>
    inspect flow-detail
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma
    3. Prisma SD-WAN
    4. Use CLI Commands
    5. Inspect Commands
    6. inspect flow-detail
    Download PDF

    inspect flow-detail

    Table of Contents

    inspect flow-detail

    Use the inspect flow-detail command to inspect the details on active flows and to debug current flows matching the user-specified options. It displays existing flows and their path, and whether the path is in established or initialized state.

    Command

    inspect flow-detail (all | [prot-nm=( udp | tcp | icmp ) |prot-no=0-255] | srcv4=src-ipv4 | srcv6=src-ipv6 | srcport=src-port | dstv4=dst-ipv4 | dstv6=dst-ipv6 | dstport=dst-port )

    Options

    srcv4Enter the source IP address.
    dstv4Enter the destination IP address.
    srcv6Enter the source IP address. Release 6.2.1
    dstv6Enter the destination IP address. Release 6.2.1
    srcportEnter the source port.
    dstportEnter the destination port.
    prot-nmTab to select UDP, TCP, or ICMP.
    prot-noEnter a protocol number ranging from 0 - 255.

    Command Notes

    RoleSuper, Read Only
    Related Commands
    Introduced in Release 4.4.1

    Example

    inspect  flow detail 
VRF     SRC            DST             SPORT   DPORT  PROTOCOL   START-TIME           APP-ID      NET-POLICY          PRI-POLICY                SEC-POLICY           SEC-ACTION                WANPATH-ID           PATH                     
yellow  192.168.7.100  192.168.20.100  8        0     1          2023-10-10 04:22:57  unknown     enterprise-default  1696395771321023828    lan_to_public_vpn        
  TRAFFIC: xact        
  PRIORITY: 2  
  DSCP: --  
  STATE: ESTABLISHED   
  IDLE: 20     
  IFACE: v-eth6     
  RX_VRF: yellow (965)   
  FWD_VRF: yellow (965)   
  LEAK_VRF: Global (0)
  NET-POLICY:: NCTX-ID: none                 
  SPF-ID: none                 
  DPF-ID: 1681410079845017228  
  UG-INFO: any                  
  PRI-POLICY:: NCTX-ID: none                
  SPF-ID: none                 
  DPF-ID: 1681410079905017328  
  UG-INFO: any                  
  SEC-RULE-IDS: none

    inspect flow detail
				SRC             DST             SPORT      DPORT      PROTOCOL   START-TIME           APP-ID     NET-POLICY   PRI-POLICY         SEC-POLICY      SEC-ACTION    WANPATH-ID           PATH
				192.168.7.100   192.168.20.100  8          0          1          2021-08-11 01:21:02  icmp-ping  Rule 1       icmp-ping-Policy   Rule1-Set2-20   ALLOW         16261257799450062    lan_to_public_vpn  
				
				TRAFFIC: xact        PRIORITY: 2  DSCP: --  STATE: ESTABLISHED   IDLE: 20     IFACE: ethr3,tnl-1,bwc_in_1  NET-POLICY:: NCTX-ID: none   SPF-ID: none   DPF-ID: none                
				PRI-POLICY:: NCTX-ID: none  SPF-ID: none  DPF-ID: none SEC-RULE-IDS: 16246315738930189
    inspect flow detail
SRC         	DST         	SPORT  	DPORT  	PROTOCOL   START-TIME       	APP-ID           	NET-POLICY            	PRI-POLICY            	SEC-POLICY       	SEC-ACTION         
      WANPATH-ID       	PATH                    
30.1.1.2    	10.1.1.2    	8      	0      	1      	2022-12-15 09:09:21  ping             	match icmp            	test default user     	allow any other user ALLOW              
      1665475784156002328  unknown_flow_path       
  TRAFFIC: xact    	PRIORITY: 3  DSCP: --  STATE: INIT      	IDLE: 20 	IFACE:          
  NET-POLICY:: NCTX-ID: none             	SPF-ID: none             	DPF-ID: none             	UG-INFO: 158622979242302240[CN=engineering,DC=sdwanamsteltest,DC=onmicrosoft,DC=com] 
  PRI-POLICY:: NCTX-ID: none             	SPF-ID: none             	DPF-ID: none             	UG-INFO: 1674636535551001928[sdwanamsteltest\edward@sdwanamsteltest.onmicrosoft.com]
  SEC-RULE-IDS: 1667810313551011228

    © 2024 Palo Alto Networks, Inc. All rights reserved.