Strata Logging Service
Panorama
Table of Contents
Expand All
|
Collapse All
Strata Logging Service Docs
-
-
- Forward Logs to a Syslog Server
- Forward Logs to an HTTPS Server
- Forward Logs to an Email Server
- Forward Logs to Amazon Security Lake
- Forward Logs to AWS S3 Bucket
- Forward Logs to Snowflake
- Create Log Filters
- Server Certificate Validation
- List of Trusted Certificates for Syslog and HTTPS Forwarding
- Log Forwarding Errors
- Forward Logs With Log Replay
Panorama
Onboard Panorama devices
The devices are not onboarded automatically while activating Panorama. Use the Strata Logging Service standalone app or Strata Cloud Manager to onboard
Panorama devices.
You can perform the following actions.
Add a Panorama Appliance
- Log in to hub and launch Strata Logging Service app.
- Select the Strata Logging Service instance to which you would like to move the devices.
- Click InventoryPanorama AppliancesManage Panorama Inventory.
- If you are using Strata Cloud Manager to manage Strata Logging Service, click Settings > Device Associations page to add devices to your Strata Logging Service instance.
- You must onboard Panorama devices with IoT enabled to Strata Logging Service through Device Associations page only and not from standalone app.
- In the Device Associations page, click Add Device.
- Select the device you want to onboard and save changes.
- In the Licensed Products selection column, select Strata Logging Service.
- Continue to associate product with devices:
- In the Device Association page, select Associate Products.
- In the Licensed Products selection column, select Strata Logging Service.
- Select the devices you want to associate with the product and save the changes.
Generate OTP
Click InventoryPanorama AppliancesGenerate OTP to create the one-time password used to onboard Panorama-managed
firewalls to your Strata Logging Service instance. Panorama uses this OTP
to install the logging service certificate. Alternatively, for Panorama 10.1 or
later, go to the Customer Support Portal to get the OTP for installing the
device certificate
You can Generate OTP and Add devices only in Standalone
Strata Logging Service app. When you select these options in Strata Cloud Manager, you will be automatically redirected to Strata Logging Service app.
Move a Panorama Appliance
To move a Panorama appliance to
another Strata Logging Service instance, ensure that the appliance:
- is running PAN-OS 10.0 or later
- has a device certificate installed
- is not managing Prisma Access
- has Cloud Services Plugin 2.2 or later installed
- HA configuration only has the serial number of its peer configured.
- Navigate to Strata Cloud ManagerSettingsDevice Associations.
- Select the device you want to disassociate from Strata Logging Service and other products.
- Click Remove Associations Remove product association and click Remove.
- Select the device you want to disassociate from the tenant.
- Click Remove Associations Remove tenant associationRemove.
View Onboarded Panorama Appliances
| Name | The name under which the Customer Support Portal
registered the Panorama. If unnamed, then the name appears as
Panorama. You can change this name
in the Customer Support Portal. |
| Model | The model of the Panorama |
| Serial Number | The unique serial number of the Panorama |
| PAN-OS Version | The version of PAN-OS that the Panorama is running |
| Last Contact Time | The last time that the Panorama communicated with Strata Logging Service to query logs. |
| Certificate Status | Whether the Panorama has the certificate
necessary to connect to Strata Logging Service. Hover
over the certificate status to see which certificate the
Panorama is using to connect to Strata Logging Service:
logging service certificate or device certificate.
You can have up to 20 Panorama devices associated with
your instance at a time. |