PAN-OS uses deep packet inspection (DPI) to generate enhanced application logs (EAL) from ICMPv6 neighbor discovery protocol (NDP) packets. With ICMPv6 EAL, Device Security can learn about devices and device attributes and support Advanced Device-ID for IPv6 deployments. Cortex XDR can also use ICMPv6 EALs from PAN-OS.

EALs for ICMPv6 NDP is enabled by default. To prevent log flooding from ICMPv6 deployments, you can disable ICMPv6 EAL using the CLI. When disabling ICMPv6 EAL, commit the device config for the change to take effect.

set deviceconfig setting logging enhanced-application-logging disable-global icmpv6-ndp

If you disable ICMPv6 EAL, you can reenable it using the CLI. Commit the device config for the change to take effect.

delete deviceconfig setting logging enhanced-application-logging disable-global icmpv6-ndp