>
    Cluster Monitoring & Visibility in Panorama
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma AIRS
    3. Administration
    4. Hyperscale Security Fabric
    5. Cluster Monitoring & Visibility in Panorama
    Download PDF
    Prisma AIRS

    Cluster Monitoring & Visibility in Panorama

    Table of Contents

    Cluster Monitoring & Visibility in Panorama

    The cluster monitoring data is available on the monitoring-config.xml file, which is pushed from Panorama when the device connects.
    Where Can I Use This?What Do I Need?
    • Prisma AIRS
    • Software NGFW Credits
    • HSF subscription license
    Cluster Monitoring relies on device monitoring data transmitted from each device. This data is collected by the device based on the monitoring-config.xml file, which is pushed from Panorama when the device connects. Typically, each device sends its monitoring data every 5 minutes. This process is initiated by the configd on the firewall and received by the configd on the Panorama.
    You can view the Summary and Monitoring information of HSF under Firewall Clusters tab in the Panorama web interface.
    You must install the Clustering plugin 3.0.0 on Panorama from Device > Plugins to view the cluster details under the Firewall Clusters tab.
    The Firewall Clusters tab displays Summary View and Monitoring information of the HSF clusters:
    FieldDescription
    Cluster NameName of the firewall cluster.
    Cluster StateDisplays whether the cluster is impacted or not.
    Cluster TypeType of cluster.
    Software VersionThe PAN-OS version.
    Device NameName of the node.
    Node IDUnique Identifier of the node in a cluster.
    VM-HSF Clusters
    Includes details of the VM-HSF clusters.
    • Node Type - Displays if the node is an AI-Gateway node or VM-HSF firewall node.
    • Node Status - Displays the current status of the node - Online, Failed, or Unknown.
    • Last Commit State - Status of the last commit of the node. For example, Commit succeeded with warnings.
    Plugins Used On The ClusterList of plugins used on the cluster.
    Template StackName of the template stack associated with the cluster.
    Device GroupName of the device group associated with the cluster.
    Members AffectedNumber of impacted cluster members and their names.
    System Log DetailsDisplays the details of the system events.
    Specific ErrorList of specific errors in the cluster. Click the link to view more details about the error under Monitor > Logs > System where you can view logs.
    CPU CountNumber of CPUs used.
    Config Sync StatusDisplays if the cluster configuration is in Sync or Out of Sync.
    Cluster Creation TimeDisplays the date and time of the cluster creation.

    Monitoring

    • PanoramaFirewall ClustersMonitoring
    View the VM-HSF firewall cluster health information.
    FieldDescription
    Managed Software Cluster
    Select a firewall cluster.
    Impacted
    List of impacted firewall clusters.
    • VM-Clusters - The number of impacted VM-HSF firewall clusters.
    • Clusters List - Displays the list of clusters that are impacted.
    Click to view detailed information about the clusters in the Interconnect Status and Cluster Utilization dashboards.
    OK
    List of firewall clusters that are not impacted.
    • VM-Clusters - The number of VM-HSF firewall clusters that are not impacted.
    • Clusters List - Displays the list of clusters that are not impacted.
    Click to view detailed information about the clusters in the Interconnect Status and Cluster Utilization dashboards.
    Interconnect Status
    View the cluster interconnect details for a selected time frame. Select Last 5 Mins to view the following details.
    • Cluster Name - Name of the firewall cluster.
    • Cluster Type - The type of cluster.
    • Cluster State - Displays whether the cluster is impacted or not.
    • Current Cluster Detail - Click the current cluster state link to view more details about the impacted cluster.
    • VM-HSF Clusters
      • VM-Name - Name of the Cluster.
      • Node ID - Unique Identifier of the node in a cluster.
      • Node Type - Displays if the node is a VM-Gateway node or VM-HSF firewall node.
      • Node Status - Displays if the node is Online or Unknown.
      • Last Commit State - Status of the last commit of the node. For example, Commit succeeded with warnings.
    • Cluster Creation Time - The time of cluster creation.
    • Current Cluster Detail - Click the current cluster state link to view more details about the impacted cluster.
    • Cluster Interconnect State - Displays whether the cluster is impacted or not.
    • Current Cluster Detail - Click the current interconnect status link to view more details about the impacted cluster.
    • Traffic Interconnect - Status of traffic interconnectivity.
    • External Connection - Status of external connectivity.
    • Impacted Links - Number of impacted links.
    • Management Connectivity - Number of management connections.
    • Impacted Members - List of impacted cluster members.
    • Time Stamp Uptime - Uptime time stamp.
    • Time Stamp Downtime - Downtime time stamp. Selecting any other time frame displays the following information only.
      • Cluster Name - Name of the cluster.
      • Cluster Type - Type of cluster.
      • Cluster Creation Time - Displays the date and time of the cluster creation.
      • Current Cluster State - Displays the status of the cluster - OK or Impacted (when one of the node is not inline).
      • Cluster Interconnect State - Displays whether the cluster is impacted or not.
      • Traffic Interconnect - Status of traffic interconnectivity.
      • External Connection - Status of external connectivity.
    Cluster Utilization
    View the firewall cluster throughout, memory, and data utilization.
    • Cluster Name - Name of the firewall cluster.
    • Cluster Details - Click the cluster name link to view the throughput, memory, and data utilization details of the selected cluster.
    • Cluster Type - The type of cluster. Only VM-HSF firewall cluster types are supported.
    • Cluster State - Displays the health of the cluster.
    • Cluster Throughput - Firewall cluster throughput in Gbps.
    • CPS - Number of connections per second.
    • Session Count - Number of sessions.
    • VM-HSF Clusters
      • Session Utilization % - Displays the session utilization percentage.
      • AVG FW DP CPU % - Displays the DP-CPU utilization in the AI-DP node.
      • AVG GW DP CPU % - Displays the FW-CPU utilization in the AI-Gateway node.
      • Average Data Plane (%) Within Health Threshold - The average dataplane threshold in percentage.
      • MP CPU % - Management plane CPU utilization in percentage.
      • MPMem % - Management plane memory utilization in percentage.
      • Logging Rate (Log/Sec) - Rate at which the logs are being generated on the cluster.

    © 2025 Palo Alto Networks, Inc. All rights reserved.