Manage Logging
Table of Contents
2.0
Expand all | Collapse all
Manage Logging
Examples to Run Logging Models
You can use the OpenConfig plugin to manage and view logs defined in the YANG model
available on the Palo Alto Networks YANG repository.
Predefined
The following query retrieves a log defined by Palo Alto Networks:
gnmic -u USER -p PASSWORD -a IP:9339 subscribe --mode once --encoding JSON_IETF --timeout 300s --path "pan/logging/query/predefined/system_log"
The following is a response from the provided query above:
{ "source": "10.124.160.118:9339", "subscription-name": "default-1683620665", "timestamp": 1683620665000000000, "time": "2023-05-09T13:54:25+05:30", "updates": [ { "Path": "/pan/logging/query/predefined/system_log", "values": { "/pan/logging/query/predefined/system_log": { "code": "Code(200)", "data_line_1": { "actionflags": "0x0", "config_ver": "2817", "device_name": "lranadive-india-10.1.5", "dg_hier_level_1": "0", "dg_hier_level_2": "0", "dg_hier_level_3": "0", "dg_hier_level_4": "0", "dg_id": "0", "domain": "1", "eventid": "general", "fmt": "0", "high_res_timestamp": "2023-05-09T01:21:34.388-07:00", "id": "0", "module": "general", "object": "API", "opaque": "Can not generate an API key for user 'admin' from 127.0.0.1 ; API key certificate is not configured", "receive_time": "2023/05/09 01:21:34", "seqno": "7230758565881840053", "serial": "007199000000843", "severity": "critical", "subtype": "general", "time_generated": "2023/05/09 01:21:34", "tpl_id": "0", "type": "SYSTEM", "vsys": "", "vsys_name": "" }, "data_line_2": { "actionflags": "0x0", "config_ver": "2817", "device_name": "lranadive-india-10.1.5", "dg_hier_level_1": "0", "dg_hier_level_2": "0", "dg_hier_level_3": "0", "dg_hier_level_4": "0", "dg_id": "0", "domain": "1", "eventid": "general", "fmt": "0", "high_res_timestamp": "2023-05-09T01:06:08.588-07:00", "id": "0", "module": "general", "object": "", "opaque": "Failed to renew device certificate.Invalid serial number. Device is not registered.", "receive_time": "2023/05/09 01:06:08", "seqno": "7230758565881840048", "serial": "007199000000843", "severity": "critical", "subtype": "general", "time_generated": "2023/05/09 01:06:08", "tpl_id": "0", "type": "SYSTEM", "vsys": "", "vsys_name": "" }, "total_lines": "2" } } } ] }
Custom
The following query retrieves a custom log defined by the filters you provide:
gnmic -u USER -p PASSWORD -a IP:9339 subscribe --mode once --encoding JSON_IETF --timeout 300s --path "/pan/logging/query/custom[type=system][direction=fwd][max_logs=2][period=last-24-hrs]" --skip-verify
The following is a response from the provided query above.
{ "source": "10.124.160.118:9339", "subscription-name": "default-1682585833", "timestamp": 1682585833000000000, "time": "2023-04-27T14:27:13+05:30", "updates": [ { "Path": "/pan/logging/query/custom[full_query=-t system -n 5]", "values": { "/pan/logging/query/custom": { "data_line_1": { "actionflags": "0x0", "config_ver": "2816", "device_name": "lranadive-india-10.1.5", "dg_hier_level_1": "0", "dg_hier_level_2": "0", "dg_hier_level_3": "0", "dg_hier_level_4": "0", "dg_id": "0", "domain": "1", "eventid": "general", "fmt": "0", "high_res_timestamp": "2022-10-25T17:07:08.313-07:00", "id": "0", "module": "general", "object": "", "opaque": "Connection to Update server: <SNIP> completed successfully, initiated by 10.124.133.118", "receive_time": "2022/10/25 17:07:07", "seqno": "7156139990219490288", "serial": "007199000000843", "severity": "informational", "subtype": "general", "time_generated": "2022/10/25 17:07:08", "tpl_id": "0", "type": "SYSTEM", "vsys": "", "vsys_name": "" }, "data_line_2": { "actionflags": "0x0", "config_ver": "2816", "device_name": "lranadive-india-10.1.5", "dg_hier_level_1": "0", "dg_hier_level_2": "0", "dg_hier_level_3": "0", "dg_hier_level_4": "0", "dg_id": "0", "domain": "1", "eventid": "general", "fmt": "0", "high_res_timestamp": "2022-10-25T17:22:27.557-07:00", "id": "0", "module": "general", "object": "", "opaque": "Connection to Update server: <SNIP> completed successfully, initiated by 10.124.133.118", "receive_time": "2022/10/25 17:22:26", "seqno": "7156139990219490289", "serial": "007199000000843", "severity": "informational", "subtype": "general", "time_generated": "2022/10/25 17:22:27", "tpl_id": "0", "type": "SYSTEM", "vsys": "", "vsys_name": "" }, "data_line_3": { "actionflags": "0x0", "config_ver": "2816", "device_name": "lranadive-india-10.1.5", "dg_hier_level_1": "0", "dg_hier_level_2": "0", "dg_hier_level_3": "0", "dg_hier_level_4": "0", "dg_id": "0", "domain": "1", "eventid": "general", "fmt": "0", "high_res_timestamp": "2022-10-25T17:37:48.651-07:00", "id": "0", "module": "general", "object": "", "opaque": "Connection to Update server: <SNIP> completed successfully, initiated by 10.124.133.118", "receive_time": "2022/10/25 17:37:48", "seqno": "7156139990219490290", "serial": "007199000000843", "severity": "informational", "subtype": "general", "time_generated": "2022/10/25 17:37:48", "tpl_id": "0", "type": "SYSTEM", "vsys": "", "vsys_name": "" }, "data_line_4": { "actionflags": "0x0", "config_ver": "2816", "device_name": "lranadive-india-10.1.5", "dg_hier_level_1": "0", "dg_hier_level_2": "0", "dg_hier_level_3": "0", "dg_hier_level_4": "0", "dg_id": "0", "domain": "1", "eventid": "url-backup-seed-success", "fmt": "0", "high_res_timestamp": "2022-10-25T17:39:23.403-07:00", "id": "0", "module": "general", "object": "", "opaque": "Backup of PAN-DB finished successfully.", "receive_time": "2022/10/25 17:39:23", "seqno": "7156139990219490291", "serial": "007199000000843", "severity": "informational", "subtype": "url-filtering", "time_generated": "2022/10/25 17:39:23", "tpl_id": "0", "type": "SYSTEM", "vsys": "", "vsys_name": "" }, "data_line_5": { "actionflags": "0x0", "config_ver": "2816", "device_name": "lranadive-india-10.1.5", "dg_hier_level_1": "0", "dg_hier_level_2": "0", "dg_hier_level_3": "0", "dg_hier_level_4": "0", "dg_id": "0", "domain": "1", "eventid": "general", "fmt": "0", "high_res_timestamp": "2022-10-25T17:53:02.141-07:00", "id": "0", "module": "general", "object": "", "opaque": "Connection to Update server: <SNIP> completed successfully, initiated by 10.124.133.118", "receive_time": "2022/10/25 17:53:02", "seqno": "7156139990219490292", "serial": "007199000000843", "severity": "informational", "subtype": "general", "time_generated": "2022/10/25 17:53:02", "tpl_id": "0", "type": "SYSTEM", "vsys": "", "vsys_name": "" }, "total_lines": "5" } } } ] }