Audit Log Fields
Focus
Focus

Audit Log Fields

Table of Contents

Audit Log Fields

Details about the fields in the Next-Gen firewall Audit logs.
Where Can I Use This?What Do I Need?
  • Next-Gen Firewall
  • Panorama™ management server
  • Support license
  • (Panorama) Device management license
Format: Serial Number, Generate Time, Threat/Content Type, FUTURE_USE, Event ID, Object, CLI Command, Severity
Field Name
Description
Serial Number
Serial number of the firewall or Panorama that generated the log.
Generate Time
Time the log was generated on the dataplane.
Threat/Content Type (subtype)
Specifies the type of log; value is AUDIT.
Audit logs are a subytpe of System logs.
Event ID
Source of the command that generated the audit log. Values include the following as a source of the command:
  • cli—Firewall or Panorama command line.
  • gui—Navigation in the firewall or Panorama web interface.
  • gui-op—Operational command from the firewall or Panorama web interface.
  • gnmi—OpenConfig plugin.
  • rest—PAN-OS REST API.
Object
Name of the administrator which executed the command that generated the log.
CLI Command
Command executed that generated the log.
Severity
Completion status for the command that generated the log; value can be none, success, or failure.