您可以在 vRealize Network Insight 中搜索 NSX 防火墙规则。
| 搜索查询 | 描述 |
|---|---|
VM where incoming rules.Source Any |
查看具有任何源的规则(可以与特定端口组合)。 |
Firewall rule where action = allow and service any = true |
查看允许任何端口的防火墙规则。 |
Firewall Rule Masked Alert |
查看未使用的防火墙规则的列表。 |
New firewall rules in last 24 hours |
查看过去 24 小时内创建的防火墙规则。 |
New firewall rules in last 7 days |
查看过去 7 天内创建的防火墙规则。 |
New firewall rules in last 30 days |
查看过去 30 天内创建的防火墙规则。 |
Firewall rule where flow is not set |
查看非活动防火墙规则的列表。 |
Flow group by firewall rule |
查看命中每个防火墙规则的流计数。 |
Security group where Indirect Incoming Rules is not set and Indirect Outgoing Rules is not set and Direct Incoming Rules is not set and Direct Outgoing Rules is not set |
查看未使用的安全组。 |
Ipset where Indirect Incoming Rules is not set and Indirect Outgoing Rules is not set and Direct Incoming Rules is not set and Direct Outgoing Rules is not set |
查看未使用的 IPSet。 |
Flow where rule id in (1011, 1012, 1013) |
命中特定规则 ID 的流。 |
Flow where application = app1 |
命中应用程序的流。 |
-
未使用的防火墙规则
-
防火墙规则屏蔽规则警示
