All things Palo Alto Networks

  • Blog

  • Forum

  • Members

  • More

    Use tab to navigate through the menu items.
    To see this working, head to your live site.
    • Categories
    • All Posts
    • My Posts
    Darren Bisbey
    Jan 13, 2021
    Edited: Jan 13, 2021

    Performance tweaks

    in General discussion

    Firstly, Happy new year to all!!


    I noticed on post from sometime ago on live and wondered how I would go about this...


    "Remove logging of non user significant traffic like DNS, NetBios, Dynamic Routing protocols, SNMP, ICMP"


    Jut trying to fine tune our VM and as Reaper said in another live statement 'DNS is chatty' but for the life of me I cannot figure how to omit DNS traffic from monitor logs.


    Or have I missed the point??


    D.

    2 comments
    2 Comments
    R
    Reaper
    Jan 13, 2021

    Hi Darren, best wishes for 2021! It's actually quite simple: create a new rule for dns, and disable logging This will omit all 'traffic' log but will still pick up on threats Repeat for other applications you don't want filling your firewall log :)

    Like
    R
    Reaper
    Jan 13, 2021
    Replying to

    log forwarding for the threats to panorama or syslog will also keep working (just not for traffic log)


    Like
    2 comments
    Similar Posts
    • Migration / Import of configuration only to a destination vsys, a particular vsys
    • Doubt about “Share Unused Address and Service Objects with Devices” in Panorama
    • PANORAMA does not show the configuration or system logs of the firewalls
     
    • Mastering Palo Alto Networks
    • PANgurus LinkedIn

    Subscribe Form

    Privacy Policy

    Terms of use

    ©2020 by PANgurus.