PAN-OS: Show log system

show log system receive_time in last-6-hrs
show log system severity greater-than-or-equal medium

• show log system severity equal <critical|high|medium|low|informational>
• show log system severity not-equal <critical|high|medium|low|informational>
• show log system severity greater-than-or-equal <critical|high|medium|low|informational>
• show log system severity less-than-or-equal <critical|high|medium|low|informational>

Examples:

• show log system direction equal backward severity not-equal informational
• show log system direction equal backward severity greater-than-or-equal high

LDAP

2020/03/06 10:54:21 medium   userid  10.10. connect 0  ldap cfg XX_XX_XXXXX failed to connect to server 10.10.XXX.XX:389: Error: Failed to connect to 10.10.XXX.XX(10.10.XXX.XX):389Error: Failed to connect to 10.10.XXX.xx(10.10.xxx.xx):389

GlobalProtect logs

 2017/05/06 15:11:22 info     globalp Global globalp 0  GlobalProtect gateway client switch to SSL tunnel mode succeeded. User name: NAME Private IP: 10.10.10.10

2018/05/06 15:22:55 info     auth    Authen auth-su 0  authenticated for user '[email protected]'.   auth profile 'Authentication-Seq', vsys 'vsys1', server profile 'My_Radius_server', server address '10.10.10.43', auth protocol 'PAP', From: 12.14.17.23.

2017/05/06 18:18:47 info     globalp Global globalp 0  GlobalProtect gateway user logout succeeded. User name: USERNAME, Client OS version: Apple iOS 13.3.1, Reason: user session expired'.

2017/05/06 18:08:50 info     globalp Global globalp 0  GlobalProtect portal client configuration generated. Login from: 156.20.23.xxx, Source region: XX, User name: USERNAME, Client OS version: Apple Mac OS X 10.15.4, Config name: you_GP_Portal_Agent, Client OS: Mac, Machine Certificate CN : , Host ID: xx:xx:e7:50:a1:xx, Serial No : XVFYT0LLM6XX

2017/05/06 18:16:43 info     globalp Global globalp 0  GlobalProtect portal client configuration failed. Login from: 156.20.23.xxx, Source region: XX, User name: USERNAME,, Client OS version: Apple Mac OS X 10.15.4, Machine Certificate CN : (null), Host ID: xx:xx:e7:50:a1:xx, Serial No : XVFYT0LLM6XX

Related commands

• match

See also

• show (PAN-OS), show log (system|config|alarm), show system info, show system state, show system resources, show system resource follow
• PAN-OS (Palo Alto): PAN-OS Releases, show vpn, GlobalProtect, GlobalProtect logs, WildFire, show log, show session all, MDM, match, PAN-OS reports, HIP, Zone