Next-Generation Firewall
Use Global Find to Search the Firewall or Panorama Management Server
Table of Contents
Use Global Find to Search the Firewall or Panorama Management Server
Use the Global Find feature to search and locate configuration settings, objects, and
policies across your NGFW or Panorama management server using the web interface.
| Where Can I Use This? | What Do I Need? |
|---|---|
| NGFW (Managed by PAN-OS or Panorama) |
|
Global Find enables you to search the candidate configuration on a firewall or on
Panorama for a particular string, such as an IP address, object name, policy rule
name, threat ID, UUID, or application name. In addition to searching for
configuration objects and settings, you can search by job ID or job type for manual
commits that administrators performed or auto-commits that the firewall or Panorama
performed. You can also use Global Find to search for IP addresses within external
dynamic lists. The search results are grouped by category and provide links to the
configuration location in the web interface, so that you can easily find all of the
places where the string is referenced. The search results also help you identify
other objects that depend on or make reference to the search term or string. For
example, when deprecating a security profile enter the profile name in Global Find
to locate all instances of the profile and then click each instance to navigate to
the configuration page and make the necessary change. After all references are
removed, you can then delete the profile. You can do this for any configuration item
that has dependencies.
With (12.1.2 and later releases) Global Find is optimized to provide a more
targeted and enhanced search experience. It significantly improves responsiveness
when searching for a large database or configuration, and when multiple
administrators work simultaneously on the system.
The Optimized Search prioritizes and searches for the most relevant records
based on admin-usage patterns. The new usage-based search returns results in
batches, preventing the user interface from freezing during intensive searches. This
substantially reduces search times across large configurations. You can also choose
to exclusively search for UUIDs or Template References by selecting the Search UUIDs
and Include Template References options respectively.
Global Find does not search dynamic content (such as logs, address ranges, or
allocated DHCP addresses). In the case of DHCP, you can search on a DHCP server
attribute, such as the DNS entry, but you cannot search for individual addresses
allocated to users. Global Find also does not search for individual user or
group names identified by User-ID unless the user/group is defined in a policy.
In general, you can only search content that the firewall writes to the
configuration.
PAN-OS 11.1 and earlier
- Launch Global Find by clicking the Search icon located on the upper right of the web interface.
![]()
To access the Global Find from within a configuration area, click the drop-down next to an item and select Global Find:![]()
For example, click Global Find on a zone named Users to search the candidate configuration for each location where the zone is referenced. The following screen capture shows the search results for the zone Users:![]()
Search tips:- If you initiate a search on a firewall that has multiple virtual systems enabled or if custom administrative role types are defined, Global Find will only return results for areas of the firewall in which the administrator has permissions. The same applies to Panorama device groups.
- Spaces in search terms are handled as AND operations. For example, if you search on corp policy, the search results include instances where corp and policy exist in the configuration.
- To find an exact phrase, enclose the phrase in quotation marks.
- Enter no more than five keywords or use an exact phrase match with quotation marks.
- To rerun a previous search, click Search (located on the upper right of the web interface) to see a list of the last 20 searches. Click an item in the list to rerun that search. Search history is unique to each administrator account.
- To search for a UUID, you must copy and paste the UUID.
PAN-OS 12.1.2 and later
- Launch Global Find by clicking the Search icon located on the upper right of the web interface.
![]()
To access the Global Find from within a configuration area, click the drop-down next to an item and select Global Find:![]()
For example, click Global Find on a zone named LAN to search the candidate configuration for each location where the zone is referenced.![]()
The Optimized Search Results dialog provides the following options:- Search UUIDs: Use this option to perform targeted search exclusively for UUIDs.
- Include Template References: Use this option to perform targeted search exclusively for template references.
- Optimized Search: Use this option to prioritize search results based on admin usage patterns. The system returns the most relevant results in batches. This substantially reduces overall search times.
Search tips:- If you initiate a search on a firewall that has multiple virtual systems enabled or if custom administrative role types are defined, Global Find will only return results for areas of the firewall in which the administrator has permissions. The same applies to Panorama device groups.
- Spaces in search terms are handled as AND operations. For example, if you search on corp policy, the search results include instances where corp and policy exist in the configuration.
- To find an exact phrase, enclose the phrase in quotation marks.
- Enter no more than five keywords or use an exact phrase match with quotation marks.
- To rerun a previous search, click Search (located on the upper right of the web interface) to see a list of the last 20 searches. Click an item in the list to rerun that search. Search history is unique to each administrator account.
- To search for a UUID, you must copy and paste the UUID.
