Cortex Data Lake
    : Configure Panorama for Cortex Data Lake (10.0 or Earlier)
    Focus
    Download PDF
    Focus
    1. Home
    2. Security Operations
    3. Cortex Data Lake
    4. Cortex Data Lake
    5. Activate Cortex Data Lake
    6. Configure Panorama for Cortex Data Lake (10.0 or Earlier)
    Download PDF

    Cortex Data Lake

    Configure Panorama for Cortex Data Lake (10.0 or Earlier)

    Table of Contents

    Configure Panorama for Cortex Data Lake (10.0 or Earlier)

    Follow these steps to activate Cortex Data Lake for Panorama-managed firewalls running PAN-OS 10.0 or earlier.
    If you’re using Panorama™ to manage Prisma™ Access or on-premises firewalls, you have some preliminary steps to accomplish before you can activate Cortex Data Lake. These steps include downloading and installing the Cloud Services Plugin and generating a one-time password (OTP) in the Cortex Data Lake app.
    Because Panorama can provision the device certificate that firewalls require to securely connect to Cortex Data Lake, this gives you a way to onboard multiple firewalls to Cortex Data Lake simultaneously.
    If you are onboarding a Panorama in high availability mode (HA), follow the steps for configuring an HA Panorama with Prisma Access. Instead of the step where you install the Prisma access components on Panorama, follow the steps for activating Cortex Data Lake below.
    1. To set up Panorama, install the Panorama virtual appliance and perform initial configuration or set up an M-Series appliance.
      You must configure one or more DNS servers and an NTP server instead of setting the date and time manually so that Panorama can stay in sync with Cortex Data Lake.
      • To configure NTP, select
        Panorama
        Setup
        Services
        NTP
         and set a value for the
        NTP server
        . For example:
        pool.ntp.org
        .
      • To configure DNS servers, select
        Panorama
        Setup
        Services
         and enter a value for the primary and optionally for the secondary DNS servers.
      • (
        Optional, Panorama 10.0 and later versions
        ) To configure Panorama to connect to Cortex Data Lake through a proxy server, select
        Panorama
        Setup
        Services
        Settings ( )
         and
        Use proxy to send logs to Cortex Data Lake
        .
      1. Log in to the Customer Support Portal (CSP) and select
        Assets
        Devices
        Register New Device
        .
      2. Select
        Register device using Serial Number or Authorization Code
         and then
        Submit
        .
      3. Enter the Panorama Serial Number provided in the email you received with your order fulfillment along with the required Location Information (as indicated by the asterisks) and then
        Agree and Submit the EULA
        .
        After you see the registration complete message, close the Device Registration dialog.
      4. Find the Panorama instance you just registered and click the corresponding edit (Actions column).
      5. To activate the Support license, select
        Activate Auth-Code
         and then enter the Support Authorization Code you received in your email and then
        Agree and Submit
        .
    4. (
      Optional
      ) Onboard Panorama to your Cortex Data Lake instance.
      This is necessary only if you did not onboard Panorama as part of activation.
      1. Log in to the hub and open the Cortex Data Lake app to the instance to which you are onboarding.
      2. Select
        Inventory
        Panorama Appliances
        Add
        .
      3. Select
        Add
         and
        Next
        .
      4. Select the Panorama appliances you want to onboard and
        Submit
        .
    5. Verify the Quantity and Part Description of the Cortex Data Lake license (named Logging Service below) that you just activated.
    6. Retrieve the Cortex Data Lake and support license on Panorama.
      1. Select
        Panorama
        Licenses
         and
        Retrieve license keys from license server
        .
      2. Verify that you see the Cortex Data Lake license and the support license.
    7. Download and install the Cloud Services plugin.
      The way you download and install the plugin depends on whether you are using Panorama 8.0.6 or a later Panorama version.
      On Panorama 8.0.x:
      1. Log in to the Customer Support Portal and select
        Updates
        Software Updates
        .
      2. Find a supported Cloud Services plugin version in the Panorama Integration Plug In section and download it. Plugin 1.0 versions are no longer supported on any version of Panorama.
        Do not rename the plugin file or you will not be able to install it on Panorama.
      3. To install the plugin, log in to the Panorama web interface of the Panorama you selected when you licensed Prisma Access, select
        Panorama
        Plugins
        Upload
        , and
        Browse
         to the plugin
        File
         that you downloaded from the CSP.
      4. Install
         the plugin.
      On Panorama 8.1.0 and later versions:
      On Panorama 8.1 and later versions, you can either download the plugin from the CSP and then upload it to Panorama or you can check for plugin updates directly from Panorama as follows:
      1. Select
        Panorama
        Plugins
         and
        Check Now
         to display the latest Cloud Services plugin updates.
      2. Plugin 1.0 versions 1.0.x are no longer supported on any version of Panorama.
      3. After you downloading the plugin,
        Install
         it.
      Installing a newer version of the Cloud Services plugin overwrites the previously installed version. If you are installing the plugin for the first time, after you successfully install the plugin, Panorama will refresh and the Cloud Services menu will display on the
      Panorama
       tab.
    8. Generate an OTP from the Inventory in the Cortex Data Lake app and copy it to your clipboard.
      You have ten minutes to enter the OTP before it expires.
      1. Go back to Panorama and select
        Panorama
        Cloud Services
        Status
         to display the Verify Account dialog.
      2. Paste the OTP you just generated and
        Verify
         it.
        If
        Verify
         is disabled, check that you have configured both a DNS server and an NTP server (
        Panorama
        Setup
        Services
        ).
    9. Verify the connection status between Panorama and Cortex Data Lake.
      You can use the Panorama CLI or the Panorama web interface with the Cloud Services plugin to verify that the connection is successful.
      • Use the following CLI command:
        admin@Panorama> request plugins cloud_services logging-service status
        pass{"@status": "success", .....
      • Select
        Panorama
        Cloud Services
        Status
        Status
         and view
        details
         to verify that Panorama was able to successfully retrieve the Cortex Data Lake certificate, fetch the Customer Identification number and the region in which your Cortex Data Lake instance is deployed, and confirm that the Panorama appliance is connected to Cortex Data Lake (Logging Service below). If any of these checks fail, the Status is reported as an
        Error
        .
    10. On the hub, View Cortex Data Lake Status to verify that Cortex Data Lake is provisioned successfully.
    11. Allocate Storage Based on Log Type. Make sure to allocate log quota for each log type because there are no log quota allocation defaults.

    Recommended For You

    © 2023 Palo Alto Networks, Inc. All rights reserved.