You can search for NSX Firewall rules in vRealize Network Insight.
| Search Query | Description |
|---|---|
VM where incoming rules.Source Any |
View rules with any source (can combine with a specific port). |
Firewall rule where action = allow and service any = true |
View firewall rules that allow any ports. |
Firewall Rule Masked Event |
View the list of unused firewall rules. |
New firewall rules in last 24 hours |
View the firewall rules created in the last 24 hours. |
New firewall rules in last 7 days |
View the firewall rules created in the last 7 days. |
New firewall rules in last 30 days |
View the firewall rules created in the last 30 days. |
Firewall rule where flow is not set |
View the list of all inactive firewall rules. |
Flow group by firewall rule |
View the count of flows hitting each firewall rule. |
Security group where Indirect Incoming Rules is not set and Indirect Outgoing Rules is not set and Direct Incoming Rules is not set and Direct Outgoing Rules is not set |
View the security group that is not used. |
Ipset where Indirect Incoming Rules is not set and Indirect Outgoing Rules is not set and Direct Incoming Rules is not set and Direct Outgoing Rules is not set |
View the IPSet that is not used. |
Flow where rule id in (1011, 1012, 1013) |
Flows hitting a specific rule ID. |
Flow where application = app1 |
Flows hitting the application. |
-
Unused firewall rules
-
Firewall rule Masking rule event
