Centralized monitoring of a GlobalProtect deployment is a critical administrative function required to enforce security policy, ensure connection reliability for remote users, and perform operational troubleshooting. This chapter details the procedures for using Palo Alto Networks platforms for effective GlobalProtect monitoring and provides guidance for resolving common issues.

By leveraging GlobalProtect logs, you can gain the visibility needed to monitor user activity, diagnose connection failures, audit endpoint compliance using Host Information Profile (HIP) data, and investigate security events

You can monitor the GlobalProtect using:

• Strata Logging Service: Provides a centralized, cloud-based logging solution for comprehensive visibility across your entire GlobalProtect deployment.
• PAN-OS GlobalProtect Logs: Allows for direct monitoring and analysis of GlobalProtect events from the local firewall or Panorama management interface.

This chapter also provides information about log collection, diagnostic, and troubleshooting guidance for resolving common issues encountered with the GlobalProtect app, portals, and gateways. You can learn how to interpret log files, diagnose authentication problems, resolve common app-side errors such as connection failures and also GlobalProtect portal and gateway issues.