This is a cheat list of the most used operational and troubleshooting commands used in Palo Alto PAN-OS. If you want to contribute with more commands, please drop us an email at Esta dirección de correo electrónico está siendo protegida contra los robots de spam. Necesita tener JavaScript habilitado para poder verlo.
| User ID Commands | ||
| show user server-monitor state all | To see the configuration status of PAN-OS integrated agent | |
| show user user-id-agent state all | To see all configured Windows-based agents | |
| show user user-id-agent configname | To view the configuration of a User-ID agent from the PaloAlto Networks device | |
| show user server-monitor statistics | To view how many log messages came in from syslog senders and how many entries the User-ID agentsuccessfully mapped | |
| show user user-id-agent configname | To view the configuration of a User-ID agent from the PaloAlto Networks device | |
| show user ip-user-mapping ip | To display user mappings for a specific IP address | |
| show user user-ids | To display usernames | |
| clear user-cache ip | To clear a User-ID mapping for a specific IP address | |
| show admins all | Show the administrators who can access the web interface, CLI, or API | |
| clear user-cache all | To clear the User-ID cache | |
| NAT Commands | ||
| test nat-policy-match | Test the NAT policy | |
| show running nat-policy | Displays the NAT policy table | |
| show running ippoolshow running global-ippool | Displays NAT pool utilization | |
| Troubleshooting Commands | ||
| show netstat statistics yes | Displays network statistics | |
| ping host | Ping from the management (MGT) interface to a destination IP address | |
| ping source host | Ping from a data plane interface to a destination IP address | |
| Device Management Commands | ||
| show routing route | Display the routing table | |
| show routing fib virtual-router<name| match <x.x.x.x/Y> | Look at routes for a specific destination | |
| show system disk-space | Displays percent usage of disk partitions | |
| show system info | Displays general system-health information | |
| request restart system | Restart the device | |
| less mp-log authd.log | Displays the authentication logs | |
| show running security-policy | Displays the running security policy | |
| show system logdb-quota | Displays the maximum log file size | |
| show system software status | Displays running processes | |
| show system resources | Displays processes running in the management plane | |
| show session info | Displays session information | |
| show session id | Displays information about a specific session | |
| show running resource-monitor | Displays resource utilization in the dataplane | |
| request license info | Displays the licenses installed on the device | |
| show jobs processed | Displays when commits, downloads, and/or upgrades arecompleted | |
| show CPU usage | Shows CPU usage | |
| IPSec Commands | ||
| show vpn tunnel | Displays a list of auto-key IPSec tunnel configurations | |
| show vpn flow | Displays IPSec counters | |
| show vpn ipsec-sa | Displays IKE phase 2 SAs | |
| show vpn ike-sa | Displays IKE phase 1 SAs | |
| show vpn gateway | Displays a list of all IPSec gateways and their configurations | |
| Environmental Commands | ||
| show system environmental | Shows environmental health of system | |
| show temperature | Shows temperature | |