PAN-OS OpenConfig Administrator’s Guide
    : Manage Logging
    Focus
    Download PDF
    Focus
    1. Home
    2. OpenConfig
    3. PAN-OS OpenConfig Administrator’s Guide
    4. PAN-OS Models
    5. PAN-OS OpenConfig Logging
    6. Manage Logging
    Download PDF

    PAN-OS OpenConfig Administrator’s Guide

    Manage Logging

    Table of Contents

    Manage Logging

    Examples to Run Logging Models
    You can use the OpenConfig plugin to manage and view logs defined in the YANG model available on the Palo Alto Networks YANG repository.

    Predefined

    The following query retrieves a log defined by Palo Alto Networks:
    gnmic -u USER -p PASSWORD -a IP:9339 subscribe --mode once --encoding JSON_IETF --timeout 300s --path "pan/logging/query/predefined/system_log"
    The following is a response from the provided query above:
    {
  "source": "10.124.160.118:9339",
  "subscription-name": "default-1683620665",
  "timestamp": 1683620665000000000,
  "time": "2023-05-09T13:54:25+05:30",
  "updates": [
    {
      "Path": "/pan/logging/query/predefined/system_log",
      "values": {
        "/pan/logging/query/predefined/system_log": {
          "code": "Code(200)",
          "data_line_1": {
            "actionflags": "0x0",
            "config_ver": "2817",
            "device_name": "lranadive-india-10.1.5",
            "dg_hier_level_1": "0",
            "dg_hier_level_2": "0",
            "dg_hier_level_3": "0",
            "dg_hier_level_4": "0",
            "dg_id": "0",
            "domain": "1",
            "eventid": "general",
            "fmt": "0",
            "high_res_timestamp": "2023-05-09T01:21:34.388-07:00",
            "id": "0",
            "module": "general",
            "object": "API",
            "opaque": "Can not generate an API key for user 'admin' from 127.0.0.1 ; API key certificate is not configured",
            "receive_time": "2023/05/09 01:21:34",
            "seqno": "7230758565881840053",
            "serial": "007199000000843",
            "severity": "critical",
            "subtype": "general",
            "time_generated": "2023/05/09 01:21:34",
            "tpl_id": "0",
            "type": "SYSTEM",
            "vsys": "",
            "vsys_name": ""
          },
          "data_line_2": {
            "actionflags": "0x0",
            "config_ver": "2817",
            "device_name": "lranadive-india-10.1.5",
            "dg_hier_level_1": "0",
            "dg_hier_level_2": "0",
            "dg_hier_level_3": "0",
            "dg_hier_level_4": "0",
            "dg_id": "0",
            "domain": "1",
            "eventid": "general",
            "fmt": "0",
            "high_res_timestamp": "2023-05-09T01:06:08.588-07:00",
            "id": "0",
            "module": "general",
            "object": "",
            "opaque": "Failed to renew device certificate.Invalid serial number. Device is not registered.",
            "receive_time": "2023/05/09 01:06:08",
            "seqno": "7230758565881840048",
            "serial": "007199000000843",
            "severity": "critical",
            "subtype": "general",
            "time_generated": "2023/05/09 01:06:08",
            "tpl_id": "0",
            "type": "SYSTEM",
            "vsys": "",
            "vsys_name": ""
          },
          "total_lines": "2"
        }
      }
    }
  ]
}

    Custom

    The following query retrieves a custom log defined by the filters you provide:
    gnmic -u USER -p PASSWORD -a IP:9339 subscribe --mode once --encoding JSON_IETF --timeout 300s --path "/pan/logging/query/custom[type=system][direction=fwd][max_logs=2][period=last-24-hrs]" --skip-verify
    The following is a response from the provided query above.
    {
  "source": "10.124.160.118:9339",
  "subscription-name": "default-1682585833",
  "timestamp": 1682585833000000000,
  "time": "2023-04-27T14:27:13+05:30",
  "updates": [
    {
      "Path": "/pan/logging/query/custom[full_query=-t system -n 5]",
      "values": {
        "/pan/logging/query/custom": {
          "data_line_1": {
            "actionflags": "0x0",
            "config_ver": "2816",
            "device_name": "lranadive-india-10.1.5",
            "dg_hier_level_1": "0",
            "dg_hier_level_2": "0",
            "dg_hier_level_3": "0",
            "dg_hier_level_4": "0",
            "dg_id": "0",
            "domain": "1",
            "eventid": "general",
            "fmt": "0",
            "high_res_timestamp": "2022-10-25T17:07:08.313-07:00",
            "id": "0",
            "module": "general",
            "object": "",
            "opaque": "Connection to Update server: <SNIP> completed successfully, initiated by 10.124.133.118",
            "receive_time": "2022/10/25 17:07:07",
            "seqno": "7156139990219490288",
            "serial": "007199000000843",
            "severity": "informational",
            "subtype": "general",
            "time_generated": "2022/10/25 17:07:08",
            "tpl_id": "0",
            "type": "SYSTEM",
            "vsys": "",
            "vsys_name": ""
          },
          "data_line_2": {
            "actionflags": "0x0",
            "config_ver": "2816",
            "device_name": "lranadive-india-10.1.5",
            "dg_hier_level_1": "0",
            "dg_hier_level_2": "0",
            "dg_hier_level_3": "0",
            "dg_hier_level_4": "0",
            "dg_id": "0",
            "domain": "1",
            "eventid": "general",
            "fmt": "0",
            "high_res_timestamp": "2022-10-25T17:22:27.557-07:00",
            "id": "0",
            "module": "general",
            "object": "",
            "opaque": "Connection to Update server: <SNIP> completed successfully, initiated by 10.124.133.118",
            "receive_time": "2022/10/25 17:22:26",
            "seqno": "7156139990219490289",
            "serial": "007199000000843",
            "severity": "informational",
            "subtype": "general",
            "time_generated": "2022/10/25 17:22:27",
            "tpl_id": "0",
            "type": "SYSTEM",
            "vsys": "",
            "vsys_name": ""
          },
          "data_line_3": {
            "actionflags": "0x0",
            "config_ver": "2816",
            "device_name": "lranadive-india-10.1.5",
            "dg_hier_level_1": "0",
            "dg_hier_level_2": "0",
            "dg_hier_level_3": "0",
            "dg_hier_level_4": "0",
            "dg_id": "0",
            "domain": "1",
            "eventid": "general",
            "fmt": "0",
            "high_res_timestamp": "2022-10-25T17:37:48.651-07:00",
            "id": "0",
            "module": "general",
            "object": "",
            "opaque": "Connection to Update server: <SNIP> completed successfully, initiated by 10.124.133.118",
            "receive_time": "2022/10/25 17:37:48",
            "seqno": "7156139990219490290",
            "serial": "007199000000843",
            "severity": "informational",
            "subtype": "general",
            "time_generated": "2022/10/25 17:37:48",
            "tpl_id": "0",
            "type": "SYSTEM",
            "vsys": "",
            "vsys_name": ""
          },
          "data_line_4": {
            "actionflags": "0x0",
            "config_ver": "2816",
            "device_name": "lranadive-india-10.1.5",
            "dg_hier_level_1": "0",
            "dg_hier_level_2": "0",
            "dg_hier_level_3": "0",
            "dg_hier_level_4": "0",
            "dg_id": "0",
            "domain": "1",
            "eventid": "url-backup-seed-success",
            "fmt": "0",
            "high_res_timestamp": "2022-10-25T17:39:23.403-07:00",
            "id": "0",
            "module": "general",
            "object": "",
            "opaque": "Backup of PAN-DB finished successfully.",
            "receive_time": "2022/10/25 17:39:23",
            "seqno": "7156139990219490291",
            "serial": "007199000000843",
            "severity": "informational",
            "subtype": "url-filtering",
            "time_generated": "2022/10/25 17:39:23",
            "tpl_id": "0",
            "type": "SYSTEM",
            "vsys": "",
            "vsys_name": ""
          },
          "data_line_5": {
            "actionflags": "0x0",
            "config_ver": "2816",
            "device_name": "lranadive-india-10.1.5",
            "dg_hier_level_1": "0",
            "dg_hier_level_2": "0",
            "dg_hier_level_3": "0",
            "dg_hier_level_4": "0",
            "dg_id": "0",
            "domain": "1",
            "eventid": "general",
            "fmt": "0",
            "high_res_timestamp": "2022-10-25T17:53:02.141-07:00",
            "id": "0",
            "module": "general",
            "object": "",
            "opaque": "Connection to Update server: <SNIP> completed successfully, initiated by 10.124.133.118",
            "receive_time": "2022/10/25 17:53:02",
            "seqno": "7156139990219490292",
            "serial": "007199000000843",
            "severity": "informational",
            "subtype": "general",
            "time_generated": "2022/10/25 17:53:02",
            "tpl_id": "0",
            "type": "SYSTEM",
            "vsys": "",
            "vsys_name": ""
          },
          "total_lines": "5"
        }
      }
    }
  ]
}

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.