Cortex Data Lake for Panorama-Managed Firewalls

A Panorama virtual appliance or hardware-based Panorama appliance running a supported PAN-OS version.
A Panorama device management license.
A supported version of the Cloud Services plugin. This plugin is required if you’re using Prisma Access. The following workflow shows how to download the latest plugin version and install it on Panorama.
Next-generation firewalls with a valid support license that are managed by Panorama and that are running a supported PAN-OS version.
A Cortex Data Lake license(in addition to the device management license for Panorama). When you license Cortex Data Lake, all firewalls registered to your support account receive a Cortex Data Lake license. You can then use Panorama templates and device groups to configure the firewalls to forward logs to Cortex Data Lake.
The Cortex Data Lake license provisions the service in one theater or region only. If you want the firewalls that belong to one template to send logs to one theater and the firewalls that belong to another template to send logs to a different theater, you need two Panorama appliances and two Cortex Data Lake licenses.
Consider that a Panorama™appliance or firewall running PAN-OS
®
9.1 and earlier versions cannot connect to Cortex Data Lake from behind a proxy (Cortex Data Lake requires mutual authentication).

Activate Cortex Data Lake (Panorama-Managed)and
Forward Logs to Cortex Data Lake (Panorama-Managed).