1. Home
    2. PAN-OS
    3. PAN-OS CLI Quick Start
    4. Get Started with the CLI
    5. Find a Command
    End-of-Life (EoL)
    Previous
    Next
    The find command helps you find a command when you don't know where to start looking in the hierarchy. The command—which is available in all CLI modes—has two forms. Used alone, find command displays the entire command hierarchy. Used with the keyword parameter, find command keyword displays all commands that contain the specified keyword.
    		 You can also view a complete listing of all PAN-OS 7.1 CLI commands or view the CLI changes between the current and previous PAN-OS release.
    View the Entire Command Hierarchy Find a Specific Command Using a Keyword Search
    View the Entire Command Hierarchy
    Use find command without any parameters to display the entire command hierarchy in the current command mode. For example, running this command from operational mode on a VM-Series Palo Alto Networks device yields the following (partial result):
    admin@7-1-VM> find command
    target set <value>
    target show
    schedule uar-report user <value> user-group <value> skip-detailed-browsing <yes|no> title <value> period <value> start-time <value> end-time <value> vsys <value>
    schedule botnet-report period <last-calendar-day|last-24-hrs> topn <1-500> query <value>
    clear arp <value>|<all>
    clear neighbor <value>|<all>
    clear mac <value>|<all>
    clear job id <0-4294967295>
    clear query id <0-4294967295>
    clear query all-by-session
    clear report id <0-4294967295>
    clear report all-by-session
    clear report cache
    clear log traffic
    clear log threat
    clear log config
    clear log system
    clear log alarm
    clear log acc
    clear log hipmatch
    clear log userid
    clear log iptag
    clear wildfire counters
    clear counter interface
    clear counter global name <value>
    clear counter global filter category <value> severity <value> aspect <value> pac
    ket-filter <yes|no>
    clear counter all
    clear session id <1-4294967295>
    clear session all filter nat <none|source|destination|both> ssl-decrypt <yes|no> type <flow|predict> state <initial|opening|active|discard|closing|closed> from <value> to <value> source <ip/netmask> destination <ip/netmask> source-user <value> destination-user <value> source-port <1-65535> destination-port <1-65535> protocol <1-255> application <value> rule <value> nat-rule <value> qos-rule <value> pbf-rule <value> dos-rule <value> hw-interface <value> min-kb <1-1048576> qos-node-id <0-5000>|<-2> qos-class <1-8> vsys-name <value>|<any>
    clear application-signature statistics
    clear nat-rule-cache rule <value>
    clear statistics
    clear high-availability control-link statistics
    clear high-availability transitions
    clear vpn ike-sa gateway <value>
    clear vpn ipsec-sa tunnel <value>
    clear vpn ike-preferred-version gateway <value>
    clear vpn ike-hashurl
    clear vpn flow tunnel-id <1-2147483648>
    clear dhcp lease all expired-only
    clear dhcp lease interface clear dhcp lease interface <name> ip <ip/netmask>
    :
    Find a Specific Command Using a Keyword Search
    Use find command keyword to locate all commands that have a specified keyword.
    admin@7-1-VM# find command keyword <keyword>
    For example, suppose you want to configure certificate authentication and you want the Palo Alto Networks device to get the username from a field in the certificate, but you don’t know the command. In this case you might use find command keyword to search for commands that contain username in the command syntax.
    admin@7-1-VM> configure
    Entering configuration mode
    [edit]
    admin@7-1-VM# find command keyword username
    show shared certificate-profile <name> username-field
    set deviceconfig system log-export-schedule <name> protocol ftp username <value>
    set deviceconfig system log-export-schedule <name> protocol scp username <value>
    set deviceconfig setting wildfire session-info-select exclude-username <yes|no>
    set mgt-config password-complexity block-username-inclusion <yes|no>
    set network interface ethernet <name> layer3 pppoe username <value>
    set shared authentication-profile <name> username-modifier <value>|<validate>|<%USERINPUT%|%USERINPUT%@%USERDOMAIN%|%USERDOMAIN%\%USERINPUT%>
    set shared certificate-profile <name> username-field
    set shared certificate-profile <name> username-field subject <common-name>
    set shared certificate-profile <name> username-field subject-alt <email|principal-name>
    set vm-info-source <name> VMware-ESXi username <value>
    set vm-info-source <name> VMware-vCenter username <value>
    set user-id-collector setting ntlm-username <value>
    set user-id-collector syslog-parse-profile <name> regex-identifier username-regex <value>
    set user-id-collector syslog-parse-profile <name> field-identifier username-prefix <value>
    set user-id-collector syslog-parse-profile <name> field-identifier username-delimiter <value>
    [edit]
    admin@7-1-VM#
    From the resulting lists of commands, you can identify that the command you need is:
    admin@7-1-VM# set shared certificate-profile <name> username-field
    If you’re not sure exactly what to enter in the command line, you can then Get Help on Command Syntax.
    Previous
    Next

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo