Global counters (ssh log)

Global counters:Elapsed time since last sampling: 521.351 seconds

name value rate severity category aspect description--------------------------------------------------------------------------------pkt_sent 29265 56 info packet pktproc Packets transmittedpkt_outstanding 55631 106 info packet pktproc Outstanding packet to be transmittedpkt_alloc 41649 79 info packet resource Packets allocatedpkt_swbuf_clone 4 0 info packet pktproc Packets replicated using software buffersession_allocated 3720 7 info session resource Sessions allocatedsession_freed 514 0 info session resource Sessions freedsession_installed 3670 7 info session resource Sessions installedsession_predict_dst 4 0 info session resource Active dst predict sessionsflow_ipv6_disabled 108 0 drop flow parse Packets dropped: IPv6 disabled on interfaceflow_policy_deny 371 0 drop flow session Session setup: denied by policyflow_tcp_non_syn 609 1 info flow session Non-SYN TCP packets without session matchflow_tcp_non_syn_drop 609 1 drop flow session Packets dropped: non-SYN TCP without session matchflow_fwd_l3_mcast_drop 1357 2 drop flow forward Packets dropped: no route for IP multicastflow_fwd_l3_ttl_zero 15 0 drop flow forward Packets dropped: IP TTL reaches zeroflow_fwd_zonechange 17922 34 drop flow forward Packets dropped: forwarded to different zoneflow_fwd_mtu_exceeded 5 0 info flow forward Packets lengths exceeded MTUflow_ipfrag_recv 10 0 info flow ipfrag IP fragments receivedflow_ipfrag_free 5 0 info flow ipfrag IP fragments freed after defragmentationflow_ipfrag_merge 5 0 info flow ipfrag IP defragmentation completedflow_ipfrag_swbuf 5 0 info flow ipfrag Software buffers allocated for reassembled IP packetflow_ipfrag_frag 10 0 info flow ipfrag IP fragments transmittedflow_action_predict 5 0 info flow pktproc Predict sessions createdflow_predict_session_dup 43 0 info flow session Duplicate Predict Session installation attemptsflow_arp_pkt_rcv 402 0 info flow arp ARP packets receivedflow_arp_pkt_replied 37 0 info flow arp ARP requests repliedflow_arp_pkt_learned 2 0 info flow arp ARP entry learnedflow_arp_rcv_gratuitous 2 0 info flow arp Gratuitous ARP packets receivedflow_host_pkt_xmt 26366 50 info flow mgmt Packets transmitted to control planeflow_host_service_allow 1160 2 info flow mgmt Device management session allowed

flow_host_service_deny 91 0 drop flow mgmt Device management session deniedflow_host_vardata_rate_limit_ok 25151 48 info flow mgmt Host vardata not sent: rate limit okappid_override 261 0 info appid pktproc Application identified by override ruleappid_ident_by_icmp 264 0 info appid pktproc Application identified by icmp typeappid_ident_by_dport_first 1695 3 info appid pktproc Application identified by L4 dport firstappid_ident_by_dport 1 0 info appid pktproc Application identified by L4 dportappid_proc 113 0 info appid pktproc The number of packets processed by Application identificationappid_use_dfa_1 68 0 info appid pktproc The number of packets using the second DFA tableappid_unknown_max_pkts 1 0 info appid pktproc The number of unknown applications caused by max. packets reachedappid_unknown_udp 1 0 info appid pktproc The number of unknown UDP applications after app engineappid_unknown_fini_empty 212 0 info appid pktproc The number of unknown applications because of no datanat_dynamic_port_xlat 2905 5 info nat resource The total number of dynamic_ip_port NAT translate callednat_dynamic_port_release 401 0 info nat resource The total number of dynamic_ip_port NAT release calleddfa_dte_request_total 16806 32 info dfa offload The total number of dfa match using dtedfa_hte_in_cache_lookup 10269 19 info dfa offload The total number of requests to an in cache HFA graphdfa_hfa_lookup_too_many_matches 3 0 info dfa resource too many matches in HFA loouptcp_drop_packet 351 0 warn tcp pktproc packets dropped because of failure in tcp reassemblytcp_pkt_queued 4294967295 8238149 info tcp resource The number of out of order packets queued in tcptcp_case_2 320 0 info tcp pktproc tcp reassembly case 2tcp_case_3 3 0 info tcp pktproc tcp reassembly case 3ctd_sml_exit 1 0 info ctd pktproc The number of sessions with sml exitctd_sml_exit_detector_i 59 0 info ctd pktproc The number of sessions with sml exit in detector ictd_stop_proc 1 0 info ctd pktproc ctd stop procctd_err_bypass 60 0 info ctd pktproc ctd error bypassctd_run_pattern_match_failure 29 0 info ctd pktproc Run pattern match failurectd_do_pattern_match 29 0 info ctd pktproc do pattern matchctd_sml_vm_run_impl_opcodeexit 61 0 info ctd pktproc SML VM opcode exitctd_sml_vm_run_impl_immed8000 90 0 info ctd pktproc SML VM immed8000ctd_sml_vm_check_domain 3604 6 info ctd pktproc sml vm check domainctd_sml_opcode_set_file_type 70 0 info ctd pktproc sml opcode set file typectd_filter_decode_failure_zip 6 0 error ctd pktproc Number of decode filter failure for zipctd_bloom_filter_nohit 7208 13 info ctd pktproc The number of no match for virus bloom filter

ctd_fwd_dns_record 453 0 info ctd pktproc DNS forward: number of dns records forwardedfpga_request 16370 31 info fpga offload The outstanding requests to FPGAaho_fpga 16370 31 info aho resource The total requests to FPGA for AHOaho_too_many_matches 1 0 info aho pktproc too many signature matches within one packetaho_sw 224 0 info aho pktproc The total usage of software for AHOctd_appid_reassign 48 0 info ctd pktproc appid was changedctd_decoder_reassign 1 0 info ctd pktproc decoder was changedctd_pkt_slowpath 16706 32 info ctd pktproc Packets processed by slowpathlog_traffic_cnt 460 0 info log system Number of traffic logsurl_db_request 23 0 info url pktproc Number of URL database requesturl_request_pkt_drop 105 0 drop url pktproc The number of packets get dropped because of waiting for url category requestzip_process_total 259 0 info zip pktproc The total number of zip engine decompress processzip_process_failure 6 0 info zip pktproc The number of failures for zip decompress process--------------------------------------------------------------------------------Total counters shown: 74--------------------------------------------------------------------------------

drowell@palo-gla-1> show counter global filter packet-filter yes delta yes


name value rate severity category aspect description--------------------------------------------------------------------------------pkt_sent 203 19 info packet pktproc Packets transmittedpkt_outstanding 204 19 info packet pktproc Outstanding packet to be transmittedpkt_alloc 140 13 info packet resource Packets allocatedsession_allocated 66 6 info session resource Sessions allocatedsession_freed 13 1 info session resource Sessions freedsession_installed 63 6 info session resource Sessions installedflow_policy_deny 5 0 drop flow session Session setup: denied by policyflow_tcp_non_syn 15 1 info flow session Non-SYN TCP packets without session matchflow_tcp_non_syn_drop 15 1 drop flow session Packets dropped: non-SYN TCP without session matchflow_fwd_l3_mcast_drop 24 2 drop flow forward Packets dropped: no route for IP multicastflow_fwd_zonechange 370 35 drop flow forward Packets dropped: forwarded to different zoneflow_predict_session_dup 3 0 info flow session Duplicate Predict Session installation attemptsflow_host_pkt_xmt 1 0 info flow mgmt

Packets transmitted to control planeappid_override 9 0 info appid pktproc Application identified by override ruleappid_ident_by_icmp 2 0 info appid pktproc Application identified by icmp typeappid_ident_by_dport_first 2 0 info appid pktproc Application identified by L4 dport firstappid_unknown_fini_empty 10 0 info appid pktproc The number of unknown applications because of no datanat_dynamic_port_xlat 63 6 info nat resource The total number of dynamic_ip_port NAT translate callednat_dynamic_port_release 10 0 info nat resource The total number of dynamic_ip_port NAT release calleddfa_dte_request_total 140 13 info dfa offload The total number of dfa match using dtedfa_hte_in_cache_lookup 23 2 info dfa offload The total number of requests to an in cache HFA graphctd_sml_vm_check_domain 4 0 info ctd pktproc sml vm check domainctd_bloom_filter_nohit 8 0 info ctd pktproc The number of no match for virus bloom filterfpga_request 138 13 info fpga offload The outstanding requests to FPGAaho_fpga 138 13 info aho resource The total requests to FPGA for AHOctd_pkt_slowpath 140 13 info ctd pktproc Packets processed by slowpathlog_traffic_cnt 10 0 info log system Number of traffic logs--------------------------------------------------------------------------------Total counters shown: 27--------------------------------------------------------------------------------



name value rate severity category aspect description--------------------------------------------------------------------------------pkt_sent 115 27 info packet pktproc Packets transmittedpkt_outstanding 115 27 info packet pktproc Outstanding packet to be transmittedpkt_alloc 91 21 info packet resource Packets allocatedsession_allocated 37 8 info session resource Sessions allocatedsession_freed 1 0 info session resource Sessions freedsession_installed 36 8 info session resource Sessions installedflow_tcp_non_syn 6 1 info flow session Non-SYN TCP packets without session matchflow_tcp_non_syn_drop 6 1 drop flow session Packets dropped: non-SYN TCP without session matchflow_fwd_l3_mcast_drop 10 2 drop flow forward Packets dropped: no route for IP multicastflow_fwd_zonechange 238 56 drop flow forward Packets dropped: forwarded to different zoneflow_predict_session_dup 1 0 info flow session Duplicate Predict Session installation attemptsflow_arp_pkt_rcv 10 2 info flow arp

ARP packets receivedappid_override 3 0 info appid pktproc Application identified by override rulenat_dynamic_port_xlat 36 8 info nat resource The total number of dynamic_ip_port NAT translate calleddfa_dte_request_total 91 21 info dfa offload The total number of dfa match using dtedfa_hte_in_cache_lookup 9 2 info dfa offload The total number of requests to an in cache HFA graphtcp_drop_packet 1 0 warn tcp pktproc packets dropped because of failure in tcp reassemblyctd_sml_vm_check_domain 1 0 info ctd pktproc sml vm check domainctd_bloom_filter_nohit 2 0 info ctd pktproc The number of no match for virus bloom filterfpga_request 91 21 info fpga offload The outstanding requests to FPGAaho_fpga 91 21 info aho resource The total requests to FPGA for AHOctd_pkt_slowpath 91 21 info ctd pktproc Packets processed by slowpath--------------------------------------------------------------------------------Total counters shown: 22--------------------------------------------------------------------------------



name value rate severity category aspect description--------------------------------------------------------------------------------pkt_sent 680 23 info packet pktproc Packets transmittedpkt_outstanding 729 25 info packet pktproc Outstanding packet to be transmittedpkt_alloc 602 20 info packet resource Packets allocatedsession_allocated 191 6 info session resource Sessions allocatedsession_freed 19 0 info session resource Sessions freedsession_installed 188 6 info session resource Sessions installedflow_policy_deny 14 0 drop flow session Session setup: denied by policyflow_tcp_non_syn 47 1 info flow session Non-SYN TCP packets without session matchflow_tcp_non_syn_drop 47 1 drop flow session Packets dropped: non-SYN TCP without session matchflow_fwd_l3_mcast_drop 70 2 drop flow forward Packets dropped: no route for IP multicastflow_fwd_zonechange 1211 42 drop flow forward Packets dropped: forwarded to different zoneflow_predict_session_dup 3 0 info flow session Duplicate Predict Session installation attemptsflow_arp_pkt_rcv 9 0 info flow arp ARP packets receivedflow_arp_pkt_replied 1 0 info flow arp ARP requests repliedflow_host_pkt_xmt 49 1 info flow mgmt Packets transmitted to control planeflow_host_service_allow 48 1 info flow mgmt

Device management session allowedflow_host_service_deny 8 0 drop flow mgmt Device management session deniedappid_override 19 0 info appid pktproc Application identified by override ruleappid_ident_by_icmp 18 0 info appid pktproc Application identified by icmp typeappid_ident_by_dport_first 54 1 info appid pktproappid_unknown_fini_empty 11 0 info appid pktpronat_dynamic_port_xlat 141 4 info nat resournat_dynamic_port_release 16 0 info nat resourdfa_dte_request_total 603 21 info dfa offloadfa_hte_in_cache_lookup 155 5 info dfa offloatcp_drop_packet 4 0 warn tcp pktproctd_sml_exit_detector_i 1 0 info ctd pktproctd_err_bypass 1 0 info ctd pktproctd_run_pattern_match_failure 1 0 info ctd pktproctd_do_pattern_match 1 0 info ctd pktproctd_sml_vm_run_impl_opcodeexit 1 0 info ctd pktproctd_sml_vm_check_domain 59 2 info ctd pktproctd_bloom_filter_nohit 118 4 info ctd pktproctd_fwd_dns_record 45 1 info ctd pktprofpga_request 598 20 info fpga offloaaho_fpga 598 20 info aho resourctd_pkt_slowpath 603 21 info ctd pktprolog_traffic_cnt 16 0 info log system--------------------------------------------------------------------------------Total counters shown: 38--------------------------------------------------------------------------------

drowell@palo-gla-1> ping 8.8.8.8

Invalid syntax.drowell@palo-gla-1> ping host 8.8.8.8PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.^C--- 8.8.8.8 ping statistics ---25 packets transmitted, 0 received, 100% packet loss, time 24016ms

drowell@palo-gla-1> ping host 8.8.8.8PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.^C--- 8.8.8.8 ping statistics ---8 packets transmitted, 0 received, 100% packet loss, time 7006ms

drowell@palo-gla-1> ping host 8.8.5.5PING 8.8.5.5 (8.8.5.5) 56(84) bytes of data.^C^[[A^C--- 8.8.5.5 ping statistics ---3 packets transmitted, 0 received, 100% packet loss, time 2003ms

drowell@palo-gla-1> ping+ bypass-routing Bypass routing table, use specified interface+ count Number of requests to send (1..2000000000 packets)+ do-not-fragment Don't fragment echo request packets (IPv4)+ inet6 Force to IPv6 destination+ interval Delay between requests (seconds)+ no-resolve Don't attempt to print addresses symbolically+ pattern Hexadecimal fill pattern+ size Size of request packets (0..65468 bytes)+ source Source address of echo request+ tos IP type-of-service value (0..255)+ ttl IP time-to-live value (IPv6 hop-limit value) (0..255 hops)+ verbose Display detailed output

* host Hostname or IP address of remote host

drowell@palo-gla-1> ping host 8.8.8.8PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.64 bytes from 8.8.8.8: icmp_seq=1 ttl=42 time=102 ms64 bytes from 8.8.8.8: icmp_seq=2 ttl=42 time=102 ms^C--- 8.8.8.8 ping statistics ---2 packets transmitted, 2 received, 0% packet loss, time 999msrtt min/avg/max/mdev = 102.308/102.341/102.374/0.033 msdrowell@palo-gla-1> show counter global filter packet-filter yes delta yes


name value rate severity category aspect description--------------------------------------------------------------------------------pkt_sent 8796 81 info packet pktproc Packets transmittedpkt_outstanding 8969 82 info packet pktproc Outstanding packet to be transmittedpkt_alloc 2874 26 info packet resource Packets allocatedsession_allocated 742 6 info session resource Sessions allocatedsession_freed 96 0 info session resource Sessions freedsession_installed 723 6 info session resource Sessions installedsession_predict_dst 1 0 info session resource Active dst predict sessionsflow_policy_deny 30 0 drop flow session Session setup: denied by policyflow_tcp_non_syn 78 0 info flow session Non-SYN TCP packets without session matchflow_tcp_non_syn_drop 78 0 drop flow session Packets dropped: non-SYN TCP without session matchflow_fwd_l3_mcast_drop 264 2 drop flow forward Packets dropped: no route for IP multicastflow_fwd_l3_ttl_zero 12 0 drop flow forward Packets dropped: IP TTL reaches zeroflow_fwd_zonechange 3213 29 drop flow forward Packets dropped: forwarded to different zoneflow_action_predict 2 0 info flow pktproc Predict sessions createdflow_predict_session_dup 17 0 info flow session Duplicate Predict Session installation attemptsflow_arp_pkt_rcv 17 0 info flow arp ARP packets receivedflow_arp_pkt_replied 3 0 info flow arp ARP requests repliedflow_host_pkt_xmt 173 1 info flow mgmt Packets transmitted to control planeflow_host_service_allow 165 1 info flow mgmt Device management session allowedflow_host_service_deny 12 0 drop flow mgmt Device management session deniedappid_override 126 1 info appid pktproc Application identified by override ruleappid_ident_by_icmp 73 0 info appid pktproc Application identified by icmp typeappid_ident_by_dport_first 176 1 info appid pktproc Application identified by L4 dport first

appid_proc 94 0 info appid pktproc The number of packets processed by Application identificationappid_use_dfa_1 15 0 info appid pktproc The number of packets using the second DFA tableappid_unknown_fini_empty 54 0 info appid pktproc The number of unknown applications because of no datanat_dynamic_port_xlat 592 5 info nat resource The total number of dynamic_ip_port NAT translate callednat_dynamic_port_release 68 0 info nat resource The total number of dynamic_ip_port NAT release calleddfa_dte_request_total 3033 28 info dfa offload The total number of dfa match using dtedfa_hte_in_cache_lookup 1466 13 info dfa offload The total number of requests to an in cache HFA graphtcp_drop_packet 25 0 warn tcp pktproc packets dropped because of failure in tcp reassemblytcp_case_2 2 0 info tcp pktproc tcp reassembly case 2ctd_sml_exit 1 0 info ctd pktproc The number of sessions with sml exitctd_sml_exit_detector_i 56 0 info ctd pktproc The number of sessions with sml exit in detector iappid_bypass_no_ctd 74 0 info appid pktproc appid bypass due to no ctdctd_stop_proc 3 0 info ctd pktproc ctd stop procctd_err_bypass 57 0 info ctd pktproc ctd error bypassctd_run_pattern_match_failure 4 0 info ctd pktproc Run pattern match failurectd_do_pattern_match 4 0 info ctd pktproc do pattern matchctd_sml_vm_run_impl_opcodeexit 57 0 info ctd pktproc SML VM opcode exitctd_sml_vm_run_impl_immed8000 2 0 info ctd pktproc SML VM immed8000ctd_sml_vm_check_domain 262 2 info ctd pktproc sml vm check domainctd_sml_opcode_set_file_type 2 0 info ctd pktproc sml opcode set file typectd_bloom_filter_nohit 524 4 info ctd pktproc The number of no match for virus bloom filterctd_fwd_dns_record 93 0 info ctd pktproc DNS forward: number of dns records forwardedfpga_request 2844 26 info fpga offload The outstanding requests to FPGAaho_fpga 2844 26 info aho resource The total requests to FPGA for AHOaho_too_many_matches 6 0 info aho pktproc too many signature matches within one packetaho_sw 12 0 info aho pktproc The total usage of software for AHOctd_appid_reassign 37 0 info ctd pktproc appid was changedctd_decoder_reassign 3 0 info ctd pktproc decoder was changedctd_pkt_slowpath 2923 26 info ctd pktproc Packets processed by slowpathlog_traffic_cnt 68 0 info log system Number of traffic logsproxy_url_request_pkt_drop 8 0 drop proxy pktproc The number of packets get dropped because of waiting for url category request in ssl proxyurl_db_request 6 0 info url

pktproc Number of URL database requesturl_request_timeout 1 0 info url pktproc The url category request is timedouturl_request_pkt_drop 8 0 drop url pktproc The number of packets get dropped because of waiting for url category request--------------------------------------------------------------------------------Total counters shown: 57--------------------------------------------------------------------------------

drowell@palo-gla-1>

pktproc Number of URL database requesturl_request_timeout 1 0 info url pktproc The url category request is timedouturl_request_pkt_drop 8 0 drop url pktproc The number of packets get dropped because of waiting for url category request--------------------------------------------------------------------------------Total counters shown: 57--------------------------------------------------------------------------------

drowell@palo-gla-1>

Documents

Global counters (ssh log)