1. Home
    2. AIOps for NGFW
    3. Alerts
    4. What is an Alert?

    What is an Alert?

    Alerts expose potential issues with your next-generation firewall deployment.
    To help you maintain the ongoing health of your devices and avoid business-disrupting incidents,
    generates alerts based on one or more issues that it has detected with your firewall deployment. These issues, or events, are triggered in one of three ways:
    • When a metric changes significantly
    • When a previously generated event changes
    • When the user or system performs an action, such as acknowledging or closing an alert
    An alert indicates a specific problem (degradation or loss of firewall functionality) that needs to be addressed. Alerts can also be generated based on correlation or aggregation across multiple events. This aggregation of events into a single alert helps triage, streamline alert hand-off between teams, centralize critical information, and reduce notification fatigue.
    Alerts fall into different categories depending on the metric with which they are associated. You can use alert categories to specify the kinds of alerts for which you receive notifications:
    Alert Category
    Description
    Hardware
    Problems with the physical machinery of the device, such as fan or power supply issues.
    Config limits
    Configuration objects, such as security rules, profiles, and address groups, are reaching their limit and may prevent a commit on the device.
    Resource limits
    System resources, such as CPU, memory, and session information storage, are reaching their limit. Depending on the specific issue, this can slow system performance or network throughput.
    Dynamic content
    Security intelligence, such as WildFire signature packages, applications and threats content updates, and Anti-Virus signatures, are out of date. This can leave you vulnerable to newer threats.
    PAN-OS & Subscriptions
    The device has an operating system (OS) or subscription issue, such as approaching license expiration, OS end of life, or a known vulnerability.
    From
    Alerts
    , you can view and manage all of the alerts generated for your deployment. In
    Settings
    Alert Notification Rules
    , you can configure notification rules that specify when and how you would like to be notified when events trigger an alert.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo