{"id":237,"date":"2023-01-23T18:03:43","date_gmt":"2023-01-23T17:03:43","guid":{"rendered":"https:\/\/worldofsecurity.de\/?p=237"},"modified":"2024-02-02T17:38:01","modified_gmt":"2024-02-02T16:38:01","slug":"palo-alto-networks-cli-cheat-sheet","status":"publish","type":"post","link":"https:\/\/blog.helge-meyer.de\/?p=237","title":{"rendered":"Palo Alto Networks &#8211; CLI Cheat Sheet"},"content":{"rendered":"<h3>Overview<\/h3>\n<nav>\n<ul>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#cli\">CLI Basics<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#system\">System Defaults and Management Interface<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#license_software\">Software, Updates and License<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#reboot\">Reboot and Shutdown<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#configuration\">Configuration Mode<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#maintenance\">Maintenance Mode<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#commit\">Commit and Jobs<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#capture\">Packet Capturing<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#basic\">System Overview<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#services\">Services Overview<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#ha\">High-Availability<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#routing\">Routing<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#session\">Session Information<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#ipsec\">IPsec VPN<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#ssl\">SSL Decryption<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#userid\">User-ID<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#gp\">Global Protect<\/a><\/li>\n<li><a href=\"https:\/\/worldofsecurity.de\/?p=237#profile\">Security Profile<\/a><\/li>\n<\/ul>\n<\/nav>\n<hr \/>\n<p><!--more--><\/p>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"cli\" colspan=\"2\">CLI Basics<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">configure<\/span><\/td>\n<td>Enter the configuration mode.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">exit<\/span><\/td>\n<td>Exit the configuration mode and go back to the operational mode.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">set cli config-output-format [default | json | set | xml]<\/span><\/td>\n<td>Run the command in the operational mode to change the output format<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">set cli pager off<\/span><\/td>\n<td>disable the page function to show the entire output.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">find command<\/span><\/td>\n<td>Use command without any parameters to display the entire command hierarchy in the current command mode.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">find command <span class=\"patable_cmd_cur\">&lt;keyword&gt;<\/span><\/span><\/td>\n<td>Use command to locate all commands that have a specified keyword.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"system\" colspan=\"2\">System Defaults and Management Interface<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>admin \/ admin<\/td>\n<td>Default login. The predefined password must be change after the first login.<\/p>\n<ul class=\"patable\">\n<li>8 characters<\/li>\n<li>1 uppercase character<\/li>\n<li>1 lowercase character<\/li>\n<li>1 numeral or special character<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td>192.168.1.1\/24 or DHCP<\/td>\n<td>PA hardware firewalls have a static IP on the MGT interface. VM-Series get an IP on the MGT interface via DHCP.<\/td>\n<\/tr>\n<tr>\n<td>9600-8-N-1<br \/>\n(Hardware flow control is disabled)<\/td>\n<td>Default serial console port settings.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">set deviceconfig system type [dhcp-client | static]<\/span><\/td>\n<td>Switch the interface type of the MGT interface between static or DHCP.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">set deviceconfig system ip-address <span class=\"patable_cmd_cur\">&lt;ip-address&gt;<\/span> netmask <span class=\"patable_cmd_cur\">&lt;netmask&gt;<\/span> default-gateway <span class=\"patable_cmd_cur\">&lt;default gateway&gt;<\/span> dns-setting servers primary <span class=\"patable_cmd_cur\">&lt;DNS ip address&gt;<\/span><\/span><\/td>\n<td>Use the command to set the IP address of the management interface.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"license_software\" colspan=\"2\">Software, Updates and License<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">debug swm status<\/span><\/td>\n<td>Show status of PAN Software Manager.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug swm status<\/span><\/td>\n<td>Display info on current or specified image.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug swm history<\/span><\/td>\n<td>Show history of software install operations.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug swm revert<\/span><\/td>\n<td>Revert back to previous running software packages.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request content upgrade info<\/span><\/td>\n<td>Show information about available threat packages.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request content upgrade install version latest<\/span><\/td>\n<td>Installs most recently downloaded threat package.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request anti-virus upgrade info<\/span><\/td>\n<td>Show information about available antivirus packages.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request anti-virus upgrade install version latest<\/span><\/td>\n<td>Installs most recently downloaded antivirus package.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug swm rebuild-content-db<\/span><\/td>\n<td>Rebuild content databas.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"reboot\" colspan=\"2\">Reboot and Shutdown<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">request restart system<\/span><\/td>\n<td>Restart the device<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request shutdown system<\/span><\/td>\n<td>Shutdown the device<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"configuration\" colspan=\"2\">Configuration Mode<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">run<\/span><\/td>\n<td>Use in configure mode to execute commands from operional mode e.g. show commands<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">configure<\/span><\/td>\n<td>Enter the configuration mode<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">exit<\/span><\/td>\n<td>Exit the configuration mode<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">commit<\/span><\/td>\n<td>Commit the changes in the candidate configuration<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">set cli config-output-format [default | json | set | xml]<\/span><\/td>\n<td>Run the command in the operational mode to change the output format<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">set cli pager off<\/span><\/td>\n<td>Disable the page function to show the entire output.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"maintenance\" colspan=\"2\">Maintenance Mode<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">maint<\/span><\/td>\n<td>Enter maintenance mode while bootup process<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug system maintenance-mode<\/span><\/td>\n<td>The device will reboot immediately into maintenance mode when the command is issued.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">MA1NT<\/span><\/td>\n<td>Password needed sometimes in the maintenance mode.<\/td>\n<\/tr>\n<tr>\n<td>Maintenance Mode Optiions<\/td>\n<td>\n<ul>\n<li>Get System Information<\/li>\n<li>Factory Reset<\/li>\n<li>Set FIPS Moe<\/li>\n<li>FSCK (Disk Check)<\/li>\n<li>Log Files<\/li>\n<li>Disk Image<\/li>\n<li>Content Rollback<\/li>\n<li>Set IP Address<\/li>\n<li>Diagnostics<\/li>\n<li>High-Availability<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"commit\" colspan=\"2\">Commit Configuration<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">check pending-changes<\/span><\/td>\n<td>Check for any uncommitted changes to the candidate configuration.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show config diff<\/span><\/td>\n<td>To see the changes between the running configuration and candidate configuration<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">commit<\/span><\/td>\n<td>Commit the changes in the candidate configuration<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">commit partial <span class=\"patable_cmd_cur\">&lt;username&gt;<\/span><\/span><\/td>\n<td>Run the command in the operational mode to change the output format<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show config list changes <span class=\"patable_cmd_cur\">&lt;username&gt;<\/span><\/span><\/td>\n<td>List of changed objects, is not raw config rather the xpath of the changed object.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show config candidate<\/span><\/td>\n<td>View any non-committed saved or unsaved changes (XML only).<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">validate [ full | partial ]<\/span><\/td>\n<td>Validate commit. Validate command creates a job with a job ID.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system last-commit-info<\/span><\/td>\n<td>More detailed info can be gathered on the last commit, this includes things such as the phases it goes through and the processes it touches.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">revert | save | load | export | import<\/span><\/td>\n<td>Configuration management.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show jobs [ all | id <span class=\"patable_cmd_cur\">&lt;id&gt; ]<\/span><\/span><\/td>\n<td>View the validation results as overview or using the job id for more details.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show jobs pending<\/span><\/td>\n<td>Display pending jobs.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show jobs processed<\/span><\/td>\n<td>Display finished jobs.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"capture\" colspan=\"2\">Packet Capturing<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane packet-diag clear all<\/span><\/td>\n<td>Clear existing settings.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane packet-diag set filter match <span class=\"patable_cmd_cur\">&lt;filter&gt;<\/span><\/span><\/td>\n<td>Define capture filter<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane packet-diag set filter on<\/span><\/td>\n<td>Turn on filtering. (since PANOS 10.1 enabled per default)<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane packet-diag set capture stage [ receive | transmit | firewall | drop ] <span class=\"patable_cmd_cur\">&lt;filename&gt;<\/span><\/span><\/td>\n<td>Add stages and filenames.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane packet-diag show setting <\/span><\/td>\n<td>Review your settings.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane packet-diag set capture on<\/span><\/td>\n<td>Turn on packet capture.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane packet-diag set capture off<\/span><\/td>\n<td>Turn off packet capture .<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">view-pcap <span class=\"patable_cmd_cur\">&lt;options&gt;<\/span> no-dns-lookup yes filter-pcap<\/span><\/td>\n<td>View packet capture.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">[ tftp | scp ] export filter-pcap from <span class=\"patable_cmd_cur\">&lt;filename&gt;<\/span> to [ tftp-ip | user@ip-address:path ]<\/span><\/td>\n<td>Export packet capture file.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane packet-diag clear capture stage [ all | receive | firewall | drop | transmit ]<\/span><\/td>\n<td>Delete capture files.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane packet-diag set filter -offload -disable<\/span><\/td>\n<td>Filter-based offloading \u2013 disables offloading only for traffic that matches that filter (since PANOS 10.1).<\/td>\n<\/tr>\n<tr>\n<td>&gt; <span class=\"patable_cmd\">set session offload [ yes | no ]<\/span><\/td>\n<td>Enable\/Disable Session offloading (<b>non-persistent<\/b>).<\/td>\n<\/tr>\n<tr>\n<td># <span class=\"patable_cmd\">set deviceconfig setting session offload [ yes | no ]<\/span><\/td>\n<td>Enable\/Disable Session offloading (<b>persistent<\/b>).<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">set application dump-unknown yes<\/span><\/td>\n<td>If the unknown capture setting option is off, enable it.Verify with <span class=\"patable_cmd\">show running application setting | match \u201cUnknown capture\u201d<\/span><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">et application dump on application rule <\/span><\/td>\n<td>Turn on the application packet capture and define filters.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">set application dump off<\/span><\/td>\n<td>Turn off application packet capture.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">[ tftp | scp ] export application-pcap from <span class=\"patable_cmd_cur\">&lt;filename&gt;<\/span> to [ tftp-ip | user@ip-address:path ]<\/span><\/td>\n<td>Export application packet capture file.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug pcap [ on | off | &#8230; ]<\/span><\/td>\n<td>Enable\/Disable daemon packet capture.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">[ tftp | scp ] export debug-pcap from <span class=\"patable_cmd_cur\">&lt;filename&gt;<\/span> to [ tftp-ip | user@ip-address:path ]<\/span><\/td>\n<td>Export daemon packet capture file.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">tcpdump filter &#8220;<span class=\"patable_cmd_cur\">&lt;filter&gt;<\/span>&#8220;<\/span><\/td>\n<td>Packet Capture (tcpdump) On Management Interface.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">[ tftp | scp ] export mgmt-pcap from <span class=\"patable_cmd_cur\">&lt;filename&gt;<\/span> to [ tftp-ip | user@ip-address:path ]<\/span><\/td>\n<td>Export management packet capture file.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"basic\" colspan=\"2\">System Overview<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">show admins<\/span><\/td>\n<td>Display the administrators who are currently logged in to the web interface, CLI, or API.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show admins all<\/span><\/td>\n<td>Display the administrators who can access the web interface, CLI, or API, regardless of the login status.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show config-locks<\/span><\/td>\n<td>Displays the list of administrators who hold configuration locks.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show commit-locks<\/span><\/td>\n<td>Displays the list of administrators who hold commit locks.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request config-lock remove<\/span><\/td>\n<td>To force removal of the configuration lock, use the following CLI command.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request commit-lock remove<\/span><\/td>\n<td>To force removal of the commit lock, use the following CLI command.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system info<\/span><\/td>\n<td>Display basic device information (PANOS, Serial No, Content Version, CPU, Memory,&#8230;).<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system software status [ | match <span class=\"patable_cmd_cur\">&lt;service-name&gt;<\/span> ]<\/span><\/td>\n<td>Status of all services running on the device.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug software restart process <span class=\"patable_cmd_cur\">&lt;process-name&gt;<\/span><\/span><\/td>\n<td>Restart process<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show chassis-ready<\/span><\/td>\n<td>Display if the dataplane is ready to process sessions.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show netstat all yes<\/span><\/td>\n<td>Display all listening and established connections on the management plane, per process.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request license [ fetch | info ]<\/span><\/td>\n<td>Retrieves and shows currently active licenses.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system state<\/span><\/td>\n<td>State information of the entire device.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system state filter env.*<\/span><\/td>\n<td>Display system core temperatures and power levels.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system state | match fan<\/span><\/td>\n<td>System state for any line containing &#8216;fan&#8217; to find fan speeds.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system state | match cfg.general.max<\/span><\/td>\n<td>Returns the maximum number of configurable objects the system supports.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system state filter-pretty sys.s1.*<\/span><\/td>\n<td>Display information about all the interfaces in slot 1.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system logdb-quota<\/span><\/td>\n<td>Show the maximum log file size.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system disk-space files<\/span><\/td>\n<td>Show percent usage of disk partitions.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show running logging<\/span><\/td>\n<td>Show log and packet logging rate.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"services\" colspan=\"2\">Services Overview<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">less [ mp-log | dp-log ] <span class=\"patable_cmd_cur\">&lt;log-name&gt;<\/span><\/span><\/td>\n<td>Service log listing for service logs as listed below.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">tail follow yes [ mp-log | dp-log ] <span class=\"patable_cmd_cur\">&lt;log-name&gt;<\/span><\/span><\/td>\n<td>End of service log with automatic refresh.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">grep [ mp-log | dp-log ] <span class=\"patable_cmd_cur\">&lt;log-name&gt;<\/span> pattern <span class=\"patable_cmd_cur\">&lt;value&gt;<\/span><\/span><\/td>\n<td>Search for specific pattern in service logs.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug software restart process <span class=\"patable_cmd_cur\">&lt;process-name&gt;<\/span><\/span><\/td>\n<td>Restart process.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system software status | [ match <span class=\"patable_cmd_cur\">&lt;service-name&gt;<\/span> ]<\/span><\/td>\n<td>Check if process is running.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system files<\/span><\/td>\n<td>Check for Core files.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">less dp-backtrace or less mp-backtrace<\/span><\/td>\n<td>Check for backtrace files.Use less dp-backtrace on platforms,with a dedicated Data Plane.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug software logging-level show level service all-services<\/span><\/td>\n<td>Show current log levels.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug software logging-level set level <span class=\"patable_cmd_cur\">&lt;level&gt;<\/span> service <span class=\"patable_cmd_cur\">&lt;servicename&gt;<\/span><\/span><\/td>\n<td>Set log level for specific service. Debug levels:<\/p>\n<ul>\n<li>0 = Off<\/li>\n<li>1 = Error<\/li>\n<li>2 = Warn<\/li>\n<li>3 = Info (or normal)<\/li>\n<li>4 = Debug<\/li>\n<li>5 = Dump (use with caution)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug software logging-level set level default service <span class=\"patable_cmd_cur\">&lt;servicename&gt;<\/span><\/span><\/td>\n<td>Reset log level for specific service to default.<\/td>\n<\/tr>\n<tr>\n<td>authd.log<\/td>\n<td>Manages all firewall and Authentication policy-initiated user authentication, locks accounts, etc.<br \/>\nProccess\/Daemon: <b>authd<\/b><\/td>\n<\/tr>\n<tr>\n<td>devsrvr.log<\/td>\n<td>Device Server for configuration push and communication with data plane.<br \/>\nProccess\/Daemon: <b>device-server<\/b><\/td>\n<\/tr>\n<tr>\n<td>ha-agent.log<\/td>\n<td>High availability status.<br \/>\nProccess\/Daemon: <b>high-availability<\/b><\/td>\n<\/tr>\n<tr>\n<td>ikemgr.log<br \/>\nkeymgr.log<\/td>\n<td>Contains ISAKMP and IPsec service logs.<br \/>\nProccess\/Daemon: <b>ikemgr and keymgr<\/b><\/td>\n<\/tr>\n<tr>\n<td>tund.log<\/td>\n<td>IPsec logs (Re-keying events and next hop updates).<br \/>\nProccess\/Daemon: <b>tund<\/b><\/td>\n<\/tr>\n<tr>\n<td>logcvr.log<\/td>\n<td>Records traffic logs sent from the data plane.<br \/>\nProccess\/Daemon: <b>log-receiver<\/b><\/td>\n<\/tr>\n<tr>\n<td>mgmt_httpd_access.log<br \/>\nmgmt._httpd_error.log<\/td>\n<td>Management user interface and XML APi requests.<br \/>\nProccess\/Daemon: <b>web-backend<\/b><\/td>\n<\/tr>\n<tr>\n<td>ms.log<\/td>\n<td>Management Server for configuration management.<br \/>\nProccess\/Daemon: <b>management-server<\/b><\/td>\n<\/tr>\n<tr>\n<td>rasmgr.log<\/td>\n<td>Provides logs for GlobalProtect remote access.<br \/>\nProccess\/Daemon: <b>rasmgr<\/b><\/td>\n<\/tr>\n<tr>\n<td>routed.log<\/td>\n<td>Provides static and dynamic routing service information.<br \/>\nProccess\/Daemon: <b>routing<\/b><\/td>\n<\/tr>\n<tr>\n<td>sslvpn-acces.log<br \/>\nsslvpn_error.log<\/td>\n<td>Service log for GlobalProtect web-based features.<br \/>\nProccess\/Daemon: <b>ssl-vpn<\/b><\/td>\n<\/tr>\n<tr>\n<td>syslog-ng.log<\/td>\n<td>Handles log forwarding.<br \/>\nProccess\/Daemon: <b>syslog-ng<\/b>\/td&gt;<\/td>\n<\/tr>\n<tr>\n<td>userid.log<\/td>\n<td>Manages User-ID features.<br \/>\nProccess\/Daemon: <b>user-id<\/b><\/td>\n<\/tr>\n<tr>\n<td>varcvr.log<\/td>\n<td>Records URL logs and pcaps sent from the data plane.<br \/>\nProccess\/Daemon: <b>vardata.receiver<\/b><\/td>\n<\/tr>\n<tr>\n<td>appweb3-websrvr.log<\/td>\n<td>Handles a subset of API calls and uploads (runs as \u201cnginx\u201d).<br \/>\nProccess\/Daemon: <b>websrvr<\/b><\/td>\n<\/tr>\n<tr>\n<td>appweb3-l3svc.log<\/td>\n<td>Implements captive portal, NTLM authentications, URL block pages, and admin override for URL filtering (runs as \u201cnginx\u201d).<br \/>\nProccess\/Daemon: <b>l3svc<\/b><\/td>\n<\/tr>\n<tr>\n<td>cryptod.log<\/td>\n<td>Encrypts and decrypts passwords, private keys, etc., to enable them to be included as part of a config file.<br \/>\nProccess\/Daemon: <b>cryptod<\/b><\/td>\n<\/tr>\n<tr>\n<td>sslmgr.log<\/td>\n<td>Fulfills OCSP and CRL queries from management-plane and data-plane services; manages the OCSP and CRL repository.<br \/>\nProccess\/Daemon: <b>sslmgr<\/b><\/td>\n<\/tr>\n<tr>\n<td>dagger.log<\/td>\n<td>.<br \/>\nProccess\/Daemon: <b><\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system logdb-quota<\/span><\/td>\n<td>Show the maximum log file size.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system disk-space files<\/span><\/td>\n<td>Show percent usage of disk partitions.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show running logging<\/span><\/td>\n<td>Show log and packet logging rate.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system ressources [follow]<\/span><\/td>\n<td>Ressource Monitoring Management Plane (CPU, Memory,..).<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show running ressource-monitor<\/span><\/td>\n<td>Ressource Monitoring Data Plane.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show management-clients<\/span><\/td>\n<td>Show internal management server clients.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"ha\" colspan=\"2\">High-Availability<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">show high-availability [ state | all |state-synchronization ]<\/span><\/td>\n<td>Display High-Availability status (Peer&#8217;s HA condition, All HA information and HA statistics.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show high-availability session-reestablish-status<\/span><\/td>\n<td>Shows when HA1 and HA1-backup links were last reestablished.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show high-availability transitions<\/span><\/td>\n<td>Indicates how many times a device has transitioned between HA states.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show high-availability flap statistics<\/span><\/td>\n<td>Details about preemptions &#8216;flaps&#8217; (preemption activates device, error encountered again, device non-funct, recovers, preempt activates, error encountered again, etc.).<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show high-availability control-link statistics<\/span><\/td>\n<td>Detailed information about HA1 messages.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request high-availability sessions-reestablish force<\/span><\/td>\n<td>Reestablishes HA1 link if link was lost, use &#8216;force&#8217; if HA1 backup is not configured.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request high-availability sync-to-remote running-config manually<\/span><\/td>\n<td>Syncs running configuration to peer, in case automatic sync failed or if status is out-of-sync.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request high-availability state [ functional | suspend ]<\/span><\/td>\n<td>Suspend or activate local device.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request high-availability state peer [ functional | suspend ]<\/span><\/td>\n<td>Suspend or activate peer device.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show log system subtype equal ha<\/span><\/td>\n<td>Display events only, based on High-Availability.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"routing\" colspan=\"2\">Routing<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">show routing route<\/span><\/td>\n<td>Display the routing table.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show routing fib<\/span><\/td>\n<td>Display the forwarding table.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">test routing fib-lookup virtual-router <span class=\"patable_cmd_cur\">&lt;name&gt;<\/span> | match <span class=\"patable_cmd_cur\">&lt;x.x.x.x\/Y&gt;<\/span><\/span><\/td>\n<td>Look at routes for a specific destination.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">test routing fib-lookup virtual-router <span class=\"patable_cmd_cur\">&lt;name&gt;<\/span> ip <span class=\"patable_cmd_cur\">&lt;ip&gt;<\/span><\/span><\/td>\n<td>Check FIB for a specific ip address.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">ping host <span class=\"patable_cmd_cur\">&lt;destination ip address&gt;<\/span><\/span><\/td>\n<td>Ping from the management (MGT) interface to a destination IP address.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">ping source <span class=\"patable_cmd_cur\">&lt;ip address on dataplane&gt;<\/span> host <span class=\"patable_cmd_cur\">&lt;destination ip address&gt;<\/span><\/span><\/td>\n<td>Indicates how many times a device has transitioned between HA states.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show routing protocol bgp summary<\/span><\/td>\n<td>Display BGP router ids.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug routing restart<\/span><\/td>\n<td>Restart routing service.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug routing global on <span class=\"patable_cmd_cur\">&lt;level&gt;<\/span><\/span><\/td>\n<td>Turn on routing debug logging.<\/p>\n<ul>\n<li><b>debug<\/b>:  Output error, warning, info and debug logs<\/li>\n<li><b>dump<\/b>:   Output error, warning, info, debug and verbose logs<\/li>\n<li><b>error<\/b>:  Only output error logs<\/li>\n<li><b>normal<\/b>: Only output error, warning and info logs<\/li>\n<li><b>warn<\/b>:   Only output error and warning logs<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug software logging-level set level default service routed<\/span><\/td>\n<td>Set logging level back to default.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">tail follow yes mp-log routed.log<\/span><\/td>\n<td>Check routed logs.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug routing pcap <span class=\"patable_cmd_cur\">&lt;routing protcol&gt;<\/span> on<\/span><\/td>\n<td>Enable packet capturing.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug routing pcap <span class=\"patable_cmd_cur\">&lt;routing protcol&gt;<\/span> off<\/span><\/td>\n<td>Disable packet capturing.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"session\" colspan=\"2\">Session Information<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">show session info<\/span><\/td>\n<td>Numbers of active sessions, statistics throughput timers and TCP\/UDP settings.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show session all<\/span><\/td>\n<td>Shows when HA1 and HA1-backup links were last reestablished.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show session id <span class=\"patable_cmd_cur\">&lt;id&gt;<\/span><\/span><\/td>\n<td>Show all the information for a specific session ID.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">clear session id <span class=\"patable_cmd_cur\">&lt;id&gt;<\/span><\/span><\/td>\n<td>Clear active session.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system statistics<\/span><\/td>\n<td>View the current throughput and statistics.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show session all filter [ define filter options ]<\/span><\/td>\n<td>Display sessoions based on the define filter ex. source ip.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"ipsec\" colspan=\"2\">IPsec VPN<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">show vpn ike-sa [ detail | gateway | match ]<\/span><\/td>\n<td>Show IKE SA (IKE Phase I).<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show vpn ipsec-sa [ match | summary | tunnel ]<\/span><\/td>\n<td>Show IPSec SA (IKE Phase II).<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show vpn tunnel [ match | name ]<\/span><\/td>\n<td>Show for given VPN tunnel.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show vpn gateway [ match | name ]<\/span><\/td>\n<td>Show list of IKE gateway configuration.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show vpn flow<\/span><\/td>\n<td>Show dataplane IPSec-VPN tunnel information.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show vpn flow tunnel-id <span class=\"patable_cmd_cur\">&lt;id&gt;<\/span><\/span><\/td>\n<td>Show for given VPN tunnel.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show vpn flow name <span class=\"patable_cmd_cur\">&lt;tunnel.id\/tunnel.name&gt;<\/span><\/span><\/td>\n<td>Show specific tunnel information.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show session all filter protocol 50<\/span><\/td>\n<td>Show sessions for ESP packets.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">test vpn ike-sa gateway <span class=\"patable_cmd_cur\">&lt;gateway-name&gt;<\/span><\/span><\/td>\n<td>Initiate Phase 1 for a specific gateway.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">test vpn ipsec sa tunnel <span class=\"patable_cmd_cur\">&lt;tunnel-name&gt;<\/span><\/span><\/td>\n<td>Initiate Phase 2 for a specific tunnel without generating traffic.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">clear vpn ike-sa gateway <span class=\"patable_cmd_cur\">&lt;gateway-name&gt;<\/span><\/span><\/td>\n<td>Clear for given IKE gateway.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">clear vpn ipsec-sa tunnel <span class=\"patable_cmd_cur\">&lt;tunnel-name&gt;<\/span><\/span><\/td>\n<td>Clear for given VPN tunnel.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">clear vpn flow tunnel-id <span class=\"patable_cmd_cur\">&lt;tunnel id-number&gt;<\/span><\/span><\/td>\n<td>Clear specific tunnel.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug ike stat [ ipsec | isakmp | &#8230; ]<\/span><\/td>\n<td>Show IKE daemon statistics.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug ike global on <span class=\"patable_cmd_cur\">&lt;level&gt;<\/span><\/span><\/td>\n<td>Turn on ikemgr debug logging.<\/p>\n<ul>\n<li><b>debug<\/b>:  Output error, warning, info and debug logs<\/li>\n<li><b>dump<\/b>:   Output error, warning, info, debug and verbose logs<\/li>\n<li><b>error<\/b>:  Only output error logs<\/li>\n<li><b>normal<\/b>: Only output error, warning and info logs<\/li>\n<li><b>warn<\/b>:   Only output error and warning logs<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug ike global off<\/span><\/td>\n<td>Turn off ikemgr debug logging.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">less mp-log ikemgr.log<\/span><\/td>\n<td>Review detail logging information, based on the logging debug level.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug ike pcap on<\/span><\/td>\n<td>To view the main\/aggressive and quick mode negotiations, it is possible to turn on pcaps for capturing these negotiations. Messages 5 and 6 onwards in the main mode and all the packets in the quick mode have their data payload encrypted.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug ike pcap off<\/span><\/td>\n<td>Turn off packet capturing.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug ike pcap delete<\/span><\/td>\n<td>Delete pcap existing pcap files.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">view-pcap &lt;options debug-pcap ikemgr.pcap<\/span><\/td>\n<td>View the content from the pcap file on the cli.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">[ tftp | scp ]scp export debug-pcap <span class=\"patable_cmd_cur\">&lt;filename&gt;<\/span><\/span><\/td>\n<td>Export pcap files via tftp or scp.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"ssl\" colspan=\"2\">SSL Decryption<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">show system setting ssl-decrypt setting<\/span><\/td>\n<td>Show ssl-decryption settings.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system setting ssl-decrypt certificate<\/span><\/td>\n<td>Display the list of ssl-decrypt certificates loaded on the dataplane.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system setting ssl-decrypt certificate-cache<\/span><\/td>\n<td>Display the list of cached certificates loaded on the dataplane.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system setting ssl-decrypt dns-cache<\/span><\/td>\n<td>Display the list of cached DNS entries.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system setting ssl-decrypt memory<\/span><\/td>\n<td>Show the SSL decryption memory usage.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show system setting ssl-decrypt exclude-cache<\/span><\/td>\n<td>Display the list of cached servers excluded from decryption.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane reset ssldecrypt exclude-cache application <span class=\"patable_cmd_cur\">&lt;application-name&gt;<\/span><\/span><\/td>\n<td>Clear all exclude cache in dataplane based on application.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane reset ssldecrypt exclude-cache server <span class=\"patable_cmd_cur\">&lt;IP-address:port&gt;<\/span><\/span><\/td>\n<td>Clear all exclude cache in dataplane based on IPs.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">set system setting ssl-decrypt skip-ssl-decrypt yes<\/span><\/td>\n<td>Temporarily disable SSL decryption.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">set system setting ssl-decrypt skip-ssl-decrypt no<\/span><\/td>\n<td>Re-enable SSL decryption.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"userid\" colspan=\"2\">User-ID<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">show user user-id-agent state all<\/span><\/td>\n<td>Display all configured Windows-based agents.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user server-monitor state all<\/span><\/td>\n<td>Display the PAN-OS-integrated agent is configuration.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user server-monitor statistics<\/span><\/td>\n<td>Display how many log messages came in from syslog senders and how many entries the User-ID agent successfully mapped.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user user-id-agent config name <span class=\"patable_cmd_cur\">&lt;agent-name&gt;<\/span><\/span><\/td>\n<td>Display the configuration of a User-ID agent from the Palo Alto Networks device.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user group-mapping statistics<\/span><\/td>\n<td>Show group mapping statistics.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user group-mapping state all<\/span><\/td>\n<td>Show state of one or all group mapping data.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user group list<\/span><\/td>\n<td>List All groups.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user group name <span class=\"patable_cmd_cur\">&lt;group-name&gt;<\/span><\/span><\/td>\n<td>Show group&#8217;s members.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user ip-user-mapping all<\/span><\/td>\n<td>Display all user mappings on the Palo Alto Networks device.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user ip-user-mapping all | match \\\\<span class=\"patable_cmd_cur\">&lt;username-string&gt;<\/span><\/span><\/td>\n<td>Show user mappings filtered by a username string (if the string includes the domain name, use two backslashes before the username).<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user ip-user-mapping ip <span class=\"patable_cmd_cur\">&lt;ip-address&gt;<\/span><\/span><\/td>\n<td>Show user mappings for a specific IP address.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show user user-ids<\/span><\/td>\n<td>Display usernames.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show log userid datasourcetype equal <span class=\"patable_cmd_cur\">&lt;authentication-service&gt;<\/span><\/span><\/td>\n<td>Display mappings from a particular type of authentication service.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show log userid datasourcename equal <span class=\"patable_cmd_cur\">&lt;agent-name&gt;<\/span> direction equal backward<\/span><\/td>\n<td>View the most recent addresses learned from a particular User-ID agent.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">clear user-cache all<\/span><\/td>\n<td>Clear the User-ID cache.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">clear user-cache ip <span class=\"patable_cmd_cur\">&lt;ip-address\/netmask&gt;<\/span><\/span><\/td>\n<td>Clear a User-ID mapping for a specific IP address.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"gp\" colspan=\"2\">Global Protect<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect-gateway current-satellite<\/span><\/td>\n<td>Show current GlobalProtect gateway satellites.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect-gateway current-user<\/span><\/td>\n<td>Show current GlobalProtect gateway users.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect-gateway flow<\/span><\/td>\n<td>Show dataplane GlobalProtect gateway tunnel information.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect-gateway flow-site-to-site<\/span><\/td>\n<td>Show dataplane GlobalProtect site-to-site gateway tunnel information.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect-gateway gateway<\/span><\/td>\n<td>Show list of GlobalProtect gateway configuration.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect-gateway previous-satellite<\/span><\/td>\n<td>Show previous GlobalProtect gateway satellites.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect-gateway previous-user<\/span><\/td>\n<td>Show previous user session for GlobalProtect gateway users.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect-gateway statistics<\/span><\/td>\n<td>Show statistics of current GlobalProtect gateway users.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect global-protect<\/span><\/td>\n<td>Show settings for GlobalProtect.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect global-protect-gateway <\/span><\/td>\n<td>Show GlobalProtect gateway run-time objects.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect global-protect-mdm<\/span><\/td>\n<td>Show settings for GlobalProtect MDM.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect global-protect-portal<\/span><\/td>\n<td>Show gloabl protect poral user session info.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show global-protect global-protect-satellite<\/span><\/td>\n<td>Show GlobalProtect satellite run-time objects.<\/td>\n<\/tr>\n<tr>\n<td>PanGPS.log<\/td>\n<td>PanGPS contains the GlobalProtect service\/daemon events (Global Protect Agent).<\/td>\n<\/tr>\n<tr>\n<td>PanGPA.log<\/td>\n<td>PanGPA is contains the GlobalProtect UI events (Global Protect Agent).<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"patable\">\n<thead>\n<tr>\n<th id=\"profile\" colspan=\"2\">Security Profiles<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><span class=\"patable_cmd\">test url <\/span><\/td>\n<td>Test the categorization of a URL on the device.<br \/>\n<b>URL Filtering<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">test url-info-cloud <\/span><\/td>\n<td>Test the categorization of a URL in the cloud.<br \/>\n<b>URL Filtering<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show log url direction equal backward<\/span><\/td>\n<td>Display the URL log, most recent entries first.<br \/>\n<b>URL Filtering<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show url-cloud status<\/span><\/td>\n<td>Check URL cloud status.<br \/>\n<b>URL Filtering<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug dataplane show url-cache statistic<\/span><\/td>\n<td>Display statistics on the URL cache.<br \/>\n<b>URL Filtering<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">clear url-cache all<\/span><\/td>\n<td>Clear URL cache.<br \/>\n<b>URL Filtering<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">clear url-cache url <\/span><\/td>\n<td>Clear specific entry from cache.<br \/>\n<b>URL Filtering<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">debug wildfire upload-log show<\/span><\/td>\n<td>Verify file submission.<br \/>\n<b>Wildfire<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">request wildfire registration<\/span><\/td>\n<td>Ensure the management port is able to communicate with the WildFire<br \/>\n<b>Wildfire<\/b>.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show wildfire status<\/span><\/td>\n<td>Verify WildFire operation.<br \/>\n<b>Wildfire<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show wildfire statistics<\/span><\/td>\n<td>view the detail of the file forwarding statistics in each file types.<br \/>\n<b>Wildfire<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show wildfire cloud-info<\/span><\/td>\n<td>Show Wildfire Cloud Info (Private and Public Cloud, Supported File Types.<\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">[ less | tail | grep ] mp-log wildfire-upload.log<\/span><\/td>\n<td>Display the Wildfire logs.<br \/>\n<b>Wildfire<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show wildfire status channel public<\/span><\/td>\n<td>shows the selected best server as well as the registration status.<br \/>\n<b>Wildfire<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show wildfire-realtime-cache<\/span><\/td>\n<td>Show WildFire Realtime virus cache entries.<br \/>\n<b>Wildfire<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show wildfire-realtime-cloud-status<\/span><\/td>\n<td>Show WildFire Realtime cloud status.<br \/>\n<b>Wildfire<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show wildfire-realtime-stats<\/span><\/td>\n<td>Show WildFire Realtime statistics.<br \/>\n<b>Wildfire<\/b><\/td>\n<\/tr>\n<tr>\n<td><span class=\"patable_cmd\">show bad-custom-signature<\/span><\/td>\n<td>Show bad performance custom signatures.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Overview CLI Basics System Defaults and Management Interface Software, Updates and License Reboot and Shutdown Configuration Mode Maintenance Mode Commit and Jobs Packet Capturing System Overview Services Overview High-Availability Routing Session Information IPsec VPN SSL Decryption User-ID Global Protect Security Profile<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[15,6],"class_list":["post-237","post","type-post","status-publish","format-standard","hentry","category-palo-alto-networks","tag-cli-cheat-sheet","tag-palo-alto-networks"],"_links":{"self":[{"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/posts\/237","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=237"}],"version-history":[{"count":114,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/posts\/237\/revisions"}],"predecessor-version":[{"id":496,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=\/wp\/v2\/posts\/237\/revisions\/496"}],"wp:attachment":[{"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=237"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=237"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.helge-meyer.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=237"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}