Prisma AIRS
Prisma AIRS API Scan Logs
Table of Contents
Prisma AIRS API Scan Logs
View the Prisma AIRS AI Runtime: API intercept scan
logs.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
This page summarizes the API threat logs detected by the Prisma AIRS AI Runtime: APIs.
Before you begin, onboard Prisma AIRS AI Runtime:
API intercept in Strata Cloud Manager to add your
application, generate an API key, and create a security profile.
To view the PPrisma AIRS AI Runtime: API intercept threat
logs.
- Log in to Strata Cloud Manager.Navigate to .
![]()
In the API Scan Log page, you can:- View the number of text records, API calls made, and threats detected.
- See the scan logs organized into Benign and threat categories.
- Get details on the Scan ID, API Key, Profile ID, Profile Name, Application Name, Model Name, Report ID, prompt detection types (request or response), verdict, and the corresponding action taken.
- Customize the columns displayed in Settings.
- Choose the Past 24 Hours drop-down at the top right to filter the logs by your desired time.
Also see the section on Manage Applications, API Keys, Security Profiles, and Custom Topics.Configure Session URL in API Logs
To configure the Session URL in API Logs feature, you must ensure that your Prisma AIRS environment is correctly forwarding logs to your SIEM via the Strata Logging Service. The feature works by automatically appending a session_URL field to the standard API log schema.- Log in to Strata Cloud Manager.Navigate to Verify that you see the AIRS AI Runtime Security API log type.Select Firewall/AI Security.Ensure Strata Logging Service log forwarding is enabled. This is typically done while associating your deployment profile with a Tenant Service Group (TSG).Strata Logging Service generates the AI security logs when AI security threats are detected between AI applications and AI models. These logs include detailed threat snippet identification and reporting and provide in-depth threat information and reports for different protection types such as AI model protection, AI application protection, and AI data protection. For more information, see Threat Logs and AI Security Logs.To receive logs containing the session_URL in your SIEM:
- Create a Log Forwarding Profile: In SCM, specify the log type (Prisma AIRS API) and the destination (your SIEM's IP/URL).Select attributes. While the session_URL is a mandatory field in the new schema, ensure your SIEM is configured to parse this new String field from the incoming JSON or Syslog stream.When you configure log forwarding to a SIEM, Prisma AIRS automatically enriches the standard API scan log with the session_URL field. Below is a representation of how this appears in the JSON structure of a log entry sent to your SIEM:{ "timestamp": "2025-10-01T14:10:45Z", "scan_id": "[scan ID]", "app_name": "SmartSync", "verdict": "Block", "threat_type": "Prompt Injection", "severity": "Critical", "model_name": "GPT-5", "user_ip": "[IP address]", "session_URL": "https://stratacloudmanager.paloaltonetworks.com/ai-runtime/sessions/[session-number]" }The log includes standard metadata alongside the new mandatory field.There are a few key fields in the log output related to the session URL:
- scan_id: A unique identifier for the specific atomic API call that was scanned.
- session_URL: The new String field containing the direct link to the full conversation context in Strata Cloud Manager (SCM).
- verdict: Indicates the action taken (e.g., Block), which identifies this entry as a violation.
Rate Limiting
API Rate Limiting for AI Runtime Security's Scan API controls the volume and frequency of API requests made by individual tenants. This mechanism enforces per-tenant limits on both the number of requests and the volume of tokens processed, ensuring equitable resource distribution and service stability in your environment. Without rate limiting, a single tenant could consume excessive API capacity, degrading service quality for other tenants sharing the same infrastructure. This feature mitigates that risk by enforcing limits derived from your tenant's subscription, preventing "noisy neighbor" issues and ensuring fair resource allocation.Per-tenant limits have an allocated cap on requests-per-second (RPS) and tokens-per-minute consumed by the AI Runtime API. By default, for each tenant, rate limits of 150 RPS and 15 million tokens per minute are enforced. Contact your Palo Alto Networks account team to request additional allocated throughput.To ensure service stability, requests that arrive in short bursts may be throttled even if the overall rate limit has not been reached. Palo Alto Networks recommends distributing requests evenly over time for best results.How it WorksThe AI Runtime Security API Rate Limiting feature introduces a systematic mechanism to enforce per-tenant limits on Scan API usage to ensure service stability and fair resource distribution. Currently, the system lacks enforcement, allowing single tenants to potentially degrade service for others. This solution addresses that by:- Automated Scaling: Automatically calculating Request Rate (RPS) and Volume (TPM) limits based on a tenant’s monthly billion token subscription.
- Precision Control: Utilizing an Apigee gateway layer to enforce limits at the Auth Code level, with built-in "floor" bounds to ensure even small tenants maintain a minimum viable service level.
- Operational Flexibility: Providing operators with the ability to manually override limits or tune specific parameters (like peak factors and burst allowances) for customers with unique traffic profiles.
- Safe Rollout: Implementing a phased "Shadow Mode" approach to observe real-world traffic patterns before moving to gradual, cohort-based enforcement.
The auto-calculation formula is designed to translate a tenant's subscription into concrete technical limits (RPS and TPM) while accounting for traffic spikes and data density.
