Monitor: Threat Logs and AI Security Logs

Table of Contents

AI Agent Security for Low-Code/No-Code Platforms

Monitor: Threat Logs and AI Security Logs

Monitor the AI traffic flow between the user applications and AI models.

Where Can I Use This?	What Do I Need?
Prisma AIRS	Deploy AI Runtime Security: Network intercept

This section shows how to view and interpret threat logs and AI security logs for different protection types. The Log Viewer provides a single, unified interface for viewing both network-based and API-based AI security events.

Prisma AIRS allows you to detect and alert on malicious traffic through various protection mechanisms. The detailed logs offer enhanced visibility by correlating threats with cloud assets discovered in the Strata Cloud Manager command center, enabling a more comprehensive and informed security approach.

Licensing Capacity Limit: Limited to processing up to 10K AI transactions per day per vCPU of AI network intercept.

Prisma AIRS AI Runtime Security: API Logs

You can view the scan API logs forwarded by Strata Logging Service. Ensure to enable the Strata Logging Service logs forwarding while associating your deployment profile with a tenant service group (TSG).

Log in to Strata Cloud Manager.
Select Incidents and Alerts→ Log Viewer.
Select the Prisma AIRS/AI Runtime Security API log type.

Threat Logs and AI Security Logs

Select the log types as Firewall/Threat logs or Firewall/AI Security, depending on your use of Strata Logging Service for log forwarding.
To view a detailed AI security report for Panorama managed Prisma AIRS AI Runtime: Network intercept, see the threat logs page in the Panorama documentation.

Without Strata Logging Service - Threat Logs

View security threat logs without Strata Logging Service.

Where Can I Use This?	What Do I Need?
AI Threat Logs Inspection in Strata Cloud Manager	Deploy Prisma AIRS AI Runtime Firewall for Panorama Managed Firewall

For comprehensive threat detection and analysis with Panorama, you should use Firewall/Threat logs with subtype ai-security when not using Strata Logging Service.

Log in to Strata Cloud Manager.
Navigate to Incidents and Alerts→ Log Viewer.

Select Firewall/Threat logs with subtype "ai-security".

The logs provide the following information:

Panorama supports “Threat” logs with the subtype ‘ai-security' to log threats triggered by the AI security profile.
The ' Threat Category ' column identifies specific Prisma AIRS AI Runtime: Network intercept threat types.
Enhanced threat details include Threat IDs, which uniquely combine the threat category and model name (for example, “AI Prompt Injection: GCP - Gemini 1.5 Flash”). See the threat category types table below for more information about the specific Threat IDs, descriptions, and severities.
Advanced filtering capabilities enable you to analyze specific threat types or combinations of threats and models.
This log type is recommended for Panorama-managed firewalls or when you don’t want to forward the logs to Strata Logging Service.

Threat Category Types

The table below provides details on the various threat categories, when they are triggered, and their respective severities:

Threat CategoryIssue ID	Description	Severity	Threat ID: Name	Example Threat ID
ai-prompt-injection	Prompt injection detection	Medium	AI Prompt Injection: <Model Name>	AI Prompt Injection: GCP - Gemini 1.5 Pro
ai-url-security	URL category triggered with action Alert or Block	Low	AI URL Security: <Model Name>	AI URL Security: GCP - Gemini 1.5 Pro
ai-data-leakage	Sensitive data detected by DLP	Dependent on configurations	AI Data Leakage: <Model Name>	AI Data Leakage: GCP - Gemini 1.5 Pro
ai-model-access-control	Traffic blocked due to model access control setting	Low	AI Model Access Control: <Model Name>	AI Model Access Control: GCP - Gemini 1.5 Pro
ai-latency-block	Traffic blocked due to max latency setting	Low	AI Latency Block: <Model Name>	AI Latency Block: GCP - Gemini 1.5 Pro
ai-database-security-<query type>	Database query detected with action Alert or Block Query Type: Read, Create, Update, Delete	Read: Low Create: Medium Update: Medium Delete: High	AI Database Security <query type>: <Model Name>	AI Database Security Read: GCP - Gemini 1.5 Pro AI Database Security Create: GCP - Gemini 1.5 Pro AI Database Security Update: GCP - Gemini 1.5 Pro AI Database Security Delete: GCP - Gemini 1.5 Pro

With Strata Logging Service - AI Security Logs

View AI security logs with Strata Logging Service.

Where Can I Use This?	What Do I Need?
AI Security Logs Inspection in Strata Cloud Manager	Deploy Prisma AIRS AI Runtime Firewall for Panorama Managed Firewall

To ensure proper AI security monitoring and analysis, you should use Firewall/AI Security logs for detailed AI-specific threat information when using the Strata Logging Service. These logs provide more detailed information than standard threat logs.

Strata Logging Service excludes Protected Model Traffic data for deployments in Germany, the Netherlands, and Australia at this time.

Log in to Strata Cloud Manager.
Navigate to Incidents and Alerts→ Log Viewer.
Select Firewall/AI Security.
- Strata Logging Service generates the AI security logs when AI security threats are detected between AI applications and AI models.
- Includes detailed threat snippet identification and reporting.
- Provide in-depth threat information and reports for different protection types such as AI model protection, AI application protection, and AI data protection.
  
  Create an AI security profile and attach a model group with specific protections to monitor traffic between your AI models, AI applications, and AI data, and detect threats.
- This log type is recommended for platforms with Strata Logging Service for log forwarding, and if you want detailed AI-specific threat information.
A log is generated for each AI security threat detected between an AI application and model. The logs are generated for prompt injections, sensitive data leakage, malicious URLs detected, and AI-generated database queries.

Traffic Details

Traffic Details: Click on a log to view traffic logs showing general information about Prisma AIRS AI Runtime: Network intercept. The traffic details logs include:

The AI model name, AI model CSP region name, AI incident type, AI incident subtype, AI security profile name, and an incident report ID for troubleshooting.
The logs also include the session ID, source, and destination details.

The AI security threats are categorized into AI incident types and subtypes:

Incident Type	Incident Subtype	Incident Subtype Details
ai-model-protection	prompt-injection	NA
ai-app-protection	url-security	URL categories detected
ai-data-protection	data-rule database-security	Data Rule: Name of DLP profile triggered Database Security: type of database query detected (Create, Read, Update, or Delete)
model-denied		N/A
latency-block		N/A

AI Security Report

AI Security Report: The AI Security Report tab provides detailed information on the AI traffic and specific AI threat logs. It includes threat snippet identification and reporting. The Prisma AIRS platform supports asynchronous identification of particular content snippets that trigger security detectors.

Each report includes a unique report ID to help debug logs.

Model Protection:
The model protection report displays logs for any detected prompt injection threats. The prompt injection snippet (at most 1000 characters) helps identify the trigger and can include multiple snippets for complex payloads.
Application Protection:
The application protection report shows URL categories and the specific URLs in the payload that triggered these categories
Data Protection
The data protection report lists DLP data patterns that were triggered and the masked content that caused each pattern to trigger. These logs are categorized based on low, medium, and high-severity alerts. The data protection report includes two main components:
- Matched Data Patterns (DLP):
  - Shows matched Data Loss Prevention (DLP) data patterns that were triggered.
  - Display specific snippets of content matching DLP data patterns. Content is stored and masked based on Manage → Data Loss Prevention → Settings → Sensitive Data configuration.
  - Data pattern matches are categorized based on low, medium, and high Confidence Level.
- Database Security:
  - Shows content containing flagged AI-generated SQL database queries.
  - If multiple SQL queries are detected in the model response, the report shows up to 10 SQL queries (with each query limited to 1,000 characters). The queries are prioritized in the following order: Delete, Update, Create, and Read actions.