Dashboard
The Cortex Data Lake dashboard contains widgets that
help you monitor log storage and ingestion.
The Dashboard gives you the latest status
of your Cortex Data Lake instance. It displays several widgets that
report on various metrics that you can use to assess the health
of the instance.
Widget | Description |
|---|---|
Connection Status | Displays the number of firewalls associated
with your Cortex Data Lake tenant and identifies them with each
of the following statuses:
Click on any of these
statuses to view the relevant firewalls on the Inventory page.Below
the connection statuses, you can see whether a Panorama is associated with
your Cortex Data Lake instance. You can also see how many
firewalls in your customer support account are available for onboarding.
Clicking the text launches firewall onboarding.  |
Forwarding Log Rate | Provides a graph of the logs that Cortex
Data Lake is forwarding to an external solution. The graph shows
the current (avg over the last 5 mins) forwarding log rate for the
tenant, how that rate varies from the average over time, and the
trend of the log rate over time. You can choose a time period
of 24 hours, 7 days, or 30 days.  |
Forwarding Log Table | Displays the logs that Cortex Data Lake
is forwarding to external destinations, organized by destination.
|
Incoming Log Rate | Provides a graph of the logs that Cortex
Data Lake is ingesting. The graph shows the current (average over
the last 5 minutes) incoming log rate for the tenant, how that rate
varies from the average over time, and the trend of the log rate
over time. You can choose a time period of 24 hours, 7 days,
or 30 days. If you have enabled enhanced application logging on
any firewalls or Prisma Access, the incoming log rate will include that
as well.  |
Incoming Log Table | Displays the logs that Cortex Data Lake
is receiving from connected devices, organized by log type. You
can Search for specific information in the
table as well as select a time range of Last 24 Hours , Last
7 Days , or Last 30 Days .
|
License Information |
 |
Log Forwarding Status | Provides the status of the different log
forwarding profiles that you have configured to stream logs from
Cortex Data Lake to external sources like syslog servers or SIEMs.
A log forwarding profile can have the following states:
 |
Latency | Displays the latency both for ingestion
and log forwarding. Ingestion latency is the time between
when a log is generated on the firewall or Prisma Access to when
it becomes available in Cortex Data Lake for querying. Log
Forwarding latency is the time between when the log is generated
on the firewall or Prisma Access to when it becomes available in
Cortex Data Lake for log forwarding. The value presented here
is the P50, which means that Cortex Data Lake will receive 50% of
the logs with a lower latency. This widget presents the real-time
data for all logs received by Cortex Data Lake in the last five
minutes. This widget also provides a comparison of the real-time latency
with the average of the past 24 hours.  |
Service Availability | Provides the availability of the ingestion
and log forwarding components within Cortex Data Lake. This widget
shows real-time availability as well as hourly availability over
the last 24 hours. The components can have the following states:
 |
Storage | Shows the total amount of storage that you
have purchased for your Cortex Data Lake tenant and how much you
have used. Cortex Data Lake
retrieves this information in real-time, so it might differ from
the information shown in the , which
updates at a different interval.  |
