To help you maintain the ongoing health of your devices and avoid business-disrupting incidents,

generates alerts based on one or more issues that it has detected with your firewall deployment. These issues, or events, are triggered in one of three ways:

An alert indicates a specific problem (degradation or loss of firewall functionality) that needs to be addressed. Alerts can also be generated based on correlation or aggregation across multiple events. This aggregation of events into a single alert helps triage, streamline alert hand-off between teams, centralize critical information, and reduce notification fatigue.

Alerts fall into different categories depending on the metric with which they are associated. You can use alert categories to specify the kinds of alerts for which you receive notifications:

Alert Category	Description
Hardware	Problems with the physical machinery of the device, such as fan or power supply issues.
Config limits	Configuration objects, such as security rules, profiles, and address groups, are reaching their limit and may prevent a commit on the device.
Resource limits	System resources, such as CPU, memory, and session information storage, are reaching their limit. Depending on the specific issue, this can slow system performance or network throughput.
Dynamic content	Security intelligence, such as WildFire signature packages, applications and threats content updates, and Anti-Virus signatures, are out of date. This can leave you vulnerable to newer threats.
PAN-OS & Subscriptions	The device has an operating system (OS) or subscription issue, such as approaching license expiration, OS end of life, or a known vulnerability.

From

Alerts

, you can view and manage all of the alerts generated for your deployment. In

Settings

Alert Notification Rules

, you can configure notification rules that specify when and how you would like to be notified when events trigger an alert.