View Logs
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
-
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
-
-
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)
View Logs
You can view the different log types on the
firewall in a tabular format. The firewall locally stores all log
files and automatically generates Configuration and System logs
by default. To learn more about the security rules that trigger
the creation of entries for the other types of logs, see Log Types and Severity Levels.
To
configure the firewall to forward logs as syslog messages, email
notifications, or Simple Network Management Protocol (SNMP) traps, Use External Services for Monitoring.
- Select a log type to view.
- Select MonitorLogs.Select a log type from the list.The firewall displays only the logs you have permission to see. For example, if your administrative account does not have permission to view WildFire Submissions logs, the firewall does not display that log type when you access the logs pages. Administrative Role Types define the permissions.(Optional) Customize the log column display.
- Click the arrow to the right of any column header, and select Columns.Select columns to display from the list. The log updates automatically to match your selections.View additional details about log entries.
- Click the spyglass (
- (Threat log only) Click
- (Traffic, Threat, URL Filtering, WildFire Submissions, Data Filtering, and Unified logs only) View AutoFocus threat data for a log entry.
- Enable AutoFocus.Enable AutoFocus in Panorama to view AutoFocus threat data for all Panorama log entries, including those from firewalls that are not connected to AutoFocus and/or are running PAN-OS 7.0 and earlier release versions (PanoramaSetupManagementAutoFocus).
- Hover over an IP address, URL, user agent, threat name (subtype: virus and wildfire-virus only), filename, or SHA-256 hash.
- Click the drop-down (
Next Steps...