Rule Usage Hit Count Query
Query your policy rule base to determine rule usage for a specified period of time.
- PoliciesRule Usage
Use the rule usage query to filter the selected rulebase over a specified period of time. The rule usage query allows you to quickly filter your policy rulebase to identify unused rules for removal so that you can reduce open entry points for an attacker. Click PDF/CSV to export the filtered rules in PDF or CSV format. To use the Rule Usage Hit Count Query, you must enable the Policy Rule Hit Count setting (Device > Setup > Management).
By default, the Name, Location, Created, Modified, and Rule Usage columns are displayed when you query the rule usage in your policy rule base. You can add more columns to view additional information about the policy rules.
Indicate the time frame to query the selected rulebase. Select from the predetermined time frames or set a Custom time frame.
Select the rule usage to query: Any, Unused, Used, or Partially Used (Panorama only).
(Custom Timeframe only) Select the date and time from which to query the policy rulebase.
Exclude rules reset during the last _ days
Select this option to exclude any rules that were manually reset by a user within the specified number of days.
Device Rule Usage for Rule Hit Count Query
View the device rule usage for a selected policy rule when performing a rule usage hit count query.
You can view the device and virtual system rule usage when you viewing the rule usage for a policy rule from the Panorama management server. Reset Rule Hit Counter to reset the Hit Count, First Hit, and Last Hit.
Click PDF/CSV to export the filtered rules in PDF or CSV format.
Device group that device or virtual system belongs to.
Device Name/Virtual System
Name of the device group or virtual system.
Total number of traffic matches for the policy rule.
Date and time of the latest traffic match for the policy rule.
Date and time of the first traffic match for the policy rule.
Last Update Received
Date and time of the last received rule usage information from the device to the Panorama management server.
|Date and time the policy rule was created.|
Date and time the policy rule was last modified. Column is blank if the policy rule has not been modified.
Connection status of the device: Connected, or Disconnected.
Monitor Policy Rule Usage
How to view rule usage for policy rules pushed to a device group from Panorama. ...
View Policy Rule Usage
View the policy rule hit count data of managed firewalls to monitor rule usage in order to validate rules and keep your rule base organized. ...
Rule Usage Filtering
Filter rule usage to identify unused rules for deletion in order to improve your security posture. ...
Defining Policies on Panorama
Defining Policies on Panorama Device Groups on Panorama™ allow you to centrally manage firewall policies. You create policies on Panorama either as Pre Rules or ...
Sorting and Filtering Security Policy Rules
Use application usage information to prioritize which rules to migrate from port-based to app-based rules or to clean up (remove unused apps) first. ...
Creating and Managing Policies
Creating and Managing Policies Select the Policies Security page to add , modify, and manage security policies: Task Description Add Add a new policy rule ...
Identify Security Policy Rules with Unused Applications
Policy Optimizer finds Security policy rules that specify applications not seen on your network so you can remove the unused apps to reduce the attack ...
Migrate Port-Based to App-ID Based Security Policy Rules
Policy Optimizer converts port-based Security policy rules to app-based rules without compromising app availability to safely enable applications. ...