Why would a traffic log list an application as "not-applicable"?
Why would a traffic log list an application as "not-applicable"?
A traffic log would list an application as 'not-applicable' if the firewall denied the traffic before the application match could be performed. This occurs because the traffic was dropped or denied based on a security rule before any application data could be identified.
C is correct https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClspCAC
C is correct
C correct
C is correct
C is correct
i agree with "C"
"Not-applicable" means that the Palo Alto Firewall has received data that will be discarded because the port or service that the traffic is coming in on was not allowed. Or there is no policy allowing that port or service.
" If traffic hits a security rule that's set to "deny," based on any parameter before the application, the traffic log shows the application as not-applicable. This occurs because the traffic was dropped or denied before the application match could be performed." https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClspCAC#:~:text=If%20traffic%20hits%20a%20security,application%20match%20could%20be%20performed.&text=Traffic%20Log%20for%20this%20deny%20logs.
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/use-auto-tagging-to-automate-security-actions
C is *more* correct as not-applicable applies to both *UDP* and TCP.