Difference between revisions of "PAN-OS: Show log system"

From wikieduonline
Jump to navigation Jump to search
 
(29 intermediate revisions by the same user not shown)
Line 1: Line 1:
  [[show log]] system receive_time in last-6-hrs
+
  <code>[[show log system]] receive_time in <last-60-seconds|last-15-minutes|last-hour|last-6-hrs|last-12-hrs|last-24-hrs|last-calendar-day|last-7-days|last-30-days|last-calendar-month></code>
  show log system severity greater-than-or-equal [[medium]]
+
 
 +
show log system direction equal [[backward]]
 +
 
 +
  show log system severity greater-than-or-equal [[low]]
  
 
{{Show log system severity}}
 
{{Show log system severity}}
  
== [[GlobalProtect]] logs ==
 
  2017/05/06 15:11:22 [[info]]    globalp Global globalp 0  [[GlobalProtect]] gateway client switch to SSL tunnel mode succeeded. User name: NAME Private IP: 10.10.10.10
 
  
2018/05/06 15:22:55 info    auth    Authen auth-su 0  '''authenticated''' for user '[email protected]'.  auth profile 'Authentication-Seq', vsys 'vsys1', server profile 'My_[[Radius]]_server', server address '10.10.10.43', auth protocol '[[PAP]]', From: 12.14.17.23.
 
  
  2017/05/06 18:18:47 info    globalp Global globalp GlobalProtect gateway user '''logout'' succeeded. User name: USERNAME, Client OS version: Apple [[iOS]] 13.3.1, Reason: '''user session expired'''.
+
  show log system object equal
 +
 
 +
 
 +
== Examples ==
 +
[[show log system direction equal backward]] | [[match globalp]]
 +
 
 +
== Categories ==
 +
* <code>[[general]]</code>
 +
* <code>[[auth]]</code>
 +
* <code>[[connect]]</code>
 +
* <code>[[globalp]]</code>
 +
 
 +
== [[LDAP]] ==
 +
2019/03/06 10:54:21 medium  userid  10.10. connect 0  [[ldap]] cfg XX_XX_XXXXX failed to connect to server 10.10.XXX.XX:389: Error: Failed to connect to 10.10.XXX.XX(10.10.XXX.XX):389Error: Failed to connect to 10.10.XXX.xx(10.10.xxx.xx):389
 +
 +
2020/09/01 16:13:23 info    userid  10.10. connect ldap cfg XXXXX connected to server 10.10.x.x:389, initiated by: 10.10.x.x
 +
 
 +
== [[GlobalProtect logs]] ==
 +
* <code>[[match globalp]]</code>
  
2017/05/06 18:08:50 info    globalp Global globalp 0  '''GlobalProtect portal client configuration generated'''. Login from: 156.20.23.xxx, Source region: XX, User name: USERNAME, Client OS version: Apple [[Mac OS X 10.15.4]], Config name: you_GP_Portal_Agent, Client OS: Mac, Machine Certificate CN : , Host ID: xx:xx:e7:50:a1:xx, Serial No : XVFYT0LLM6XX
 
  
  2017/05/06 18:16:43 info    globalp Global globalp 0  '''GlobalProtect portal client configuration failed'''. Login from: 156.20.23.xxx, Source region: XX, User name: USERNAME,, Client OS version: Apple [[Mac OS X 10.15.4]], Machine Certificate CN : (null), Host ID: xx:xx:e7:50:a1:xx, Serial No : XVFYT0LLM6XX
+
== Medium ==
 +
  show log system severity greater-than-or-equal medium direction equal backward
 +
2020/11/21 09:19:40 medium  [[auth]]    Authen auth-fa failed authentication for user 'USERNAME'.  auth profile 'Authentication-Seq', vsys 'vsys1', From: 10.10.10.10.
  
 
== Related commands ==
 
== Related commands ==
 
* <code>[[match]]</code>
 
* <code>[[match]]</code>
 +
* <code>[[set]]</code>
 +
* <code>[[show log config]]</code>
  
 
== See also ==
 
== See also ==
* {{show}}
+
* {{show PAN-OS}}
 
* {{PAN-OS}}
 
* {{PAN-OS}}
  
  
 
[[Category:PAN-OS]]
 
[[Category:PAN-OS]]

Latest revision as of 09:53, 23 March 2023

show log system receive_time in <last-60-seconds|last-15-minutes|last-hour|last-6-hrs|last-12-hrs|last-24-hrs|last-calendar-day|last-7-days|last-30-days|last-calendar-month>
show log system direction equal backward
show log system severity greater-than-or-equal low
  • show log system severity equal <critical|high|medium|low|informational>
  • show log system severity not-equal <critical|high|medium|low|informational>
  • show log system severity greater-than-or-equal <critical|high|medium|low|informational>
  • show log system severity less-than-or-equal <critical|high|medium|low|informational>

Examples:


show log system object equal


Examples[edit]

show log system direction equal backward | match globalp

Categories[edit]

LDAP[edit]

2019/03/06 10:54:21 medium   userid  10.10. connect 0  ldap cfg XX_XX_XXXXX failed to connect to server 10.10.XXX.XX:389: Error: Failed to connect to 10.10.XXX.XX(10.10.XXX.XX):389Error: Failed to connect to 10.10.XXX.xx(10.10.xxx.xx):389

2020/09/01 16:13:23 info     userid  10.10. connect 0  ldap cfg XXXXX connected to server 10.10.x.x:389, initiated by: 10.10.x.x

GlobalProtect logs[edit]


Medium[edit]

show log system severity greater-than-or-equal medium direction equal backward
2020/11/21 09:19:40 medium   auth    Authen auth-fa 0  failed authentication for user 'USERNAME'.   auth profile 'Authentication-Seq', vsys 'vsys1', From: 10.10.10.10.

Related commands[edit]

See also[edit]

Advertising: