On This Page
Shadowed Rules Report
Overview
The Shadowed Rules report identifies redundant rules based on shadowing information, including contextual attribution between the shadowing and shadowed rules. It lists all the shadowed and shadowing rules for each selected device.
This report enables you to:
-
Eliminate unnecessary rules.
-
Focus efforts to achieve network policy health in key domains.
What Can I See Here?
General Information
In this section, you can see general information such as report ID, name, time, and devices for the selected domain.
Shadowed Rules per Device
For each device, this graph shows the number of shadowed rules.
Summary
This area shows the total number of shadowing and shadowed rules.
Fully Shadowed and Redundant Rules
This section shows the shadowed rules. Click this link 
to see the shadowing rules for any shadowed rule.
Create a Shadowed Rules Report
Prerequisites
-
In the Settings > General page, the administrator must configure the outgoing SMTP server and the remote repository.
Procedure
-
From the Create (
) menu, click Shadowed Rules.The Setup page for the report appears.
-
Complete the report fields:
-
General: Report name.
-
Domains and Devices: Select a domain and one or more devices or device groups.
-
Filters: Excludes rules based on filters. Select the check box and provide values for filter components.
A filter definition excludes rules according to the value of the following components:
Filter Component
Description
Example
Source/Destination Source and Destination an IP ( 1.1.1.1), subnet (1.1.1.0/24), oranyService Service tcp:80 Action
Comment Partial or full text from comments in the rule Production environment Tag name (Palo Alto only) Source/Desitnation Device Zone In a single filter definition, the filter components are logically joined using the AND operator. In this example, a rule will be excluded if it has
anyin the source and2.2.2.2in the destination.
You can create additional filter definitions. STRE treats the relation between filter definitions with an OR operator. In this example, a rule will be excluded if it has a source value of
1.1.1.1or destination value of2.2.2.2.
-
Export Report:
-
Email: Specify the recipients for notification emails. Press Tab or Enter to separate multiple email addresses.
The email message contains a link to the report in STRE. Reports can be generated as PDF or CSV files, and you can select either option or both (if enabled) to include in the email as an attachment. If the report file is larger than 4 MB, the attachment is compressed as a
.zipfile. -
Remote Repository: STRE can export reports using SFTP. Specify the report format - PDF or CSV.
If the report finished successfully, you can verify that the new files appear in the Reports Folder path, in the remote repository, configured by your administrator (see Send Reports Using SFTP).
-
- Schedule: Configure the following:
- Repeats: Select the frequency by which the report should run. Options include Daily, Weekly, and Monthly.
- Days of the week: Select one or more days on which the report should run.
- Time: Indicate the time at which the report should run.
-
-
Click one of the following:
: Saves the report. The Saved menu lists all saved and scheduled reports.
: Runs the report. After a report runs, you can view the results in the Repo menu.
Available Report Formats
When viewing the report output, use the Export menu to save the report data.
You can save the data for this report as a CSV file or PDF output file.
-
The CSV export option is useful when you want to create your own reports based on the specific data from the report configuration.
-
When you select PDF, check the Export menu again for the PDF is ready status and click the link to view the PDF output. The PDF output has been redesigned and is now saved as a document file. The PDF output contains a maximum of 100 Shadowed rules and up to 50 Shadowing rules for each Shadowed rule. The CSV output includes all shadowing rules.
