Strata Cloud Manager
Device Telemetry for AIOps for NGFW
Table of Contents
Device Telemetry for AIOps for NGFW
Learn about how AIOps for NGFW uses PAN-OS
device telemetry.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
One of these:
|
AIOps for NGFW helps you monitor the health of your firewalls by
analyzing data sent from your PAN-OS devices to the Strata Logging Service.
To start, you need to enable device telemetry on your firewalls.
Once enabled, they'll send raw telemetry data at fixed intervals. Strata Logging Service then processes this data, allowing AIOps for NGFW to provide you with device status, visualizations, and alerts. Onboard your devices to begin sending device
telemetry to AIOps for NGFW
Beginning with PAN-OS 11.2.8, 12.1.2, and later releases, the telemetry auto-enablement feature configures
telemetry to be enabled by default on your devices. Upon onboarding a new device
(Panorama or firewall), telemetry is automatically enabled with settings centrally
controlled through Strata Cloud Manager. This centralized approach ensures consistent
telemetry settings across your entire environment. Metrics are automatically streamed to
your data residency region, eliminating the need for manual configuration.
Enable Telemetry on Devices
Follow the steps below to use AIOps for NGFW with your PAN-OS devices.
If your outbound traffic passes through a proxy, ensure that you have allowed the
Domains Required for AIOps for NGFW.
You need to onboard Panorama on AIOps for NGFW if you are onboarding
Panorama-managed deployments.
- Confirm the device is registered in the Customer Support Portal by logging in to support.paloaltonetworks.com, switch to your account (if necessary), and identify your device in .
- Install a device certificate on the devices you want to onboard.
- Enable telemetry sharing on the devices.After you onboard the devices and enable telemetry, it takes around couple of hours for the first set of insights to be visible on the AIOps for NGFW dashboard. The process of generating and sending telemetry on the device's side is done in batches, with each metric being sampled and collected at a frequency optimized for the use-cases the metric is used for. This batch process can result in a delay between onboarding the firewall and the availability of insights. It might take several hours for all insights associated with a newly onboarded device to appear on the AIOps for NGFW dashboard.