/Active Use Case
* Use Case: Configure Active/Active HA with Route-Based Redundancy
* Use Case: Configure Active/Active HA with Floating IP Addresses
* Use Case: Configure Active/Active HA with ARP Load-Sharing
* Use Case: Configure Active/Active HA with Floating IP Address Bound
to Active-Primary Firewall
* Use Case: Configure Active/Active HA with Source DIPP NAT Using
Floating IP Addresses
* Use Case: Configure Separate Source NAT IP Address Pools for
Active/Active HA Firewalls
* Use Case: Configure Active/Active HA for ARP Load-Sharing with
Destination NAT
* Use Case: Configure Active/Active HA for ARP Load-Sharing with
Destination NAT in Layer 3
* Refresh HA1 SSH Keys and Configure Key Options
* HA Firewall States
* Reference: HA Synchronization
* Monitoring
* Use the Dashboard
* Use the Application Command Center
* ACC—First Look
* ACC Tabs
* ACC Widgets
* Widget Descriptions
* ACC Filters
* Interact with the ACC
* Use Case: ACC—Path of Information Discovery
* Use the App Scope Reports
* Summary Report
* Change Monitor Report
* Threat Monitor Report
* Threat Map Report
* Network Monitor Report
* Traffic Map Report
* Use the Automated Correlation Engine
* Automated Correlation Engine Concepts
* Correlation Object
* Correlated Events
* View the Correlated Objects
* Interpret Correlated Events
* Use the Compromised Hosts Widget in the ACC
* Take Packet Captures
* Types of Packet Captures
* Disable Hardware Offload
* Take a Custom Packet Capture
* Take a Threat Packet Capture
* Take an Application Packet Capture
* Take a Packet Capture for Unknown Applications
* Take a Custom Application Packet Capture
* Take a Packet Capture on the Management Interface
* Monitor Applications and Threats
* View and Manage Logs
* Log Types and Severity Levels
* Traffic Logs
* Threat Logs
* URL Filtering Logs
* WildFire Submissions Logs
* Data Filtering Logs
* Correlation Logs
* Tunnel Inspection Logs
* Config Logs
* System Logs
* HIP Match Logs
* GlobalProtect Logs
* IP-Tag Logs
* User-ID Logs
* Alarms Logs
* Authentication Logs
* Unified Logs
* View Logs
* Filter Logs
* Export Logs
* Use Case: Export Traffic Logs for a Date Range
* Configure Log Storage Quotas and Expiration Periods
* Schedule Log Exports to an SCP or FTP Server
* Monitor Block List
* View and Manage Reports
* Report Types
* View Reports
* Configure the Expiration Period and Run Time for Reports
* Disable Predefined Reports
* Custom Reports
* Generate Custom Reports
* Generate Botnet Reports
* Configure a Botnet Report
* Interpret Botnet Report Output
* Generate the SaaS Application Usage Report
* Manage PDF Summary Reports
* Generate User/Group Activity Reports
* Manage Report Groups
* Schedule Reports for Email Delivery
* Manage Report Storage Capacity
* View Policy Rule Usage
* Use External Services for Monitoring
* Configure Log Forwarding
* Configure Email Alerts
* Use Syslog for Monitoring
* Configure Syslog Monitoring
* Syslog Field Descriptions
* Traffic Log Fields
* Threat Log Fields
* URL Filtering Log Fields
* Data Filtering Log Fields
* HIP Match Log Fields
* GlobalProtect Log Fields
* GlobalProtect Log Fields for PAN-OS 9.1.0 Through 9.1.2
* GlobalProtect Log Fields for PAN-OS 9.1.3 and Later Releases
* IP-Tag Log Fields
* User-ID Log Fields
* Tunnel Inspection Log Fields
* SCTP Log Fields
* Authentication Log Fields
* Config Log Fields
* System Log Fields
* Correlated Events Log Fields
* GTP Log Fields
* Syslog Severity
* Custom Log/Event Format
* Escape Sequences
* SNMP Monitoring and Traps
* SNMP Support
* Use an SNMP Manager to Explore MIBs and Objects
* Identify a MIB Containing a Known OID
* Walk a MIB
* Identify the OID for a System Statistic or Trap
* Enable SNMP Services for Firewall-Secured Network Elements
* Monitor Statistics Using SNMP
* Forward Traps to an SNMP Manager
* Supported MIBs
* MIB-II
* IF-MIB
* HOST-RESOURCES-MIB
* ENTITY-MIB
* ENTITY-SENSOR-MIB
* ENTITY-STATE-MIB
* IEEE 802.3 LAG MIB
* LLDP-V2-MIB.my
* BFD-STD-MIB
* PAN-COMMON-MIB.my
* PAN-GLOBAL-REG-MIB.my
* PAN-GLOBAL-TC-MIB.my
* PAN-LC-MIB.my
* PAN-PRODUCT-MIB.my
* PAN-ENTITY-EXT-MIB.my
* PAN-TRAPS.my
* Forward Logs to an HTTP/S Destination
* NetFlow Monitoring
* Configure NetFlow Exports
* NetFlow Templates
* Firewall Interface Identifiers in SNMP Managers and NetFlow Collectors
* User-ID
* User-ID Overview
* User-ID Concepts
* Group Mapping
* User Mapping
* Server Monitoring
* Port Mapping
* XFF Headers
* Username Header Insertion
* Authentication Policy and Captive Portal
* Syslog
* GlobalProtect
* XML API
* Client Probing
* Enable User-ID
* Map Users to Groups
* Map IP Addresses to Users
* Create a Dedicated Service Account for the User-ID Agent
* Configure User Mapping Using the Windows User-ID Agent
* Install the Windows-Based User-ID Agent
* Configure the Windows User-ID Agent for User Mapping
* Configure User Mapping Using the PAN-OS Integrated User-ID Agent
* Configure Server Monitoring Using WinRM
* Configure User-ID to Monitor Syslog Senders for User Mapping
* Configure the PAN-OS Integrated User-ID Agent as a Syslog Listener
* Configure the Windows User-ID Agent as a Syslog Listener
* Map IP Addresses to Usernames Using Captive Portal
* Captive Portal Authentication Methods
* Captive Portal Modes
* Configure Captive Portal
* Configure User Mapping for Terminal Server Users
* Configure the Palo Alto Networks Terminal Server (TS) Agent for User
Mapping
* Retrieve User Mappings from a Terminal Server Using the PAN-OS XML
API
* Send User Mappings to User-ID Using the XML API
* Enable User- and Group-Based Policy
* Enable Policy for Users with Multiple Accounts
* Verify the User-ID Configuration
* Deploy User-ID in a Large-Scale Network
* Deploy User-ID for Numerous Mapping Information Sources
* Windows Log Forwarding and Global Catalog Servers
* Plan a Large-Scale User-ID Deployment
* Configure Windows Log Forwarding
* Configure User-ID for Numerous Mapping Information Sources
* Insert Username in HTTP Headers
* Redistribute User Mappings and Authentication Timestamps
* Firewall Deployment for User-ID Redistribution
* Configure User-ID Redistribution
* Share User-ID Mappings Across Virtual Systems
* App-ID
* App-ID Overview
* App-ID and HTTP/2 Inspection
* Manage Custom or Unknown Applications
* Manage New and Modified App-IDs
* Apply Tags to an Application Filter
* Create Custom Application Tags
* Workflow to Best Incorporate New and Modified App-IDs
* See the New and Modified App-IDs in a Content Release
* See How New and Modified App-IDs Impact Your Security Policy
* Ensure Critical New App-IDs are Allowed
* Monitor New App-IDs
* Disable and Enable App-IDs
* Use Application Objects in Policy
* Create an Application Group
* Create an Application Filter
* Create a Custom Application
* Resolve Application Dependencies
* Safely Enable Applications on Default Ports
* Applications with Implicit Support
* Security Policy Rule Optimization
* Policy Optimizer Concepts
* Sorting and Filtering Security Policy Rules
* Clear Application Usage Data
* Migrate Port-Based to App-ID Based Security Policy Rules
* Rule Cloning Migration Use Case: Web Browsing and SSL Traffic
* Add Applications to an Existing Rule
* Identify Security Policy Rules with Unused Applications
* High Availability for Application Usage Statistics
* How to Disable Policy Optimizer
* Application Level Gateways
* Disable the SIP Application-level Gateway (ALG)
* Use HTTP Headers to Manage SaaS Application Access
* Understand SaaS Custom Headers
* Domains used by the Predefined SaaS Application Types
* Create HTTP Header Insertion Entries using Predefined Types
* Create Custom HTTP Header Insertion Entries
* Maintain Custom Timeouts for Data Center Applications
* Threat Prevention
* Best Practices for Securing Your Network from Layer 4 and Layer 7
Evasions
* Set Up Antivirus, Anti-Spyware, and Vulnerability Protection
* DNS Security
* About DNS Security
* Domain Generation Algorithm (DGA) Detection
* DNS Tunneling Detection
* Cloud-Delivered DNS Signatures and Protections
* Enable DNS Security
* Use DNS Queries to Identify Infected Hosts on the Network
* How DNS Sinkholing Works
* Configure DNS Sinkholing
* Configure DNS Sinkholing for a List of Custom Domains
* Configure the Sinkhole IP Address to a Local Server on Your Network
* See Infected Hosts that Attempted to Connect to a Malicious Domain
* Data Filtering
* Create a Data Filtering Profile
* Predefined Data Filtering Patterns
* Set Up File Blocking
* Prevent Brute Force Attacks
* Customize the Action and Trigger Conditions for a Brute Force Signature
* Enable Evasion Signatures
* Prevent Credential Phishing
* Methods to Check for Corporate Credential Submissions
* Configure Credential Detection with the Windows User-ID Agent
* Set Up Credential Phishing Prevention
* Monitor Blocked IP Addresses
* Threat Signature Categories
* Create Threat Exceptions
* Custom Signatures
* Monitor and Get Threat Reports
* Monitor Activity and Create Custom Reports Based on Threat Categories
* Learn More About Threat Signatures
* AutoFocus Threat Intelligence for Network Traffic
* AutoFocus Intelligence Summary
* Enable AutoFocus Threat Intelligence
* View and Act on AutoFocus Intelligence Summary Data
* Share Threat Intelligence with Palo Alto Networks
* What Telemetry Data Does the Firewall Collect?
* Passive DNS Monitoring
* Enable Telemetry
* Threat Prevention Resources
* Decryption
* Decryption Overview
* Decryption Concepts
* Keys and Certificates for Decryption Policies
* SSL Forward Proxy
* SSL Forward Proxy Decryption Profile
* SSL Inbound Inspection
* SSL Inbound Inspection Decryption Profile
* SSL Protocol Settings Decryption Profile
* SSH Proxy
* SSH Proxy Decryption Profile
* Decryption Profile for No Decryption
* SSL Decryption for Elliptical Curve Cryptography (ECC) Certificates
* Perfect Forward Secrecy (PFS) Support for SSL Decryption
* SSL Decryption and Subject Alternative Names (SANs)
* High Availability Support for Decrypted Sessions
* Decryption Mirroring
* Prepare to Deploy Decryption
* Work with Stakeholders to Develop a Decryption Deployment Strategy
* Develop a PKI Rollout Plan
* Size the Decryption Firewall Deployment
* Plan a Staged, Prioritized Deployment
* Define Traffic to Decrypt
* Create a Decryption Profile
* Create a Decryption Policy Rule
* Configure SSL Forward Proxy
* Configure SSL Inbound Inspection
* Configure SSH Proxy
* Configure Server Certificate Verification for Undecrypted Traffic
* Decryption Exclusions
* Palo Alto Networks Predefined Decryption Exclusions
* Exclude a Server from Decryption for Technical Reasons
* Create a Policy-Based Decryption Exclusion
* Enable Users to Opt Out of SSL Decryption
* Temporarily Disable SSL Decryption
* Configure Decryption Port Mirroring
* Verify Decryption
* Decryption Broker
* How Decryption Broker Works
* Decryption Broker Concepts
* Decryption Broker: Forwarding Interfaces
* Decryption Broker: Layer 3 Security Chain
* Decryption Broker: Transparent Bridge Security Chain
* Decryption Broker: Security Chain Session Flow
* Decryption Broker: Multiple Security Chains
* Decryption Broker: Security Chain Health Checks
* Layer 3 Security Chain Guidelines
* Configure Decryption Broker with One or More Layer 3 Security Chain
* Transparent Bridge Security Chain Guidelines
* Configure Decryption Broker with a Single Transparent Bridge Security
Chain
* Configure Decryption Broker with Multiple Transparent Bridge Security
Chains
* Activate Free Licenses for Decryption Features
* URL Filtering
* About Palo Alto Networks URL Filtering Solution
* How Advanced URL Filtering Works
* URL Filtering Use Cases
* URL Categories
* Security-Focused URL Categories
* Malicious URL Categories
* Verified URL Categories
* Policy Actions You Can Take Based on URL Categories
* Plan Your URL Filtering Deployment
* URL Filtering Best Practices
* Activate The Advanced URL Filtering Subscription
* Configure URL Filtering
* Test URL Filtering Configuration
* Monitor Web Activity
* Monitor Web Activity of Network Users
* View the User Activity Report
* Configure Custom URL Filtering Reports
* Log Only the Page a User Visits
* Create a Custom URL Category
* URL Category Exceptions
* Use an External Dynamic List in a URL Filtering Profile
* Allow Password Access to Certain Sites
* Safe Search Enforcement
* Safe Search Settings for Search Providers
* Block Search Results When Strict Safe Search Is Not Enabled
* Transparently Enable Safe Search for Users
* URL Filtering Response Pages
* Customize the URL Filtering Response Pages
* HTTP Header Logging
* Request to Change the Category for a URL
* Troubleshoot URL Filtering
* Problems Activating Advanced URL Filtering
* PAN-DB Cloud Connectivity Issues
* URLs Classified as Not-Resolved
* Incorrect Categorization
* PAN-DB Private Cloud
* M-600 Appliance for PAN-DB Private Cloud
* Set Up the PAN-DB Private Cloud
* Configure the PAN-DB Private Cloud
* Configure the Firewalls to Access the PAN-DB Private Cloud
* Configure Authentication with Custom Certificates on the PAN-DB
Private Cloud
* Quality of Service
* QoS Overview
* QoS Concepts
* QoS for Applications and Users
* QoS Policy
* QoS Profile
* QoS Classes
* QoS Priority Queuing
* QoS Bandwidth Management
* QoS Egress Interface
* QoS for Clear Text and Tunneled Traffic
* Configure QoS
* Configure QoS for a Virtual System
* Enforce QoS Based on DSCP Classification
* QoS Use Cases
* Use Case: QoS for a Single User
* Use Case: QoS for Voice and Video Applications
* VPNs
* VPN Deployments
* Site-to-Site VPN Overview
* Site-to-Site VPN Concepts
* IKE Gateway
* Tunnel Interface
* Tunnel Monitoring
* Internet Key Exchange (IKE) for VPN
* IKE Phase 1
* IKE Phase 2
* Methods of Securing IPSec VPN Tunnels (IKE Phase 2)
* IKEv2
* Liveness Check
* Cookie Activation Threshold and Strict Cookie Validation
* Traffic Selectors
* Hash and URL Certificate Exchange
* SA Key Lifetime and Re-Authentication Interval
* Set Up Site-to-Site VPN
* Set Up an IKE Gateway
* Export a Certificate for a Peer to Access Using Hash and URL
* Import a Certificate for IKEv2 Gateway Authentication
* Change the Key Lifetime or Authentication Interval for IKEv2
* Change the Cookie Activation Threshold for IKEv2
* Configure IKEv2 Traffic Selectors
* Define Cryptographic Profiles
* Define IKE Crypto Profiles
* Define IPSec Crypto Profiles
* Set Up an IPSec Tunnel
* Set Up Tunnel Monitoring
* Define a Tunnel Monitoring Profile
* View the Status of the Tunnels
* Enable/Disable, Refresh or Restart an IKE Gateway or IPSec Tunnel
* Enable or Disable an IKE Gateway or IPSec Tunnel
* Refresh and Restart Behaviors
* Refresh or Restart an IKE Gateway or IPSec Tunnel
* Test VPN Connectivity
* Interpret VPN Error Messages
* Site-to-Site VPN Quick Configs
* Site-to-Site VPN with Static Routing
* Site-to-Site VPN with OSPF
* Site-to-Site VPN with Static and Dynamic Routing
* Large Scale VPN (LSVPN)
* LSVPN Overview
* Create Interfaces and Zones for the LSVPN
* Enable SSL Between GlobalProtect LSVPN Components
* About Certificate Deployment
* Deploy Server Certificates to the GlobalProtect LSVPN Components
* Deploy Client Certificates to the GlobalProtect Satellites Using SCEP
* Configure the Portal to Authenticate Satellites
* Configure GlobalProtect Gateways for LSVPN
* Configure the GlobalProtect Portal for LSVPN
* GlobalProtect Portal for LSVPN Prerequisite Tasks
* Configure the Portal
* Define the Satellite Configurations
* Prepare the Satellite to Join the LSVPN
* Verify the LSVPN Configuration
* LSVPN Quick Configs
* Basic LSVPN Configuration with Static Routing
* Advanced LSVPN Configuration with Dynamic Routing
* Advanced LSVPN Configuration with iBGP
* Networking
* Configure Interfaces
* Tap Interfaces
* Virtual Wire Interfaces
* Layer 2 and Layer 3 Packets over a Virtual Wire
* Port Speeds of Virtual Wire Interfaces
* LLDP over a Virtual Wire
* Aggregated Interfaces for a Virtual Wire
* Virtual Wire Support of High Availability
* Zone Protection for a Virtual Wire Interface
* VLAN-Tagged Traffic
* Virtual Wire Subinterfaces
* Configure Virtual Wires
* Layer 2 Interfaces
* Layer 2 Interfaces with No VLANs
* Layer 2 Interfaces with VLANs
* Configure a Layer 2 Interface
* Configure a Layer 2 Interface, Subinterface, and VLAN
* Manage Per-VLAN Spanning Tree (PVST+) BPDU Rewrite
* Layer 3 Interfaces
* Configure Layer 3 Interfaces
* Manage IPv6 Hosts Using NDP
* IPv6 Router Advertisements for DNS Configuration
* Configure RDNS Servers and DNS Search List for IPv6 Router
Advertisements
* NDP Monitoring
* Enable NDP Monitoring
* Configure an Aggregate Interface Group
* Use Interface Management Profiles to Restrict Access
* Virtual Routers
* Service Routes
* Static Routes
* Static Route Overview
* Static Route Removal Based on Path Monitoring
* Configure a Static Route
* Configure Path Monitoring for a Static Route
* RIP
* OSPF
* OSPF Concepts
* OSPFv3
* OSPF Neighbors
* OSPF Areas
* OSPF Router Types
* Configure OSPF
* Configure OSPFv3
* Configure OSPF Graceful Restart
* Confirm OSPF Operation
* View the Routing Table
* Confirm OSPF Adjacencies
* Confirm that OSPF Connections are Established
* BGP
* BGP Overview
* MP-BGP
* Configure BGP
* Configure a BGP Peer with MP-BGP for IPv4 or IPv6 Unicast
* Configure a BGP Peer with MP-BGP for IPv4 Multicast
* BGP Confederations
* IP Multicast
* IGMP
* PIM
* Shortest-Path Tree (SPT) and Shared Tree
* PIM Assert Mechanism
* Reverse-Path Forwarding
* Configure IP Multicast
* View IP Multicast Information
* Route Redistribution
* GRE Tunnels
* GRE Tunnel Overview
* Create a GRE Tunnel
* DHCP
* DHCP Overview
* Firewall as a DHCP Server and Client
* DHCP Messages
* DHCP Addressing
* DHCP Address Allocation Methods
* DHCP Leases
* DHCP Options
* Predefined DHCP Options
* Multiple Values for a DHCP Option
* DHCP Options 43, 55, and 60 and Other Customized Options
* Configure an Interface as a DHCP Server
* Configure an Interface as a DHCP Client
* Configure the Management Interface as a DHCP Client
* Configure an Interface as a DHCP Relay Agent
* Monitor and Troubleshoot DHCP
* View DHCP Server Information
* Clear DHCP Leases
* View DHCP Client Information
* Gather Debug Output about DHCP
* DNS
* DNS Overview
* DNS Proxy Object
* DNS Server Profile
* Multi-Tenant DNS Deployments
* Configure a DNS Proxy Object
* Configure a DNS Server Profile
* Use Case 1: Firewall Requires DNS Resolution
* Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolution for
Security Policies, Reporting, and Services within its Virtual System
* Use Case 3: Firewall Acts as DNS Proxy Between Client and Server
* DNS Proxy Rule and FQDN Matching
* Dynamic DNS Overview
* Configure Dynamic DNS for Firewall Interfaces
* NAT
* NAT Policy Rules
* NAT Policy Overview
* NAT Address Pools Identified as Address Objects
* Proxy ARP for NAT Address Pools
* Source NAT and Destination NAT
* Source NAT
* Destination NAT
* Destination NAT with DNS Rewrite Use Cases
* Destination NAT with DNS Rewrite Reverse Use Cases
* Destination NAT with DNS Rewrite Forward Use Cases
* NAT Rule Capacities
* Dynamic IP and Port NAT Oversubscription
* Dataplane NAT Memory Statistics
* Configure NAT
* Translate Internal Client IP Addresses to Your Public IP Address
(Source DIPP NAT)
* Enable Clients on the Internal Network to Access your Public Servers
(Destination U-Turn NAT)
* Enable Bi-Directional Address Translation for Your Public-Facing
Servers (Static Source NAT)
* Configure Destination NAT with DNS Rewrite
* Configure Destination NAT Using Dynamic IP Addresses
* Modify the Oversubscription Rate for DIPP NAT
* Reserve Dynamic IP NAT Addresses
* Disable NAT for a Specific Host or Interface
* NAT Configuration Examples
* Destination NAT Example—One-to-One Mapping
* Destination NAT with Port Translation Example
* Destination NAT Example—One-to-Many Mapping
* Source and Destination NAT Example
* Virtual Wire Source NAT Example
* Virtual Wire Static NAT Example
* Virtual Wire Destination NAT Example
* NPTv6
* NPTv6 Overview
* NPTv6 Does Not Provide Security
* Model Support for NPTv6
* Unique Local Addresses
* Reasons to Use NPTv6
* How NPTv6 Works
* Checksum-Neutral Mapping
* Bi-Directional Translation
* NPTv6 Applied to a Specific Service
* NDP Proxy
* NPTv6 and NDP Proxy Example
* The ND Cache in NPTv6 Example
* The NDP Proxy in NPTv6 Example
* The NPTv6 Translation in NPTv6 Example
* Neighbors in the ND Cache are Not Translated
* Create an NPTv6 Policy
* NAT64
* NAT64 Overview
* IPv4-Embedded IPv6 Address
* DNS64 Server
* Path MTU Discovery
* IPv6-Initiated Communication
* Configure NAT64 for IPv6-Initiated Communication
* Configure NAT64 for IPv4-Initiated Communication
* Configure NAT64 for IPv4-Initiated Communication with Port Translation
* ECMP
* ECMP Load-Balancing Algorithms
* ECMP Model, Interface, and IP Routing Support
* Configure ECMP on a Virtual Router
* Enable ECMP for Multiple BGP Autonomous Systems
* Verify ECMP
* LLDP
* LLDP Overview
* Supported TLVs in LLDP
* LLDP Syslog Messages and SNMP Traps
* Configure LLDP
* View LLDP Settings and Status
* Clear LLDP Statistics
* BFD
* BFD Overview
* BFD Model, Interface, and Client Support
* Non-Supported RFC Components of BFD
* BFD for Static Routes
* BFD for Dynamic Routing Protocols
* Configure BFD
* Reference: BFD Details
* Session Settings and Timeouts
* Transport Layer Sessions
* TCP
* TCP Half Closed and TCP Time Wait Timers
* Unverified RST Timer
* TCP Split Handshake Drop
* Maximum Segment Size (MSS)
* UDP
* ICMP
* Security Policy Rules Based on ICMP and ICMPv6 Packets
* ICMPv6 Rate Limiting
* Control Specific ICMP or ICMPv6 Types and Codes
* Configure Session Timeouts
* Configure Session Settings
* Session Distribution Policies
* Session Distribution Policy Descriptions
* Change the Session Distribution Policy and View Statistics
* Prevent TCP Split Handshake Session Establishment
* Tunnel Content Inspection
* Tunnel Content Inspection Overview
* Configure Tunnel Content Inspection
* View Inspected Tunnel Activity
* View Tunnel Information in Logs
* Create a Custom Report Based on Tagged Tunnel Traffic
* Policy
* Policy Types
* Security Policy
* Components of a Security Policy Rule
* Security Policy Actions
* Create a Security Policy Rule
* Policy Objects
* Security Profiles
* Create a Security Profile Group
* Set Up or Override a Default Security Profile Group
* Track Rules Within a Rulebase
* Enforce Policy Rule Description, Tag, and Audit Comment
* Move or Clone a Policy Rule or Object to a Different Virtual System
* Use an Address Object to Represent IP Addresses
* Address Objects
* Create an Address Object
* Use Tags to Group and Visually Distinguish Objects
* Create and Apply Tags
* Modify Tags
* View Rules by Tag Group
* Use an External Dynamic List in Policy
* External Dynamic List
* Formatting Guidelines for an External Dynamic List
* IP Address List
* Domain List
* URL List
* Built-in External Dynamic Lists
* Configure the Firewall to Access an External Dynamic List
* Configure the Firewall to Access an External Dynamic List from the EDL
Hosting Service
* Create an External Dynamic List Using the EDL Hosting Service
* Convert the GlobalSign Root R1 Certificate to PEM Format
* Retrieve an External Dynamic List from the Web Server
* View External Dynamic List Entries
* Exclude Entries from an External Dynamic List
* Enforce Policy on an External Dynamic List
* Find External Dynamic Lists That Failed Authentication
* Disable Authentication for an External Dynamic List
* Register IP Addresses and Tags Dynamically
* Use Dynamic User Groups in Policy
* Use Auto-Tagging to Automate Security Actions
* Monitor Changes in the Virtual Environment
* Enable VM Monitoring to Track Changes on the Virtual Network
* Attributes Monitored on Virtual Machines in Cloud Platforms
* Use Dynamic Address Groups in Policy
* CLI Commands for Dynamic IP Addresses and Tags
* Identify Users Connected through a Proxy Server
* Use XFF Values for Policies and Logging Source Users
* Use the IP Address in the XFF Header to Troubleshoot Events
* Policy-Based Forwarding
* PBF
* Egress Path and Symmetric Return
* Path Monitoring for PBF
* Service Versus Applications in PBF
* Create a Policy-Based Forwarding Rule
* Use Case: PBF for Outbound Access with Dual ISPs
* Application Override Policy
* Test Policy Rules
* Virtual Systems
* Virtual Systems Overview
* Virtual System Components and Segmentation
* Benefits of Virtual Systems
* Use Cases for Virtual Systems
* Platform Support and Licensing for Virtual Systems
* Administrative Roles for Virtual Systems
* Shared Objects for Virtual Systems
* Communication Between Virtual Systems
* Inter-VSYS Traffic That Must Leave the Firewall
* Inter-VSYS Traffic That Remains Within the Firewall
* External Zone
* External Zones and Security Policies For Traffic Within a Firewall
* Inter-VSYS Communication Uses Two Sessions
* Shared Gateway
* External Zones and Shared Gateway
* Networking Considerations for a Shared Gateway
* Configure Virtual Systems
* Configure Inter-Virtual System Communication within the Firewall
* Configure a Shared Gateway
* Customize Service Routes for a Virtual System
* Customize Service Routes to Services for Virtual Systems
* Configure a PA-7000 Series Firewall for Logging Per Virtual System
* Configure a PA-7000 Series LPC for Logging per Virtual System
* Configure a PA-7000 Series LFC for Logging per Virtual System
* Configure Administrative Access Per Virtual System or Firewall
* Virtual System Functionality with Other Features
* Zone Protection and DoS Protection
* Network Segmentation Using Zones
* How Do Zones Protect the Network?
* Zone Defense
* Zone Defense Tools
* How Do the Zone Defense Tools Work?
* Firewall Placement for DoS Protection
* Baseline CPS Measurements for Setting Flood Thresholds
* CPS Measurements to Take
* How to Measure CPS
* Zone Protection Profiles
* Flood Protection
* Reconnaissance Protection
* Packet-Based Attack Protection
* Protocol Protection
* Packet Buffer Protection
* DoS Protection Profiles and Policy Rules
* Classified Versus Aggregate DoS Protection
* DoS Protection Profiles
* DoS Protection Policy Rules
* Configure Zone Protection to Increase Network Security
* Configure Reconnaissance Protection
* Configure Packet Based Attack Protection
* Configure Protocol Protection
* Use Case: Non-IP Protocol Protection Between Security Zones on Layer
2 Interfaces
* Use Case: Non-IP Protocol Protection Within a Security Zone on Layer
2 Interfaces
* Configure Packet Buffer Protection
* DoS Protection Against Flooding of New Sessions
* Multiple-Session DoS Attack
* Single-Session DoS Attack
* Configure DoS Protection Against Flooding of New Sessions
* End a Single Session DoS Attack
* Identify Sessions That Use Too Much of the On-Chip Packet Descriptor
* Discard a Session Without a Commit
* Certifications
* Enable FIPS and Common Criteria Support
* Access the Maintenance Recovery Tool (MRT)
* Change the Operational Mode to FIPS-CC Mode
* FIPS-CC Security Functions
* Scrub the Swap Memory on Firewalls or Appliances Running in FIPS-CC Mode
*
Networking
Version
PAN-OS 10.1
* PAN-OS 10.1
* PAN-OS 10.2
* PAN-OS 11.0
* PAN-OS 11.1 & Later
* Networking
* Networking Introduction
* Configure Interfaces
* Tap Interfaces
* Virtual Wire Interfaces
* Layer 2 and Layer 3 Packets over a Virtual Wire
* Port Speeds of Virtual Wire Interfaces
* LLDP over a Virtual Wire
* Aggregated Interfaces for a Virtual Wire
* Virtual Wire Support of High Availability
* Zone Protection for a Virtual Wire Interface
* VLAN-Tagged Traffic
* Virtual Wire Subinterfaces
* Configure Virtual Wires
* Layer 2 Interfaces
* Layer 2 Interfaces with No VLANs
* Layer 2 Interfaces with VLANs
* Configure a Layer 2 Interface
* Configure a Layer 2 Interface, Subinterface, and VLAN
* Manage Per-VLAN Spanning Tree (PVST+) BPDU Rewrite
* Layer 3 Interfaces
* Configure Layer 3 Interfaces
* Manage IPv6 Hosts Using NDP
* IPv6 Router Advertisements for DNS Configuration
* Configure RDNS Servers and DNS Search List for IPv6 Router
Advertisements
* NDP Monitoring
* Enable NDP Monitoring
* Configure an Aggregate Interface Group
* Configure Bonjour Reflector for Network Segmentation
* Use Interface Management Profiles to Restrict Access
* Virtual Routers
* Virtual Router Overview
* Configure Virtual Routers
* Service Routes
* Service Routes Overview
* Configure Service Routes
* Static Routes
* Static Route Overview
* Static Route Removal Based on Path Monitoring
* Configure a Static Route
* Configure Path Monitoring for a Static Route
* RIP
* RIP Overview
* Configure RIP
* OSPF
* OSPF Concepts
* OSPFv3
* OSPF Neighbors
* OSPF Areas
* OSPF Router Types
* Configure OSPF
* Configure OSPFv3
* Configure OSPF Graceful Restart
* Confirm OSPF Operation
* View the Routing Table
* Confirm OSPF Adjacencies
* Confirm that OSPF Connections are Established
* BGP
* BGP Overview
* MP-BGP
* Configure BGP
* Configure a BGP Peer with MP-BGP for IPv4 or IPv6 Unicast
* Configure a BGP Peer with MP-BGP for IPv4 Multicast
* BGP Confederations
* IP Multicast
* IGMP
* PIM
* Shortest-Path Tree (SPT) and Shared Tree
* PIM Assert Mechanism
* Reverse-Path Forwarding
* Configure IP Multicast
* View IP Multicast Information
* Route Redistribution
* Route Redistribution Overview
* Configure Route Redistribution
* GRE Tunnels
* GRE Tunnel Overview
* Create a GRE Tunnel
* DHCP
* DHCP Overview
* Firewall as a DHCP Server and Client
* DHCP Messages
* DHCP Addressing
* DHCP Address Allocation Methods
* DHCP Leases
* DHCP Options
* Predefined DHCP Options
* Multiple Values for a DHCP Option
* DHCP Options 43, 55, and 60 and Other Customized Options
* Configure an Interface as a DHCP Server
* Configure an Interface as a DHCP Client
* Configure the Management Interface as a DHCP Client
* Configure an Interface as a DHCP Relay Agent
* Monitor and Troubleshoot DHCP
* View DHCP Server Information
* Clear DHCP Leases
* View DHCP Client Information
* Gather Debug Output about DHCP
* DNS
* DNS Overview
* DNS Proxy Object
* DNS Server Profile
* Multi-Tenant DNS Deployments
* Configure a DNS Proxy Object
* Configure a DNS Server Profile
* Use Case 1: Firewall Requires DNS Resolution
* Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolution for
Security Policies, Reporting, and Services within its Virtual System
* Use Case 3: Firewall Acts as DNS Proxy Between Client and Server
* DNS Proxy Rule and FQDN Matching
* DDNS
* Dynamic DNS Overview
* Configure Dynamic DNS for Firewall Interfaces
* NAT
* NAT Policy Rules
* NAT Policy Overview
* NAT Address Pools Identified as Address Objects
* Proxy ARP for NAT Address Pools
* Source NAT and Destination NAT
* Source NAT
* Destination NAT
* Destination NAT with DNS Rewrite Use Cases
* Destination NAT with DNS Rewrite Reverse Use Cases
* Destination NAT with DNS Rewrite Forward Use Cases
* NAT Rule Capacities
* Dynamic IP and Port NAT Oversubscription
* Dataplane NAT Memory Statistics
* Configure NAT
* Translate Internal Client IP Addresses to Your Public IP Address
(Source DIPP NAT)
* Enable Clients on the Internal Network to Access your Public Servers
(Destination U-Turn NAT)
* Enable Bi-Directional Address Translation for Your Public-Facing
Servers (Static Source NAT)
* Configure Destination NAT with DNS Rewrite
* Configure Destination NAT Using Dynamic IP Addresses
* Modify the Oversubscription Rate for DIPP NAT
* Reserve Dynamic IP NAT Addresses
* Disable NAT for a Specific Host or Interface
* NAT Configuration Examples
* Destination NAT Example—One-to-One Mapping
* Destination NAT with Port Translation Example
* Destination NAT Example—One-to-Many Mapping
* Source and Destination NAT Example
* Virtual Wire Source NAT Example
* Virtual Wire Static NAT Example
* Virtual Wire Destination NAT Example
* NPTv6
* NPTv6 Overview
* Unique Local Addresses
* Reasons to Use NPTv6
* How NPTv6 Works
* Checksum-Neutral Mapping
* Bi-Directional Translation
* NPTv6 Applied to a Specific Service
* NDP Proxy
* NPTv6 and NDP Proxy Example
* The ND Cache in NPTv6 Example
* The NDP Proxy in NPTv6 Example
* The NPTv6 Translation in NPTv6 Example
* Neighbors in the ND Cache are Not Translated
* Create an NPTv6 Policy
* NAT64
* NAT64 Overview
* IPv4-Embedded IPv6 Address
* DNS64 Server
* Path MTU Discovery
* IPv6-Initiated Communication
* Configure NAT64 for IPv6-Initiated Communication
* Configure NAT64 for IPv4-Initiated Communication
* Configure NAT64 for IPv4-Initiated Communication with Port Translation
* ECMP
* ECMP Load-Balancing Algorithms
* Configure ECMP on a Virtual Router
* Enable ECMP for Multiple BGP Autonomous Systems
* Verify ECMP
* LLDP
* LLDP Overview
* Supported TLVs in LLDP
* LLDP Syslog Messages and SNMP Traps
* Configure LLDP
* View LLDP Settings and Status
* Clear LLDP Statistics
* BFD
* BFD Overview
* BFD Model, Interface, and Client Support
* Non-Supported RFC Components of BFD
* BFD for Static Routes
* BFD for Dynamic Routing Protocols
* Configure BFD
* Reference: BFD Details
* Session Settings and Timeouts
* Transport Layer Sessions
* TCP
* TCP Half Closed and TCP Time Wait Timers
* Unverified RST Timer
* TCP Split Handshake Drop
* Maximum Segment Size (MSS)
* UDP
* ICMP
* Security Policy Rules Based on ICMP and ICMPv6 Packets
* ICMPv6 Rate Limiting
* Control Specific ICMP or ICMPv6 Types and Codes
* Configure Session Timeouts
* Configure Session Settings
* Session Distribution Policies
* Session Distribution Policy Descriptions
* Change the Session Distribution Policy and View Statistics
* Prevent TCP Split Handshake Session Establishment
* Tunnel Content Inspection
* Tunnel Content Inspection Overview
* Configure Tunnel Content Inspection
* View Inspected Tunnel Activity
* View Tunnel Information in Logs
* Create a Custom Report Based on Tagged Tunnel Traffic
* Tunnel Acceleration Behavior
* Disable Tunnel Acceleration
* Network Packet Broker
* Network Packet Broker Overview
* How Network Packet Broker Works
* Prepare to Deploy Network Packet Broker
* Configure Transparent Bridge Security Chains
* Configure Routed Layer 3 Security Chains
* Network Packet Broker HA Support
* User Interface Changes for Network Packet Broker
* Limitations of Network Packet Broker
* Troubleshoot Network Packet Broker
*
AIOps
* AIOps for NGFW
* Regions for AIOps for NGFW
* Free and Premium Features
* How to Activate AIOps for NGFW
* Where Are My AIOps for NGFW Features?
* Panorama CloudConnector Plugin
* Get Alert Notifications
* Export Metadata for Troubleshooting
* Troubleshoot NGFW Connectivity and Policy Enforcement Anomalies
* Device Telemetry for AIOps for NGFW
* Enable Telemetry on Devices
* Domains Required for AIOps for NGFW
* Utilize Activity Dashboards
* View Executive Summary
* Monitor WildFire
* Monitor DNS Security
* Monitor Advanced Threat Prevention
* Optimize Security Posture
* Monitor Security Posture Insights
* Monitor Feature Adoption
* Monitor Feature Configuration
* Monitor Security Advisories
* Monitor Security Subscriptions
* Assess Vulnerabilities
* Build a Custom Dashboard
* Monitor Compliance Summary
* Configure Security Checks And Other Posture Settings
* Proactively Enforce Security Checks
* Policy Analyzer
* Pre-Change Policy Analysis
* Pre-Change Policy Analysis Reports
* Post-Change Policy Analysis
* NGFW Health and Software Management
* View Network Usage
* View Device Health
* Get Upgrade Recommendations
* Analyze Metric Capacity
* Best Practices in NGFWs
* On-Demand BPA Report
* Generate Your BPA & Adoption Summary Report, On Demand
* Best Practices
*
Incidents & Alerts
* Alerts
* Manage Alerts
* View Alert Details
* View Probable Causes
* Forecasting and Anomaly Detection
* Manage Capacity Analyzer Alerts
* CPU Usage Metrics in AIOps for NGFW
* Create a Notification Rule
* Integrating with ServiceNow
* AIOps for NGFW Alerts Reference
* Premium Health Alerts
* Free Health Alerts
* Service Alerts
* Alerts Raised by Leveraging Machine Learning
* Incidents
* View Incident Details
*
Release Notes
Version
Cloud Management and AIOps for NGFW
* Cloud Management and AIOps for NGFW
* PAN-OS 10.0 (EoL)
* PAN-OS 10.1
* PAN-OS 10.2
* PAN-OS 11.0
* PAN-OS 11.1
* PAN-OS 11.2
* PAN-OS 8.1 (EoL)
* PAN-OS 9.0 (EoL)
*
* New Features for AIOps for NGFW
* New Features in May 2024
* New Features in April 2024
* New Features in March 2024
* New Features in February 2024
* New Features in December 2023
* New Features in November 2023
* New Features in September 2023
* New Features Through August 2023
* Known and Addressed Issues
* Feature History for AIOps for NGFW
Updated on
Jul 1, 2024
Focus
1. Home
2. PAN-OS
3. Monitoring
4. Use Syslog for Monitoring
5. Syslog Field Descriptions
6. Threat Log Fields
Download PDF
THREAT LOG FIELDS
Table of Contents
Filter
Expand All | Collapse All
NEXT-GENERATION FIREWALL DOCS
--------------------------------------------------------------------------------
*
Getting Started
* Get Started with NGFWs
*
Administration
Version
PAN-OS 9.1 (EoL)
* Cloud Management of NGFWs
* PAN-OS 10.0 (EoL)
* PAN-OS 10.1
* PAN-OS 10.2
* PAN-OS 11.0
* PAN-OS 11.1 & Later
* PAN-OS 9.1 (EoL)
* Getting Started
* Integrate the Firewall into Your Management Network
* Determine Your Management Strategy
* Perform Initial Configuration
* Perform Initial Configuration for an Air Gapped Firewall
* Set Up Network Access for External Services
* Register the Firewall
* Segment Your Network Using Interfaces and Zones
* Network Segmentation for a Reduced Attack Surface
* Configure Interfaces and Zones
* Set Up a Basic Security Policy
* Assess Network Traffic
* Enable Free WildFire Forwarding
* Best Practices for Completing the Firewall Deployment
* Best Practices for Securing Administrative Access
* Subscriptions
* Subscriptions You Can Use With the Firewall
* Activate Subscription Licenses
* What Happens When Licenses Expire?
* Enhanced Application Logs for Palo Alto Networks Cloud Services
* Software and Content Updates
* PAN-OS Software Updates
* Dynamic Content Updates
* Install Content Updates
* Applications and Threats Content Updates
* Deploy Applications and Threats Content Updates
* Tips for Content Updates
* Best Practices for Applications and Threats Content Updates
* Best Practices for Content Updates—Mission-Critical
* Best Practices for Content Updates—Security-First
* Content Delivery Network Infrastructure
* Firewall Administration
* Management Interfaces
* Use the Web Interface
* Launch the Web Interface
* Configure Banners, Message of the Day, and Logos
* Use the Administrator Login Activity Indicators to Detect Account
Misuse
* Manage and Monitor Administrative Tasks
* Commit, Validate, and Preview Firewall Configuration Changes
* Export Configuration Table Data
* Use Global Find to Search the Firewall or Panorama Management Server
* Manage Locks for Restricting Configuration Changes
* Manage Configuration Backups
* Save and Export Firewall Configurations
* Revert Firewall Configuration Changes
* Manage Firewall Administrators
* Administrative Role Types
* Configure an Admin Role Profile
* Administrative Authentication
* Configure Administrative Accounts and Authentication
* Configure a Firewall Administrator Account
* Configure Local or External Authentication for Firewall
Administrators
* Configure Certificate-Based Administrator Authentication to the Web
Interface
* Configure SSH Key-Based Administrator Authentication to the CLI
* Configure API Key Lifetime
* Reference: Web Interface Administrator Access
* Web Interface Access Privileges
* Define Access to the Web Interface Tabs
* Provide Granular Access to the Monitor Tab
* Provide Granular Access to the Policy Tab
* Provide Granular Access to the Objects Tab
* Provide Granular Access to the Network Tab
* Provide Granular Access to the Device Tab
* Define User Privacy Settings in the Admin Role Profile
* Restrict Administrator Access to Commit and Validate Functions
* Provide Granular Access to Global Settings
* Provide Granular Access to the Panorama Tab
* Panorama Web Interface Access Privileges
* Reference: Port Number Usage
* Ports Used for Management Functions
* Ports Used for HA
* Ports Used for Panorama
* Ports Used for GlobalProtect
* Ports Used for User-ID
* Reset the Firewall to Factory Default Settings
* Bootstrap the Firewall
* USB Flash Drive Support
* Sample init-cfg.txt Files
* Prepare a USB Flash Drive for Bootstrapping a Firewall
* Bootstrap a Firewall Using a USB Flash Drive
* Authentication
* Authentication Types
* External Authentication Services
* Multi-Factor Authentication
* SAML
* Kerberos
* TACACS+
* RADIUS
* LDAP
* Local Authentication
* Plan Your Authentication Deployment
* Configure Multi-Factor Authentication
* Configure MFA Between RSA SecurID and the Firewall
* Configure MFA Between Okta and the Firewall
* Configure MFA Between Duo and the Firewall
* Configure SAML Authentication
* Configure Kerberos Single Sign-On
* Configure Kerberos Server Authentication
* Configure TACACS+ Authentication
* Configure RADIUS Authentication
* Configure LDAP Authentication
* Connection Timeouts for Authentication Servers
* Guidelines for Setting Authentication Server Timeouts
* Modify the PAN-OS Web Server Timeout
* Modify the Captive Portal Session Timeout
* Configure Local Database Authentication
* Configure an Authentication Profile and Sequence
* Test Authentication Server Connectivity
* Authentication Policy
* Authentication Timestamps
* Configure Authentication Policy
* Troubleshoot Authentication Issues
* Certificate Management
* Keys and Certificates
* Default Trusted Certificate Authorities (CAs)
* Certificate Revocation
* Certificate Revocation List (CRL)
* Online Certificate Status Protocol (OCSP)
* Certificate Deployment
* Set Up Verification for Certificate Revocation Status
* Configure an OCSP Responder
* Configure Revocation Status Verification of Certificates
* Configure Revocation Status Verification of Certificates Used for
SSL/TLS Decryption
* Configure the Master Key
* Obtain Certificates
* Create a Self-Signed Root CA Certificate
* Generate a Certificate
* Import a Certificate and Private Key
* Obtain a Certificate from an External CA
* Install a Device Certificate
* Restore an Expired Device Certificate
* Deploy Certificates Using SCEP
* Export a Certificate and Private Key
* Configure a Certificate Profile
* Configure an SSL/TLS Service Profile
* Replace the Certificate for Inbound Management Traffic
* Configure the Key Size for SSL Forward Proxy Server Certificates
* Revoke and Renew Certificates
* Revoke a Certificate
* Renew a Certificate
* Secure Keys with a Hardware Security Module
* Set Up Connectivity with an HSM
* Set Up Connectivity with a SafeNet Network HSM
* Set Up Connectivity with an nCipher nShield Connect HSM
* Encrypt a Master Key Using an HSM
* Encrypt the Master Key
* Refresh the Master Key Encryption
* Store Private Keys on an HSM
* Manage the HSM Deployment
* High Availability
* HA Overview
* HA Concepts
* HA Modes
* HA Links and Backup Links
* HA Ports on Palo Alto Networks Firewalls
* Device Priority and Preemption
* Failover
* LACP and LLDP Pre-Negotiation for Active/Passive HA
* Floating IP Address and Virtual MAC Address
* ARP Load-Sharing
* Route-Based Redundancy
* HA Timers
* Session Owner
* Session Setup
* NAT in Active/Active HA Mode
* ECMP in Active/Active HA Mode
* Set Up Active/Passive HA
* Prerequisites for Active/Passive HA
* Configuration Guidelines for Active/Passive HA
* Configure Active/Passive HA
* Define HA Failover Conditions
* Verify Failover
* Set Up Active/Active HA
* Prerequisites for Active/Active HA
* Configure Active/Active HA
* Determine Your Active/Active Use Case
* Use Case: Configure Active/Active HA with Route-Based Redundancy
* Use Case: Configure Active/Active HA with Floating IP Addresses
* Use Case: Configure Active/Active HA with ARP Load-Sharing
* Use Case: Configure Active/Active HA with Floating IP Address Bound
to Active-Primary Firewall
* Use Case: Configure Active/Active HA with Source DIPP NAT Using
Floating IP Addresses
* Use Case: Configure Separate Source NAT IP Address Pools for
Active/Active HA Firewalls
* Use Case: Configure Active/Active HA for ARP Load-Sharing with
Destination NAT
* Use Case: Configure Active/Active HA for ARP Load-Sharing with
Destination NAT in Layer 3
* Refresh HA1 SSH Keys and Configure Key Options
* HA Firewall States
* Reference: HA Synchronization
* Monitoring
* Use the Dashboard
* Use the Application Command Center
* ACC—First Look
* ACC Tabs
* ACC Widgets
* Widget Descriptions
* ACC Filters
* Interact with the ACC
* Use Case: ACC—Path of Information Discovery
* Use the App Scope Reports
* Summary Report
* Change Monitor Report
* Threat Monitor Report
* Threat Map Report
* Network Monitor Report
* Traffic Map Report
* Use the Automated Correlation Engine
* Automated Correlation Engine Concepts
* Correlation Object
* Correlated Events
* View the Correlated Objects
* Interpret Correlated Events
* Use the Compromised Hosts Widget in the ACC
* Take Packet Captures
* Types of Packet Captures
* Disable Hardware Offload
* Take a Custom Packet Capture
* Take a Threat Packet Capture
* Take an Application Packet Capture
* Take a Packet Capture for Unknown Applications
* Take a Custom Application Packet Capture
* Take a Packet Capture on the Management Interface
* Monitor Applications and Threats
* View and Manage Logs
* Log Types and Severity Levels
* Traffic Logs
* Threat Logs
* URL Filtering Logs
* WildFire Submissions Logs
* Data Filtering Logs
* Correlation Logs
* Tunnel Inspection Logs
* Config Logs
* System Logs
* HIP Match Logs
* GlobalProtect Logs
* IP-Tag Logs
* User-ID Logs
* Alarms Logs
* Authentication Logs
* Unified Logs
* View Logs
* Filter Logs
* Export Logs
* Use Case: Export Traffic Logs for a Date Range
* Configure Log Storage Quotas and Expiration Periods
* Schedule Log Exports to an SCP or FTP Server
* Monitor Block List
* View and Manage Reports
* Report Types
* View Reports
* Configure the Expiration Period and Run Time for Reports
* Disable Predefined Reports
* Custom Reports
* Generate Custom Reports
* Generate Botnet Reports
* Configure a Botnet Report
* Interpret Botnet Report Output
* Generate the SaaS Application Usage Report
* Manage PDF Summary Reports
* Generate User/Group Activity Reports
* Manage Report Groups
* Schedule Reports for Email Delivery
* Manage Report Storage Capacity
* View Policy Rule Usage
* Use External Services for Monitoring
* Configure Log Forwarding
* Configure Email Alerts
* Use Syslog for Monitoring
* Configure Syslog Monitoring
* Syslog Field Descriptions
* Traffic Log Fields
* Threat Log Fields
* URL Filtering Log Fields
* Data Filtering Log Fields
* HIP Match Log Fields
* GlobalProtect Log Fields
* GlobalProtect Log Fields for PAN-OS 9.1.0 Through 9.1.2
* GlobalProtect Log Fields for PAN-OS 9.1.3 and Later Releases
* IP-Tag Log Fields
* User-ID Log Fields
* Tunnel Inspection Log Fields
* SCTP Log Fields
* Authentication Log Fields
* Config Log Fields
* System Log Fields
* Correlated Events Log Fields
* GTP Log Fields
* Syslog Severity
* Custom Log/Event Format
* Escape Sequences
* SNMP Monitoring and Traps
* SNMP Support
* Use an SNMP Manager to Explore MIBs and Objects
* Identify a MIB Containing a Known OID
* Walk a MIB
* Identify the OID for a System Statistic or Trap
* Enable SNMP Services for Firewall-Secured Network Elements
* Monitor Statistics Using SNMP
* Forward Traps to an SNMP Manager
* Supported MIBs
* MIB-II
* IF-MIB
* HOST-RESOURCES-MIB
* ENTITY-MIB
* ENTITY-SENSOR-MIB
* ENTITY-STATE-MIB
* IEEE 802.3 LAG MIB
* LLDP-V2-MIB.my
* BFD-STD-MIB
* PAN-COMMON-MIB.my
* PAN-GLOBAL-REG-MIB.my
* PAN-GLOBAL-TC-MIB.my
* PAN-LC-MIB.my
* PAN-PRODUCT-MIB.my
* PAN-ENTITY-EXT-MIB.my
* PAN-TRAPS.my
* Forward Logs to an HTTP/S Destination
* NetFlow Monitoring
* Configure NetFlow Exports
* NetFlow Templates
* Firewall Interface Identifiers in SNMP Managers and NetFlow Collectors
* User-ID
* User-ID Overview
* User-ID Concepts
* Group Mapping
* User Mapping
* Server Monitoring
* Port Mapping
* XFF Headers
* Username Header Insertion
* Authentication Policy and Captive Portal
* Syslog
* GlobalProtect
* XML API
* Client Probing
* Enable User-ID
* Map Users to Groups
* Map IP Addresses to Users
* Create a Dedicated Service Account for the User-ID Agent
* Configure User Mapping Using the Windows User-ID Agent
* Install the Windows-Based User-ID Agent
* Configure the Windows User-ID Agent for User Mapping
* Configure User Mapping Using the PAN-OS Integrated User-ID Agent
* Configure Server Monitoring Using WinRM
* Configure User-ID to Monitor Syslog Senders for User Mapping
* Configure the PAN-OS Integrated User-ID Agent as a Syslog Listener
* Configure the Windows User-ID Agent as a Syslog Listener
* Map IP Addresses to Usernames Using Captive Portal
* Captive Portal Authentication Methods
* Captive Portal Modes
* Configure Captive Portal
* Configure User Mapping for Terminal Server Users
* Configure the Palo Alto Networks Terminal Server (TS) Agent for User
Mapping
* Retrieve User Mappings from a Terminal Server Using the PAN-OS XML
API
* Send User Mappings to User-ID Using the XML API
* Enable User- and Group-Based Policy
* Enable Policy for Users with Multiple Accounts
* Verify the User-ID Configuration
* Deploy User-ID in a Large-Scale Network
* Deploy User-ID for Numerous Mapping Information Sources
* Windows Log Forwarding and Global Catalog Servers
* Plan a Large-Scale User-ID Deployment
* Configure Windows Log Forwarding
* Configure User-ID for Numerous Mapping Information Sources
* Insert Username in HTTP Headers
* Redistribute User Mappings and Authentication Timestamps
* Firewall Deployment for User-ID Redistribution
* Configure User-ID Redistribution
* Share User-ID Mappings Across Virtual Systems
* App-ID
* App-ID Overview
* App-ID and HTTP/2 Inspection
* Manage Custom or Unknown Applications
* Manage New and Modified App-IDs
* Apply Tags to an Application Filter
* Create Custom Application Tags
* Workflow to Best Incorporate New and Modified App-IDs
* See the New and Modified App-IDs in a Content Release
* See How New and Modified App-IDs Impact Your Security Policy
* Ensure Critical New App-IDs are Allowed
* Monitor New App-IDs
* Disable and Enable App-IDs
* Use Application Objects in Policy
* Create an Application Group
* Create an Application Filter
* Create a Custom Application
* Resolve Application Dependencies
* Safely Enable Applications on Default Ports
* Applications with Implicit Support
* Security Policy Rule Optimization
* Policy Optimizer Concepts
* Sorting and Filtering Security Policy Rules
* Clear Application Usage Data
* Migrate Port-Based to App-ID Based Security Policy Rules
* Rule Cloning Migration Use Case: Web Browsing and SSL Traffic
* Add Applications to an Existing Rule
* Identify Security Policy Rules with Unused Applications
* High Availability for Application Usage Statistics
* How to Disable Policy Optimizer
* Application Level Gateways
* Disable the SIP Application-level Gateway (ALG)
* Use HTTP Headers to Manage SaaS Application Access
* Understand SaaS Custom Headers
* Domains used by the Predefined SaaS Application Types
* Create HTTP Header Insertion Entries using Predefined Types
* Create Custom HTTP Header Insertion Entries
* Maintain Custom Timeouts for Data Center Applications
* Threat Prevention
* Best Practices for Securing Your Network from Layer 4 and Layer 7
Evasions
* Set Up Antivirus, Anti-Spyware, and Vulnerability Protection
* DNS Security
* About DNS Security
* Domain Generation Algorithm (DGA) Detection
* DNS Tunneling Detection
* Cloud-Delivered DNS Signatures and Protections
* Enable DNS Security
* Use DNS Queries to Identify Infected Hosts on the Network
* How DNS Sinkholing Works
* Configure DNS Sinkholing
* Configure DNS Sinkholing for a List of Custom Domains
* Configure the Sinkhole IP Address to a Local Server on Your Network
* See Infected Hosts that Attempted to Connect to a Malicious Domain
* Data Filtering
* Create a Data Filtering Profile
* Predefined Data Filtering Patterns
* Set Up File Blocking
* Prevent Brute Force Attacks
* Customize the Action and Trigger Conditions for a Brute Force Signature
* Enable Evasion Signatures
* Prevent Credential Phishing
* Methods to Check for Corporate Credential Submissions
* Configure Credential Detection with the Windows User-ID Agent
* Set Up Credential Phishing Prevention
* Monitor Blocked IP Addresses
* Threat Signature Categories
* Create Threat Exceptions
* Custom Signatures
* Monitor and Get Threat Reports
* Monitor Activity and Create Custom Reports Based on Threat Categories
* Learn More About Threat Signatures
* AutoFocus Threat Intelligence for Network Traffic
* AutoFocus Intelligence Summary
* Enable AutoFocus Threat Intelligence
* View and Act on AutoFocus Intelligence Summary Data
* Share Threat Intelligence with Palo Alto Networks
* What Telemetry Data Does the Firewall Collect?
* Passive DNS Monitoring
* Enable Telemetry
* Threat Prevention Resources
* Decryption
* Decryption Overview
* Decryption Concepts
* Keys and Certificates for Decryption Policies
* SSL Forward Proxy
* SSL Forward Proxy Decryption Profile
* SSL Inbound Inspection
* SSL Inbound Inspection Decryption Profile
* SSL Protocol Settings Decryption Profile
* SSH Proxy
* SSH Proxy Decryption Profile
* Decryption Profile for No Decryption
* SSL Decryption for Elliptical Curve Cryptography (ECC) Certificates
* Perfect Forward Secrecy (PFS) Support for SSL Decryption
* SSL Decryption and Subject Alternative Names (SANs)
* High Availability Support for Decrypted Sessions
* Decryption Mirroring
* Prepare to Deploy Decryption
* Work with Stakeholders to Develop a Decryption Deployment Strategy
* Develop a PKI Rollout Plan
* Size the Decryption Firewall Deployment
* Plan a Staged, Prioritized Deployment
* Define Traffic to Decrypt
* Create a Decryption Profile
* Create a Decryption Policy Rule
* Configure SSL Forward Proxy
* Configure SSL Inbound Inspection
* Configure SSH Proxy
* Configure Server Certificate Verification for Undecrypted Traffic
* Decryption Exclusions
* Palo Alto Networks Predefined Decryption Exclusions
* Exclude a Server from Decryption for Technical Reasons
* Create a Policy-Based Decryption Exclusion
* Enable Users to Opt Out of SSL Decryption
* Temporarily Disable SSL Decryption
* Configure Decryption Port Mirroring
* Verify Decryption
* Decryption Broker
* How Decryption Broker Works
* Decryption Broker Concepts
* Decryption Broker: Forwarding Interfaces
* Decryption Broker: Layer 3 Security Chain
* Decryption Broker: Transparent Bridge Security Chain
* Decryption Broker: Security Chain Session Flow
* Decryption Broker: Multiple Security Chains
* Decryption Broker: Security Chain Health Checks
* Layer 3 Security Chain Guidelines
* Configure Decryption Broker with One or More Layer 3 Security Chain
* Transparent Bridge Security Chain Guidelines
* Configure Decryption Broker with a Single Transparent Bridge Security
Chain
* Configure Decryption Broker with Multiple Transparent Bridge Security
Chains
* Activate Free Licenses for Decryption Features
* URL Filtering
* About Palo Alto Networks URL Filtering Solution
* How Advanced URL Filtering Works
* URL Filtering Use Cases
* URL Categories
* Security-Focused URL Categories
* Malicious URL Categories
* Verified URL Categories
* Policy Actions You Can Take Based on URL Categories
* Plan Your URL Filtering Deployment
* URL Filtering Best Practices
* Activate The Advanced URL Filtering Subscription
* Configure URL Filtering
* Test URL Filtering Configuration
* Monitor Web Activity
* Monitor Web Activity of Network Users
* View the User Activity Report
* Configure Custom URL Filtering Reports
* Log Only the Page a User Visits
* Create a Custom URL Category
* URL Category Exceptions
* Use an External Dynamic List in a URL Filtering Profile
* Allow Password Access to Certain Sites
* Safe Search Enforcement
* Safe Search Settings for Search Providers
* Block Search Results When Strict Safe Search Is Not Enabled
* Transparently Enable Safe Search for Users
* URL Filtering Response Pages
* Customize the URL Filtering Response Pages
* HTTP Header Logging
* Request to Change the Category for a URL
* Troubleshoot URL Filtering
* Problems Activating Advanced URL Filtering
* PAN-DB Cloud Connectivity Issues
* URLs Classified as Not-Resolved
* Incorrect Categorization
* PAN-DB Private Cloud
* M-600 Appliance for PAN-DB Private Cloud
* Set Up the PAN-DB Private Cloud
* Configure the PAN-DB Private Cloud
* Configure the Firewalls to Access the PAN-DB Private Cloud
* Configure Authentication with Custom Certificates on the PAN-DB
Private Cloud
* Quality of Service
* QoS Overview
* QoS Concepts
* QoS for Applications and Users
* QoS Policy
* QoS Profile
* QoS Classes
* QoS Priority Queuing
* QoS Bandwidth Management
* QoS Egress Interface
* QoS for Clear Text and Tunneled Traffic
* Configure QoS
* Configure QoS for a Virtual System
* Enforce QoS Based on DSCP Classification
* QoS Use Cases
* Use Case: QoS for a Single User
* Use Case: QoS for Voice and Video Applications
* VPNs
* VPN Deployments
* Site-to-Site VPN Overview
* Site-to-Site VPN Concepts
* IKE Gateway
* Tunnel Interface
* Tunnel Monitoring
* Internet Key Exchange (IKE) for VPN
* IKE Phase 1
* IKE Phase 2
* Methods of Securing IPSec VPN Tunnels (IKE Phase 2)
* IKEv2
* Liveness Check
* Cookie Activation Threshold and Strict Cookie Validation
* Traffic Selectors
* Hash and URL Certificate Exchange
* SA Key Lifetime and Re-Authentication Interval
* Set Up Site-to-Site VPN
* Set Up an IKE Gateway
* Export a Certificate for a Peer to Access Using Hash and URL
* Import a Certificate for IKEv2 Gateway Authentication
* Change the Key Lifetime or Authentication Interval for IKEv2
* Change the Cookie Activation Threshold for IKEv2
* Configure IKEv2 Traffic Selectors
* Define Cryptographic Profiles
* Define IKE Crypto Profiles
* Define IPSec Crypto Profiles
* Set Up an IPSec Tunnel
* Set Up Tunnel Monitoring
* Define a Tunnel Monitoring Profile
* View the Status of the Tunnels
* Enable/Disable, Refresh or Restart an IKE Gateway or IPSec Tunnel
* Enable or Disable an IKE Gateway or IPSec Tunnel
* Refresh and Restart Behaviors
* Refresh or Restart an IKE Gateway or IPSec Tunnel
* Test VPN Connectivity
* Interpret VPN Error Messages
* Site-to-Site VPN Quick Configs
* Site-to-Site VPN with Static Routing
* Site-to-Site VPN with OSPF
* Site-to-Site VPN with Static and Dynamic Routing
* Large Scale VPN (LSVPN)
* LSVPN Overview
* Create Interfaces and Zones for the LSVPN
* Enable SSL Between GlobalProtect LSVPN Components
* About Certificate Deployment
* Deploy Server Certificates to the GlobalProtect LSVPN Components
* Deploy Client Certificates to the GlobalProtect Satellites Using SCEP
* Configure the Portal to Authenticate Satellites
* Configure GlobalProtect Gateways for LSVPN
* Configure the GlobalProtect Portal for LSVPN
* GlobalProtect Portal for LSVPN Prerequisite Tasks
* Configure the Portal
* Define the Satellite Configurations
* Prepare the Satellite to Join the LSVPN
* Verify the LSVPN Configuration
* LSVPN Quick Configs
* Basic LSVPN Configuration with Static Routing
* Advanced LSVPN Configuration with Dynamic Routing
* Advanced LSVPN Configuration with iBGP
* Networking
* Configure Interfaces
* Tap Interfaces
* Virtual Wire Interfaces
* Layer 2 and Layer 3 Packets over a Virtual Wire
* Port Speeds of Virtual Wire Interfaces
* LLDP over a Virtual Wire
* Aggregated Interfaces for a Virtual Wire
* Virtual Wire Support of High Availability
* Zone Protection for a Virtual Wire Interface
* VLAN-Tagged Traffic
* Virtual Wire Subinterfaces
* Configure Virtual Wires
* Layer 2 Interfaces
* Layer 2 Interfaces with No VLANs
* Layer 2 Interfaces with VLANs
* Configure a Layer 2 Interface
* Configure a Layer 2 Interface, Subinterface, and VLAN
* Manage Per-VLAN Spanning Tree (PVST+) BPDU Rewrite
* Layer 3 Interfaces
* Configure Layer 3 Interfaces
* Manage IPv6 Hosts Using NDP
* IPv6 Router Advertisements for DNS Configuration
* Configure RDNS Servers and DNS Search List for IPv6 Router
Advertisements
* NDP Monitoring
* Enable NDP Monitoring
* Configure an Aggregate Interface Group
* Use Interface Management Profiles to Restrict Access
* Virtual Routers
* Service Routes
* Static Routes
* Static Route Overview
* Static Route Removal Based on Path Monitoring
* Configure a Static Route
* Configure Path Monitoring for a Static Route
* RIP
* OSPF
* OSPF Concepts
* OSPFv3
* OSPF Neighbors
* OSPF Areas
* OSPF Router Types
* Configure OSPF
* Configure OSPFv3
* Configure OSPF Graceful Restart
* Confirm OSPF Operation
* View the Routing Table
* Confirm OSPF Adjacencies
* Confirm that OSPF Connections are Established
* BGP
* BGP Overview
* MP-BGP
* Configure BGP
* Configure a BGP Peer with MP-BGP for IPv4 or IPv6 Unicast
* Configure a BGP Peer with MP-BGP for IPv4 Multicast
* BGP Confederations
* IP Multicast
* IGMP
* PIM
* Shortest-Path Tree (SPT) and Shared Tree
* PIM Assert Mechanism
* Reverse-Path Forwarding
* Configure IP Multicast
* View IP Multicast Information
* Route Redistribution
* GRE Tunnels
* GRE Tunnel Overview
* Create a GRE Tunnel
* DHCP
* DHCP Overview
* Firewall as a DHCP Server and Client
* DHCP Messages
* DHCP Addressing
* DHCP Address Allocation Methods
* DHCP Leases
* DHCP Options
* Predefined DHCP Options
* Multiple Values for a DHCP Option
* DHCP Options 43, 55, and 60 and Other Customized Options
* Configure an Interface as a DHCP Server
* Configure an Interface as a DHCP Client
* Configure the Management Interface as a DHCP Client
* Configure an Interface as a DHCP Relay Agent
* Monitor and Troubleshoot DHCP
* View DHCP Server Information
* Clear DHCP Leases
* View DHCP Client Information
* Gather Debug Output about DHCP
* DNS
* DNS Overview
* DNS Proxy Object
* DNS Server Profile
* Multi-Tenant DNS Deployments
* Configure a DNS Proxy Object
* Configure a DNS Server Profile
* Use Case 1: Firewall Requires DNS Resolution
* Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolution for
Security Policies, Reporting, and Services within its Virtual System
* Use Case 3: Firewall Acts as DNS Proxy Between Client and Server
* DNS Proxy Rule and FQDN Matching
* Dynamic DNS Overview
* Configure Dynamic DNS for Firewall Interfaces
* NAT
* NAT Policy Rules
* NAT Policy Overview
* NAT Address Pools Identified as Address Objects
* Proxy ARP for NAT Address Pools
* Source NAT and Destination NAT
* Source NAT
* Destination NAT
* Destination NAT with DNS Rewrite Use Cases
* Destination NAT with DNS Rewrite Reverse Use Cases
* Destination NAT with DNS Rewrite Forward Use Cases
* NAT Rule Capacities
* Dynamic IP and Port NAT Oversubscription
* Dataplane NAT Memory Statistics
* Configure NAT
* Translate Internal Client IP Addresses to Your Public IP Address
(Source DIPP NAT)
* Enable Clients on the Internal Network to Access your Public Servers
(Destination U-Turn NAT)
* Enable Bi-Directional Address Translation for Your Public-Facing
Servers (Static Source NAT)
* Configure Destination NAT with DNS Rewrite
* Configure Destination NAT Using Dynamic IP Addresses
* Modify the Oversubscription Rate for DIPP NAT
* Reserve Dynamic IP NAT Addresses
* Disable NAT for a Specific Host or Interface
* NAT Configuration Examples
* Destination NAT Example—One-to-One Mapping
* Destination NAT with Port Translation Example
* Destination NAT Example—One-to-Many Mapping
* Source and Destination NAT Example
* Virtual Wire Source NAT Example
* Virtual Wire Static NAT Example
* Virtual Wire Destination NAT Example
* NPTv6
* NPTv6 Overview
* NPTv6 Does Not Provide Security
* Model Support for NPTv6
* Unique Local Addresses
* Reasons to Use NPTv6
* How NPTv6 Works
* Checksum-Neutral Mapping
* Bi-Directional Translation
* NPTv6 Applied to a Specific Service
* NDP Proxy
* NPTv6 and NDP Proxy Example
* The ND Cache in NPTv6 Example
* The NDP Proxy in NPTv6 Example
* The NPTv6 Translation in NPTv6 Example
* Neighbors in the ND Cache are Not Translated
* Create an NPTv6 Policy
* NAT64
* NAT64 Overview
* IPv4-Embedded IPv6 Address
* DNS64 Server
* Path MTU Discovery
* IPv6-Initiated Communication
* Configure NAT64 for IPv6-Initiated Communication
* Configure NAT64 for IPv4-Initiated Communication
* Configure NAT64 for IPv4-Initiated Communication with Port Translation
* ECMP
* ECMP Load-Balancing Algorithms
* ECMP Model, Interface, and IP Routing Support
* Configure ECMP on a Virtual Router
* Enable ECMP for Multiple BGP Autonomous Systems
* Verify ECMP
* LLDP
* LLDP Overview
* Supported TLVs in LLDP
* LLDP Syslog Messages and SNMP Traps
* Configure LLDP
* View LLDP Settings and Status
* Clear LLDP Statistics
* BFD
* BFD Overview
* BFD Model, Interface, and Client Support
* Non-Supported RFC Components of BFD
* BFD for Static Routes
* BFD for Dynamic Routing Protocols
* Configure BFD
* Reference: BFD Details
* Session Settings and Timeouts
* Transport Layer Sessions
* TCP
* TCP Half Closed and TCP Time Wait Timers
* Unverified RST Timer
* TCP Split Handshake Drop
* Maximum Segment Size (MSS)
* UDP
* ICMP
* Security Policy Rules Based on ICMP and ICMPv6 Packets
* ICMPv6 Rate Limiting
* Control Specific ICMP or ICMPv6 Types and Codes
* Configure Session Timeouts
* Configure Session Settings
* Session Distribution Policies
* Session Distribution Policy Descriptions
* Change the Session Distribution Policy and View Statistics
* Prevent TCP Split Handshake Session Establishment
* Tunnel Content Inspection
* Tunnel Content Inspection Overview
* Configure Tunnel Content Inspection
* View Inspected Tunnel Activity
* View Tunnel Information in Logs
* Create a Custom Report Based on Tagged Tunnel Traffic
* Policy
* Policy Types
* Security Policy
* Components of a Security Policy Rule
* Security Policy Actions
* Create a Security Policy Rule
* Policy Objects
* Security Profiles
* Create a Security Profile Group
* Set Up or Override a Default Security Profile Group
* Track Rules Within a Rulebase
* Enforce Policy Rule Description, Tag, and Audit Comment
* Move or Clone a Policy Rule or Object to a Different Virtual System
* Use an Address Object to Represent IP Addresses
* Address Objects
* Create an Address Object
* Use Tags to Group and Visually Distinguish Objects
* Create and Apply Tags
* Modify Tags
* View Rules by Tag Group
* Use an External Dynamic List in Policy
* External Dynamic List
* Formatting Guidelines for an External Dynamic List
* IP Address List
* Domain List
* URL List
* Built-in External Dynamic Lists
* Configure the Firewall to Access an External Dynamic List
* Configure the Firewall to Access an External Dynamic List from the EDL
Hosting Service
* Create an External Dynamic List Using the EDL Hosting Service
* Convert the GlobalSign Root R1 Certificate to PEM Format
* Retrieve an External Dynamic List from the Web Server
* View External Dynamic List Entries
* Exclude Entries from an External Dynamic List
* Enforce Policy on an External Dynamic List
* Find External Dynamic Lists That Failed Authentication
* Disable Authentication for an External Dynamic List
* Register IP Addresses and Tags Dynamically
* Use Dynamic User Groups in Policy
* Use Auto-Tagging to Automate Security Actions
* Monitor Changes in the Virtual Environment
* Enable VM Monitoring to Track Changes on the Virtual Network
* Attributes Monitored on Virtual Machines in Cloud Platforms
* Use Dynamic Address Groups in Policy
* CLI Commands for Dynamic IP Addresses and Tags
* Identify Users Connected through a Proxy Server
* Use XFF Values for Policies and Logging Source Users
* Use the IP Address in the XFF Header to Troubleshoot Events
* Policy-Based Forwarding
* PBF
* Egress Path and Symmetric Return
* Path Monitoring for PBF
* Service Versus Applications in PBF
* Create a Policy-Based Forwarding Rule
* Use Case: PBF for Outbound Access with Dual ISPs
* Application Override Policy
* Test Policy Rules
* Virtual Systems
* Virtual Systems Overview
* Virtual System Components and Segmentation
* Benefits of Virtual Systems
* Use Cases for Virtual Systems
* Platform Support and Licensing for Virtual Systems
* Administrative Roles for Virtual Systems
* Shared Objects for Virtual Systems
* Communication Between Virtual Systems
* Inter-VSYS Traffic That Must Leave the Firewall
* Inter-VSYS Traffic That Remains Within the Firewall
* External Zone
* External Zones and Security Policies For Traffic Within a Firewall
* Inter-VSYS Communication Uses Two Sessions
* Shared Gateway
* External Zones and Shared Gateway
* Networking Considerations for a Shared Gateway
* Configure Virtual Systems
* Configure Inter-Virtual System Communication within the Firewall
* Configure a Shared Gateway
* Customize Service Routes for a Virtual System
* Customize Service Routes to Services for Virtual Systems
* Configure a PA-7000 Series Firewall for Logging Per Virtual System
* Configure a PA-7000 Series LPC for Logging per Virtual System
* Configure a PA-7000 Series LFC for Logging per Virtual System
* Configure Administrative Access Per Virtual System or Firewall
* Virtual System Functionality with Other Features
* Zone Protection and DoS Protection
* Network Segmentation Using Zones
* How Do Zones Protect the Network?
* Zone Defense
* Zone Defense Tools
* How Do the Zone Defense Tools Work?
* Firewall Placement for DoS Protection
* Baseline CPS Measurements for Setting Flood Thresholds
* CPS Measurements to Take
* How to Measure CPS
* Zone Protection Profiles
* Flood Protection
* Reconnaissance Protection
* Packet-Based Attack Protection
* Protocol Protection
* Packet Buffer Protection
* DoS Protection Profiles and Policy Rules
* Classified Versus Aggregate DoS Protection
* DoS Protection Profiles
* DoS Protection Policy Rules
* Configure Zone Protection to Increase Network Security
* Configure Reconnaissance Protection
* Configure Packet Based Attack Protection
* Configure Protocol Protection
* Use Case: Non-IP Protocol Protection Between Security Zones on Layer
2 Interfaces
* Use Case: Non-IP Protocol Protection Within a Security Zone on Layer
2 Interfaces
* Configure Packet Buffer Protection
* DoS Protection Against Flooding of New Sessions
* Multiple-Session DoS Attack
* Single-Session DoS Attack
* Configure DoS Protection Against Flooding of New Sessions
* End a Single Session DoS Attack
* Identify Sessions That Use Too Much of the On-Chip Packet Descriptor
* Discard a Session Without a Commit
* Certifications
* Enable FIPS and Common Criteria Support
* Access the Maintenance Recovery Tool (MRT)
* Change the Operational Mode to FIPS-CC Mode
* FIPS-CC Security Functions
* Scrub the Swap Memory on Firewalls or Appliances Running in FIPS-CC Mode
*
Networking
Version
PAN-OS 10.1
* PAN-OS 10.1
* PAN-OS 10.2
* PAN-OS 11.0
* PAN-OS 11.1 & Later
* Networking
* Networking Introduction
* Configure Interfaces
* Tap Interfaces
* Virtual Wire Interfaces
* Layer 2 and Layer 3 Packets over a Virtual Wire
* Port Speeds of Virtual Wire Interfaces
* LLDP over a Virtual Wire
* Aggregated Interfaces for a Virtual Wire
* Virtual Wire Support of High Availability
* Zone Protection for a Virtual Wire Interface
* VLAN-Tagged Traffic
* Virtual Wire Subinterfaces
* Configure Virtual Wires
* Layer 2 Interfaces
* Layer 2 Interfaces with No VLANs
* Layer 2 Interfaces with VLANs
* Configure a Layer 2 Interface
* Configure a Layer 2 Interface, Subinterface, and VLAN
* Manage Per-VLAN Spanning Tree (PVST+) BPDU Rewrite
* Layer 3 Interfaces
* Configure Layer 3 Interfaces
* Manage IPv6 Hosts Using NDP
* IPv6 Router Advertisements for DNS Configuration
* Configure RDNS Servers and DNS Search List for IPv6 Router
Advertisements
* NDP Monitoring
* Enable NDP Monitoring
* Configure an Aggregate Interface Group
* Configure Bonjour Reflector for Network Segmentation
* Use Interface Management Profiles to Restrict Access
* Virtual Routers
* Virtual Router Overview
* Configure Virtual Routers
* Service Routes
* Service Routes Overview
* Configure Service Routes
* Static Routes
* Static Route Overview
* Static Route Removal Based on Path Monitoring
* Configure a Static Route
* Configure Path Monitoring for a Static Route
* RIP
* RIP Overview
* Configure RIP
* OSPF
* OSPF Concepts
* OSPFv3
* OSPF Neighbors
* OSPF Areas
* OSPF Router Types
* Configure OSPF
* Configure OSPFv3
* Configure OSPF Graceful Restart
* Confirm OSPF Operation
* View the Routing Table
* Confirm OSPF Adjacencies
* Confirm that OSPF Connections are Established
* BGP
* BGP Overview
* MP-BGP
* Configure BGP
* Configure a BGP Peer with MP-BGP for IPv4 or IPv6 Unicast
* Configure a BGP Peer with MP-BGP for IPv4 Multicast
* BGP Confederations
* IP Multicast
* IGMP
* PIM
* Shortest-Path Tree (SPT) and Shared Tree
* PIM Assert Mechanism
* Reverse-Path Forwarding
* Configure IP Multicast
* View IP Multicast Information
* Route Redistribution
* Route Redistribution Overview
* Configure Route Redistribution
* GRE Tunnels
* GRE Tunnel Overview
* Create a GRE Tunnel
* DHCP
* DHCP Overview
* Firewall as a DHCP Server and Client
* DHCP Messages
* DHCP Addressing
* DHCP Address Allocation Methods
* DHCP Leases
* DHCP Options
* Predefined DHCP Options
* Multiple Values for a DHCP Option
* DHCP Options 43, 55, and 60 and Other Customized Options
* Configure an Interface as a DHCP Server
* Configure an Interface as a DHCP Client
* Configure the Management Interface as a DHCP Client
* Configure an Interface as a DHCP Relay Agent
* Monitor and Troubleshoot DHCP
* View DHCP Server Information
* Clear DHCP Leases
* View DHCP Client Information
* Gather Debug Output about DHCP
* DNS
* DNS Overview
* DNS Proxy Object
* DNS Server Profile
* Multi-Tenant DNS Deployments
* Configure a DNS Proxy Object
* Configure a DNS Server Profile
* Use Case 1: Firewall Requires DNS Resolution
* Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolution for
Security Policies, Reporting, and Services within its Virtual System
* Use Case 3: Firewall Acts as DNS Proxy Between Client and Server
* DNS Proxy Rule and FQDN Matching
* DDNS
* Dynamic DNS Overview
* Configure Dynamic DNS for Firewall Interfaces
* NAT
* NAT Policy Rules
* NAT Policy Overview
* NAT Address Pools Identified as Address Objects
* Proxy ARP for NAT Address Pools
* Source NAT and Destination NAT
* Source NAT
* Destination NAT
* Destination NAT with DNS Rewrite Use Cases
* Destination NAT with DNS Rewrite Reverse Use Cases
* Destination NAT with DNS Rewrite Forward Use Cases
* NAT Rule Capacities
* Dynamic IP and Port NAT Oversubscription
* Dataplane NAT Memory Statistics
* Configure NAT
* Translate Internal Client IP Addresses to Your Public IP Address
(Source DIPP NAT)
* Enable Clients on the Internal Network to Access your Public Servers
(Destination U-Turn NAT)
* Enable Bi-Directional Address Translation for Your Public-Facing
Servers (Static Source NAT)
* Configure Destination NAT with DNS Rewrite
* Configure Destination NAT Using Dynamic IP Addresses
* Modify the Oversubscription Rate for DIPP NAT
* Reserve Dynamic IP NAT Addresses
* Disable NAT for a Specific Host or Interface
* NAT Configuration Examples
* Destination NAT Example—One-to-One Mapping
* Destination NAT with Port Translation Example
* Destination NAT Example—One-to-Many Mapping
* Source and Destination NAT Example
* Virtual Wire Source NAT Example
* Virtual Wire Static NAT Example
* Virtual Wire Destination NAT Example
* NPTv6
* NPTv6 Overview
* Unique Local Addresses
* Reasons to Use NPTv6
* How NPTv6 Works
* Checksum-Neutral Mapping
* Bi-Directional Translation
* NPTv6 Applied to a Specific Service
* NDP Proxy
* NPTv6 and NDP Proxy Example
* The ND Cache in NPTv6 Example
* The NDP Proxy in NPTv6 Example
* The NPTv6 Translation in NPTv6 Example
* Neighbors in the ND Cache are Not Translated
* Create an NPTv6 Policy
* NAT64
* NAT64 Overview
* IPv4-Embedded IPv6 Address
* DNS64 Server
* Path MTU Discovery
* IPv6-Initiated Communication
* Configure NAT64 for IPv6-Initiated Communication
* Configure NAT64 for IPv4-Initiated Communication
* Configure NAT64 for IPv4-Initiated Communication with Port Translation
* ECMP
* ECMP Load-Balancing Algorithms
* Configure ECMP on a Virtual Router
* Enable ECMP for Multiple BGP Autonomous Systems
* Verify ECMP
* LLDP
* LLDP Overview
* Supported TLVs in LLDP
* LLDP Syslog Messages and SNMP Traps
* Configure LLDP
* View LLDP Settings and Status
* Clear LLDP Statistics
* BFD
* BFD Overview
* BFD Model, Interface, and Client Support
* Non-Supported RFC Components of BFD
* BFD for Static Routes
* BFD for Dynamic Routing Protocols
* Configure BFD
* Reference: BFD Details
* Session Settings and Timeouts
* Transport Layer Sessions
* TCP
* TCP Half Closed and TCP Time Wait Timers
* Unverified RST Timer
* TCP Split Handshake Drop
* Maximum Segment Size (MSS)
* UDP
* ICMP
* Security Policy Rules Based on ICMP and ICMPv6 Packets
* ICMPv6 Rate Limiting
* Control Specific ICMP or ICMPv6 Types and Codes
* Configure Session Timeouts
* Configure Session Settings
* Session Distribution Policies
* Session Distribution Policy Descriptions
* Change the Session Distribution Policy and View Statistics
* Prevent TCP Split Handshake Session Establishment
* Tunnel Content Inspection
* Tunnel Content Inspection Overview
* Configure Tunnel Content Inspection
* View Inspected Tunnel Activity
* View Tunnel Information in Logs
* Create a Custom Report Based on Tagged Tunnel Traffic
* Tunnel Acceleration Behavior
* Disable Tunnel Acceleration
* Network Packet Broker
* Network Packet Broker Overview
* How Network Packet Broker Works
* Prepare to Deploy Network Packet Broker
* Configure Transparent Bridge Security Chains
* Configure Routed Layer 3 Security Chains
* Network Packet Broker HA Support
* User Interface Changes for Network Packet Broker
* Limitations of Network Packet Broker
* Troubleshoot Network Packet Broker
*
AIOps
* AIOps for NGFW
* Regions for AIOps for NGFW
* Free and Premium Features
* How to Activate AIOps for NGFW
* Where Are My AIOps for NGFW Features?
* Panorama CloudConnector Plugin
* Get Alert Notifications
* Export Metadata for Troubleshooting
* Troubleshoot NGFW Connectivity and Policy Enforcement Anomalies
* Device Telemetry for AIOps for NGFW
* Enable Telemetry on Devices
* Domains Required for AIOps for NGFW
* Utilize Activity Dashboards
* View Executive Summary
* Monitor WildFire
* Monitor DNS Security
* Monitor Advanced Threat Prevention
* Optimize Security Posture
* Monitor Security Posture Insights
* Monitor Feature Adoption
* Monitor Feature Configuration
* Monitor Security Advisories
* Monitor Security Subscriptions
* Assess Vulnerabilities
* Build a Custom Dashboard
* Monitor Compliance Summary
* Configure Security Checks And Other Posture Settings
* Proactively Enforce Security Checks
* Policy Analyzer
* Pre-Change Policy Analysis
* Pre-Change Policy Analysis Reports
* Post-Change Policy Analysis
* NGFW Health and Software Management
* View Network Usage
* View Device Health
* Get Upgrade Recommendations
* Analyze Metric Capacity
* Best Practices in NGFWs
* On-Demand BPA Report
* Generate Your BPA & Adoption Summary Report, On Demand
* Best Practices
*
Incidents & Alerts
* Alerts
* Manage Alerts
* View Alert Details
* View Probable Causes
* Forecasting and Anomaly Detection
* Manage Capacity Analyzer Alerts
* CPU Usage Metrics in AIOps for NGFW
* Create a Notification Rule
* Integrating with ServiceNow
* AIOps for NGFW Alerts Reference
* Premium Health Alerts
* Free Health Alerts
* Service Alerts
* Alerts Raised by Leveraging Machine Learning
* Incidents
* View Incident Details
*
Release Notes
Version
Cloud Management and AIOps for NGFW
* Cloud Management and AIOps for NGFW
* PAN-OS 10.0 (EoL)
* PAN-OS 10.1
* PAN-OS 10.2
* PAN-OS 11.0
* PAN-OS 11.1
* PAN-OS 11.2
* PAN-OS 8.1 (EoL)
* PAN-OS 9.0 (EoL)
*
* New Features for AIOps for NGFW
* New Features in May 2024
* New Features in April 2024
* New Features in March 2024
* New Features in February 2024
* New Features in December 2023
* New Features in November 2023
* New Features in September 2023
* New Features Through August 2023
* Known and Addressed Issues
* Feature History for AIOps for NGFW
End-of-Life (EoL)
--------------------------------------------------------------------------------
Previous
Traffic Log Fields
Next
URL Filtering Log Fields
--------------------------------------------------------------------------------
THREAT LOG FIELDS
Format
: FUTURE_USE, Receive Time, Serial Number, Type, Threat/Content Type,
FUTURE_USE, Generated Time, Source Address, Destination Address, NAT Source IP,
NAT Destination IP, Rule Name, Source User, Destination User, Application,
Virtual System, Source Zone, Destination Zone, Inbound Interface, Outbound
Interface, Log Action, FUTURE_USE, Session ID, Repeat Count, Source Port,
Destination Port, NAT Source Port, NAT Destination Port, Flags, Protocol,
Action, URL/Filename, Threat ID, Category, Severity, Direction, Sequence Number,
Action Flags, Source Location, Destination Location, FUTURE_USE, Content Type,
PCAP_ID, File Digest, Cloud, URL Index, User Agent, File Type, X-Forwarded-For,
Referer, Sender, Subject, Recipient, Report ID, Device Group Hierarchy Level 1,
Device Group Hierarchy Level 2, Device Group Hierarchy Level 3, Device Group
Hierarchy Level 4, Virtual System Name, Device Name, FUTURE_USE, Source VM UUID,
Destination VM UUID, HTTP Method, Tunnel ID/IMSI, Monitor Tag/IMEI, Parent
Session ID, Parent Start Time, Tunnel Type, Threat Category, Content Version,
FUTURE_USE, SCTP Association ID, Payload Protocol ID, HTTP Headers, URL Category
List, Rule UUID, HTTP/2 Connection, Dynamic User Group Name
Field Name
Description
Receive Time (receive_time or cef-formatted-receive_time)
Time the log was received at the management plane.
Serial Number (serial #)
Serial number of the firewall that generated the log.
Type (type)
Specifies the type of log; value is THREAT.
Threat/Content Type (subtype)
Subtype of threat log. Values include the following:
data—Data pattern matching a Data Filtering profile.
file—File type matching a File Blocking profile.
flood—Flood detected via a Zone Protection profile.
packet—Packet-based attack protection triggered by a Zone Protection profile.
scan—Scan detected via a Zone Protection profile.
spyware —Spyware detected via an Anti-Spyware profile.
url—URL filtering log.
virus—Virus detected via an Antivirus profile.
vulnerability —Vulnerability exploit detected via a Vulnerability Protection
profile.
wildfire —A WildFire verdict generated when the firewall submits a file to
WildFire per a WildFire Analysis profile and a verdict (malware, phishing,
grayware, or benign, depending on what you are logging) is logged in the
WildFire Submissions log.
wildfire-virus—Virus detected via an Antivirus profile.
Generate Time (time_generated or cef-formatted-time_generated)
Time the log was generated on the dataplane.
Source address (src)
Original session source IP address.
Destination address (dst)
Original session destination IP address.
NAT Source IP (natsrc)
If source NAT performed, the post-NAT source IP address.
NAT Destination IP (natdst)
If destination NAT performed, the post-NAT destination IP address.
Rule Name (rule)
Name of the rule that the session matched.
Source User (srcuser)
Username of the user who initiated the session.
Destination User (dstuser)
Username of the user to which the session was destined.
Application (app)
Application associated with the session.
Virtual System (vsys)
Virtual System associated with the session.
Source Zone (from)
Zone the session was sourced from.
Destination Zone (to)
Zone the session was destined to.
Inbound Interface (inbound_if)
Interface that the session was sourced from.
Outbound Interface (outbound_if)
Interface that the session was destined to.
Log Action (logset)
Log Forwarding Profile that was applied to the session.
Session ID (sessionid)
An internal numerical identifier applied to each session.
Repeat Count (repeatcnt)
Number of sessions with same Source IP, Destination IP, Application, and
Content/Threat Type seen within 5 seconds.
Source Port (sport)
Source port utilized by the session.
Destination Port (dport)
Destination port utilized by the session.
NAT Source Port (natsport)
Post-NAT source port.
NAT Destination Port (natdport)
Post-NAT destination port.
Flags (flags)
32-bit field that provides details on session; this field can be decoded by
AND-ing the values with the logged value:
0x80000000—session has a packet capture (PCAP)
0x40000000—option is enabled to allow a client to use multiple paths to connect
to a destination host
0x20000000—indicates whether a sample has been submitted for analysis using the
WildFire public or private cloud channel
0x10000000—enterprise credential submission by end user detected
0x08000000— source for the flow is on an allow list and not subject to recon
protection
0x02000000—IPv6 session
0x01000000—SSL session is decrypted (SSL Proxy)
0x00800000—session is denied via URL filtering
0x00400000—session has a NAT translation performed
0x00200000—user information for the session was captured through Captive Portal
0x00100000—application traffic is on a non-standard destination port
0x00080000 —X-Forwarded-For value from a proxy is in the source user field
0x00040000 —log corresponds to a transaction within a http proxy session (Proxy
Transaction)
0x00020000—Client to Server flow is subject to policy based forwarding
0x00010000—Server to Client flow is subject to policy based forwarding
0x00008000 —session is a container page access (Container Page)
0x00002000 —session has a temporary match on a rule for implicit application
dependency handling. Available in PAN-OS 5.0.0 and above.
0x00000800 —symmetric return is used to forward traffic for this session
0x00000400—decrypted traffic is being sent out clear text through a mirror port
0x00000010—payload of the outer tunnel is being inspected
IP Protocol (proto)
IP protocol associated with the session.
Action (action)
Action taken for the session; values are alert, allow, deny, drop,
drop-all-packets, reset-client, reset-server, reset-both, block-url.
alert—threat or URL detected but not blocked
allow— flood detection alert
deny—flood detection mechanism activated and deny traffic based on configuration
drop— threat detected and associated session was dropped
reset-client —threat detected and a TCP RST is sent to the client
reset-server —threat detected and a TCP RST is sent to the server
reset-both —threat detected and a TCP RST is sent to both the client and the
server
block-url —URL request was blocked because it matched a URL category that was
set to be blocked
block-ip—threat detected and client IP is blocked
random-drop—flood detected and packet was randomly dropped
sinkhole—DNS sinkhole activated
syncookie-sent—syncookie alert
block-continue (URL subtype only)—a HTTP request is blocked and redirected to a
Continue page with a button for confirmation to proceed
continue (URL subtype only)—response to a block-continue URL continue page
indicating a block-continue request was allowed to proceed
block-override (URL subtype only)—a HTTP request is blocked and redirected to an
Admin override page that requires a pass code from the firewall administrator to
continue
override-lockout (URL subtype only)—too many failed admin override pass code
attempts from the source IP. IP is now blocked from the block-override redirect
page
override (URL subtype only)—response to a block-override page where a correct
pass code is provided and the request is allowed
block (Wildfire only)—file was blocked by the firewall and uploaded to Wildfire
URL/Filename (misc)
Field with variable length. A Filename has a maximum of 63 characters. A URL has
a maximum of 1023 characters
The actual URI when the subtype is url
File name or file type when the subtype is file
File name when the subtype is virus
File name when the subtype is wildfire-virus
File name when the subtype is wildfire
URL or File name when the subtype is vulnerability if applicable
Threat/Content Name (threatid)
Palo Alto Networks identifier for the threat. It is a description string
followed by a 64-bit numerical identifier in parentheses for some Subtypes:
8000 – 8099— scan detection
8500 – 8599— flood detection
9999— URL filtering log
10000 – 19999 —spyware phone home detection
20000 – 29999 —spyware download detection
30000 – 44999 —vulnerability exploit detection
52000 – 52999— filetype detection
60000 – 69999 —data filtering detection
Threat ID ranges for virus detection, WildFire signature feed, and DNS C2
signatures used in previous releases have been replaced with permanent, globally
unique IDs. Refer to the Threat/Content Type (subtype) and Threat Category
(thr_category) field names to create updated reports, filter threat logs, and
ACC activity.
Category (category)
For URL Subtype, it is the URL Category; For WildFire subtype, it is the verdict
on the file and is either ‘malware’, ‘phishing’, ‘grayware’, or ‘benign’; For
other subtypes, the value is ‘any’.
Severity (severity)
Severity associated with the threat; values are informational, low, medium,
high, critical.
Direction (direction)
Indicates the direction of the attack, client-to-server or server-to-client:
0—direction of the threat is client to server
1—direction of the threat is server to client
Sequence Number (seqno)
A 64-bit log entry identifier incremented sequentially. Each log type has a
unique number space.
Action Flags (actionflags)
A bit field indicating if the log was forwarded to Panorama.
Source Country (srcloc)
Source country or Internal region for private addresses. Maximum length is 32
bytes.
Destination Country (dstloc)
Destination country or Internal region for private addresses. Maximum length is
32 bytes.
Content Type (contenttype)
Applicable only when Subtype is URL.
Content type of the HTTP response data. Maximum length 32 bytes.
PCAP ID (pcap_id)
The packet capture (pcap) ID is a 64 bit unsigned integral denoting an ID to
correlate threat pcap files with extended pcaps taken as a part of that flow.
All threat logs will contain either a pcap_id of 0 (no associated pcap), or an
ID referencing the extended pcap file.
File Digest (filedigest)
Only for WildFire subtype; all other types do not use this field
The filedigest string shows the binary hash of the file sent to be analyzed by
the WildFire service.
Cloud (cloud)
Only for WildFire subtype; all other types do not use this field.
The cloud string displays the FQDN of either the WildFire appliance (private) or
the WildFire cloud (public) from where the file was uploaded for analysis.
URL Index (url_idx)
Used in URL Filtering and WildFire subtypes.
When an application uses TCP keepalives to keep a connection open for a length
of time, all the log entries for that session have a single session ID. In such
cases, when you have a single threat log (and session ID) that includes multiple
URL entries, the url_idx is a counter that allows you to correlate the order of
each log entry within the single session.
For example, to learn the URL of a file that the firewall forwarded to WildFire
for analysis, locate the session ID and the url_idx from the WildFire
Submissions log and search for the same session ID and url_idx in your URL
filtering logs. The log entry that matches the session ID and url_idx will
contain the URL of the file that was forwarded to WildFire.
User Agent (user_agent)
Only for the URL Filtering subtype; all other types do not use this field.
The User Agent field specifies the web browser that the user used to access the
URL, for example Internet Explorer. This information is sent in the HTTP request
to the server.
File Type (filetype)
Only for WildFire subtype; all other types do not use this field.
Specifies the type of file that the firewall forwarded for WildFire analysis.
X-Forwarded-For (xff)
Only for the URL Filtering subtype; all other types do not use this field.
The X-Forwarded-For field in the HTTP header contains the IP address of the user
who requested the web page. It allows you to identify the IP address of the
user, which is useful particularly if you have a proxy server on your network
that replaces the user IP address with its own address in the source IP address
field of the packet header.
Based on different appliance implementations, the XFF field may contain non-IP
address values.
Referer (referer)
Only for the URL Filtering subtype; all other types do not use this field.
The Referer field in the HTTP header contains the URL of the web page that
linked the user to another web page; it is the source that redirected (referred)
the user to the web page that is being requested.
Sender (sender)
Specifies the name of the sender of an email.
Subject (subject)
Specifies the subject of an email.
Recipient (recipient)
Specifies the name of the receiver of an email.
Report ID (reportid)
Only for WildFire subtype; all other types do not use this field.
Identifies the analysis request on the WildFire cloud or the WildFire appliance.
Device Group Hierarchy (dg_hier_level_1 to dg_hier_level_4)
A sequence of identification numbers that indicate the device group’s location
within a device group hierarchy. The firewall (or virtual system) generating the
log includes the identification number of each ancestor in its device group
hierarchy. The shared device group (level 0) is not included in this structure.
If the log values are 12, 34, 45, 0, it means that the log was generated by a
firewall (or virtual system) that belongs to device group 45, and its ancestors
are 34, and 12. To view the device group names that correspond to the value 12,
34 or 45, use one of the following methods:
API query:
/api/?type=op&cmd=<show><dg-hierarchy></dg-hierarchy></show>
Virtual System Name (vsys_name)
The name of the virtual system associated with the session; only valid on
firewalls enabled for multiple virtual systems.
Device Name (device_name)
The hostname of the firewall on which the session was logged.
Source VM UUID (src_uuid)
Identifies the source universal unique identifier for a guest virtual machine in
the VMware NSX environment.
Destination VM UUID (dst_uuid)
Identifies the destination universal unique identifier for a guest virtual
machine in the VMware NSX environment.
HTTP Method (http_method)
Only in URL filtering logs. Describes the HTTP Method used in the web request.
Only the following methods are logged: Connect, Delete, Get, Head, Options,
Post, Put.
Tunnel ID/IMSI (tunnel_id/imsi)
International Mobile Subscriber Identity (IMSI) is a unique number allocated to
each mobile subscriber in the GSM/UMTS/EPS system. IMSI shall consist of decimal
digits (0 through 9) only and maximum number of digits allowed are 15.
Monitor Tag/IMEI (monitortag/imei)
International Mobile Equipment Identity (IMEI) is a unique 15 or 16 digit number
allocated to each mobile station equipment.
Parent Session ID (parent_session_id)
ID of the session in which this session is tunneled. Applies to inner tunnel (if
two levels of tunneling) or inside content (if one level of tunneling) only.
Parent Session Start Time (parent_start_time)
Year/month/day hours:minutes:seconds that the parent tunnel session began.
Tunnel Type (tunnel)
Type of tunnel, such as GRE or IPSec.
Threat Category (thr_category)
Describes threat categories used to classify different types of threat
signatures.
Content Version (contentver)
Applications and Threats version on your firewall when the log was generated.
SCTP Association ID (assoc_id)
Number that identifies all connections for an association between two SCTP
endpoints.
Payload Protocol ID (ppid)
ID of the protocol for the payload in the data portion of the data chunk.
HTTP Headers (http_headers)
Indicates the inserted HTTP header in the URL log entries on the firewall.
URL Category List
Lists the URL filtering categories that the firewall used to enforce policy.
Rule UUID (rule_uuid)
The UUID that permanently identifies the rule.
HTTP/2 Connection
Identifies if traffic used an HTTP/2 connection by displaying one of the
following values:
TCP connection session ID—session is HTTP/2
0—session is not HTTP/2
Dynamic User Group Name (dynusergroup_name)
The name of the dynamic user group that contains the user who initiated the
session.
--------------------------------------------------------------------------------
Previous
Traffic Log Fields
Next
URL Filtering Log Fields
--------------------------------------------------------------------------------
RECOMMENDED FOR YOU
No results for undefined
ON THIS PAGE
ACTIVATION & ONBOARDING
--------------------------------------------------------------------------------
Strata Cloud Manager
Activate a License or Product
Cloud Identity Engine
Strata Logging Service
Device Associations
Hub
Identity and Access Management
Tenant Management
NEXT-GENERATION FIREWALLS
--------------------------------------------------------------------------------
AIOps for NGFW
Cloud Management for NGFWs
Cloud NGFW for AWS
Cloud NGFW for Azure
CN-Series
Firewalls
PAN-OS
PAN-OS SD-WAN
Service Provider
VM-Series
CLOUD-DELIVERED SECURITY SERVICES
--------------------------------------------------------------------------------
Advanced WildFire
Advanced URL Filtering
Advanced Threat Prevention
DNS Security
IoT Security
Enterprise DLP
SaaS Security
NETWORK SECURITY
--------------------------------------------------------------------------------
Shared Policy for NGFWs and Prisma Access
IPSec VPN
Security Policy
Quantum Security
VISIBILITY & MONITORING
--------------------------------------------------------------------------------
Dashboards
Incidents and Alerts
Reports
Autonomous DEM
BEST PRACTICES
--------------------------------------------------------------------------------
Best Practices Library
EXPERTS CORNER
--------------------------------------------------------------------------------
Solutions Docs from Product Experts
PAN-OS PAN-OS 9.1 (EoL) Next-Generation Firewall 9.1 Network Security Strata
Administration Syslog Reporting and Logging Logs
TECHNICAL DOCUMENTATION
--------------------------------------------------------------------------------
* Release Notes
* Search
* Blog
* Compatibility Matrix
* OSS Listings
* Sitemap
COMPANY
--------------------------------------------------------------------------------
* About
* Careers
* Customer Support
* LIVE Community
* Knowledge Base
LEGAL NOTICES
--------------------------------------------------------------------------------
* Privacy
* Trust Center
* Terms of Use
* Documents
© 2024 Palo Alto Networks, Inc. All rights reserved.
xThanks for visiting https://docs.paloaltonetworks.com. To improve your
experience when accessing content across our site, please add the domain to the
allow list on your ad blocker application.