Hi all,
I am trying to see if there is a way to run a report on policy ids that have a counter value of either zero or less than a particular value, for example less than 500k. I am trying to perform some policy clean up and want to get rid of rules that have not gotten any hits for the past quarter (3 months). If i can help it, I dont want to generate a report on all rules and weed out the ones that have zero. Any thoughts are appreciated.
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello
There is a dataset called "bandwidth-app-Top-Policies-By-Bandwidth-Sessions", you could modify order by bandwidth descending to order by bandwidth ascending, then you get a list starting with useless or less used policies. But less used doesn't usually mean useless... That's why, in order to rid your list from ancient policies which had traffic some time ago but are now bypassed, I think you should find a way to reset the counters in CLI before running the dataset, then run it at least for a week or a month (maybe you have some guys that place bets or an app that updates a database; let's forget the rest, they'll call you when in distress).
Happy garbage collect!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1632 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.