Reporting engine enhancements in PAN-OS® 8.1 for the ACC,
User Activity Reports, custom reporting, and for log source and
The reporting engine has been enhanced to provide better
context on network events and user activity. These enhancements
give you greater visibility and control of the log data and reports
you generate so that you can create intelligent policies.
Reporting Engine Enhancements
Accurate log directionality
Firewall writes logs from the perspective
of who initiated the network interaction or event. For example,
if you are downloading a file from a website, the threat log describes the source
(SRC) of the network interaction as the individual requesting the
download and describes the destination (DST) as the website from
which the source is downloading the file. The client is the entity that initiates the
request while the server is the entity that receives the request.
Overlay of commits and content updates in the
User events in the
such as commits and content updates, are represented as a dotted
line on all time-trended line graphs. This helps you to correlate
commits and upgrades with suspicious network events.
Filters for User Activity Reports
build custom filters (
User Activity Report
On Demand Report Scheduling
a scheduled report or
Pick up Later
at a later time to retrieve the report instead of waiting for a
an on-demand report to generate.
You can also run a
to export the generated report in your desired format
Manage Custom Report
can save only one report for pick up at a time.
Custom reporting enhancements
Custom reporting is now more user friendly:
Completions are added for user, user-group, and any other
items that have possible completions.
Column stickiness is added between databases to keep as many
columns as possible when switching between databases.