Next-Generation Firewall
Use Global Find to Search the Firewall or Panorama Management Server
Table of Contents
Use Global Find to Search the Firewall or Panorama Management Server
Use the Global Find feature to search and locate configuration settings, objects, and
policies across your NGFW or Panorama management server using the web interface.
| Where Can I Use This? | What Do I Need? |
|---|---|
| NGFW (Managed by PAN-OS or Panorama) |
|
Global Find enables you to search the candidate configuration on a firewall or on Panorama for a
particular string, such as an IP address, object name, policy rule name, threat ID,
UUID, or application name. In addition to searching for configuration objects and
settings, you can search by job ID or job type for manual commits that
administrators performed or auto-commits that the firewall or Panorama performed.
You can also use Global Find to search for IP addresses within external dynamic
lists. The search results are grouped by category and provide links to the
configuration location in the web interface, so that you can easily find all of the
places where the string is referenced. The search results also help you identify
other objects that depend on or make reference to the search term or string. For
example, when deprecating a security profile enter the profile name in Global Find
to locate all instances of the profile and then click each instance to navigate to
the configuration page and make the necessary change. After all references are
removed, you can then delete the profile. You can do this for any configuration item
that has dependencies.
Global
Find does not search dynamic content (such as logs, address ranges,
or allocated DHCP addresses). In the case of DHCP, you can search on
a DHCP server attribute, such as the DNS entry, but you cannot search
for individual addresses allocated to users. Global Find also does
not search for individual user or group names identified by User-ID
unless the user/group is defined in a policy. In general, you can
only search content that the firewall writes to the configuration.
- Launch Global Find by clicking the Search icon located on the upper right of the web interface.
![]()
To access the Global Find from within a configuration area, click the drop-down next to an item and select Global Find:![]()
For example, click Global Find on a zone named Users to search the candidate configuration for each location where the zone is referenced. The following screen capture shows the search results for the zone Users:![]()
Search tips:- If you initiate a search on a firewall that has multiple virtual systems enabled or if custom administrative role types are defined, Global Find will only return results for areas of the firewall in which the administrator has permissions. The same applies to Panorama device groups.
- Spaces in search terms are handled as AND operations. For example, if you search on corp policy, the search results include instances where corp and policy exist in the configuration.
- To find an exact phrase, enclose the phrase in quotation marks.
- Enter no more than five keywords or use an exact phrase match with quotation marks.
- To rerun a previous search, click Search (located on the upper right of the web interface) to see a list of the last 20 searches. Click an item in the list to rerun that search. Search history is unique to each administrator account.
- To search for a UUID, you must copy and paste the UUID.
