Home > Palo Alto, Security > Palo Alto – useful CLI commands for troubleshooting

Palo Alto – useful CLI commands for troubleshooting

Here are some PAN-OS commands which proved to be useful for troubleshooting

  • show system resources – shows load and processes but only on Management Plane
  • show resource limit [policies / session / vpn / ssl-vpn] – useful to see where you are against platform limits
  • show running resource-monitor [ week / day / minute / second ] last XX – very nice tool to see your stats over the last XX time periods (which can be anything from seconds to weeks), very good one when you do some real-time troubleshooting
  • show system info – generic info about the box, the easiest way to where you are with software and signature updates
  • show session info – good overview of all your sessions and default timeouts and system behavior with regard to handling of sessions
  • show session all filter – fantastic browser of sessions; here you can filter out and see sessions based on pretty much any parameter you can imagine (like application, source/destination, port number, interface, nat, qos, security rules etc.)
  • show session id xxx – to see details about a particular session
  • show counter global filter delta yes – some good global counters for packets at different stages of their processing, every time your run this one it shows delta since you ran the command last time
  • show counter global filter packet-filter yes delta yes – same but based on the filter you have set for packet capturing (run to know when it’s time to stop the running capture)
  • show system statistics [session / application] – real-time “top”-style stats on sessions and apps

Output from most of commands can be piped through ¬†simple “match / except” filters

Categories: Palo Alto, Security Tags: ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: