>
    Strata Copilot
    Create Custom Reports Based on Threat Categories
    Focus
    Download PDF
    Focus
    1. Home
    2. Advanced Threat Prevention Powered by Precision AI®
    3. Monitor Advanced Threat Prevention
    4. Create Custom Reports Based on Threat Categories
    Download PDF
    Advanced Threat Prevention Powered by Precision AI®

    Create Custom Reports Based on Threat Categories

    Table of Contents

    Create Custom Reports Based on Threat Categories

    Create on-demand custom reports to analyze specific firewall data. Tailor your reports to track the key attributes and security metrics most important to your organization.
    Where Can I Use This?What Do I Need?
    • Prisma Access (Managed by Panorama or Strata Cloud Manager)
    • NGFW (Managed by Panorama or Strata Cloud Manager)
    • VM-Series
    • CN-Series
    • Advanced Threat Prevention (for enhanced feature support) or Threat Prevention License
    Custom reports allow you to extract specific, actionable intelligence from your firewall logs by filtering for the exact attributes and metrics relevant to your organization. Rather than sifting through standard datasets, you can define unique report parameters—such as specific application usage, high-risk user behavior, or targeted threat categories—to streamline your auditing and compliance workflows.
    To maximize operational efficiency, these reports can be generated on-demand for immediate troubleshooting or scheduled to run automatically (for example, every night). Scheduling ensures that critical data is ready for review at the start of each business day, providing a consistent snapshot of network health and security trends without manual intervention.
    • Create custom reports based on threat categories to receive information about specific types of threats that the firewall has detected.
      1. Select MonitorManage Custom reports to add a new custom report or modify an existing one.
      2. Choose the Database to use as the source for the custom report—in this case, select Threat from either of the two types of database sources, summary databases and Detailed logs. Summary database data is condensed to allow a faster response time when generating reports. Detailed logs take longer to generate but provide an itemized and complete set of data for each log entry.
      3. In the Query Builder, add a report filter with the Attribute Threat Category and in the Value field, select a threat category on which to base your report.
      4. To test the new report settings, click Run Now.
      5. Click OK to save the report.

    © 2026 Palo Alto Networks, Inc. All rights reserved.