Dashboard
Table of Contents
Dashboard
The
Cortex
Data Lake
dashboard contains widgets that help you monitor
log storage and ingestion.The Dashboard gives you the latest status of your
Cortex
Data Lake
instance. It displays several widgets that report on various metrics that you can use to
assess the health of the instance.Widget | Description |
|---|---|
Connection Status | Displays the number of firewalls associated with your Cortex
Data Lake tenant
and identifies them with each of the following statuses:
Click on any of these
statuses to view the relevant firewalls on the Inventory page.Below
the connection statuses, you can see whether a Panorama is associated with
your Cortex
Data Lake instance. You can also see how many
firewalls in your customer support account are available for onboarding.
Clicking the text launches firewall onboarding.  |
Forwarding Log Rate | Provides a graph of the logs that Cortex
Data Lake is forwarding to an external
solution. The graph shows the current (avg over the last 5 mins)
forwarding log rate for the tenant, how that rate varies from the
average over time, and the trend of the log rate over time. You can choose a time period
of 24 hours, 7 days, or 30 days.  |
Forwarding Log Table | Displays the logs that Cortex
Data Lake
is forwarding to external destinations, organized by destination.
|
Incoming Log Rate | Provides a graph of the logs that Cortex
Data Lake is ingesting. The graph
shows the current (average over the last 5 minutes) incoming log
rate for the tenant, how that rate varies from the average over
time, and the trend of the log rate over time. You can choose a time period of 24 hours, 7 days,
or 30 days. If you have enabled enhanced application
logging on any firewalls or Prisma Access ,
the incoming log rate will include that as well. |
Incoming Log Table | Displays the logs that Cortex
Data Lake
is receiving from connected devices, organized by log type. You
can Search for specific information in the
table as well as select a time range of Last 24 Hours , Last
7 Days , or Last 30 Days .
|
License Information |
 |
Log Forwarding Status | Provides the status of the different log
forwarding profiles that you have configured to stream logs from
Cortex
Data Lake to external sources like syslog servers or SIEMs.
A log forwarding profile can have the following states:
 |
Latency | Displays the latency both for ingestion
and log forwarding. Ingestion latency is the time between when a log is generated on the firewall or Prisma Access to when it becomes available in Cortex
Data Lake for querying.Log Forwarding latency is the time between when the log is generated on the firewall or Prisma Access to when it becomes available in Cortex
Data Lake for log forwarding.The value presented here
is the P50, which means that Cortex
Data Lake will receive 50% of
the logs with a lower latency.This widget presents the real-time
data for all logs received by Cortex
Data Lake in the last five
minutes. This widget also provides a comparison of the real-time latency
with the average of the past 24 hours. |
Service Availability | Provides the availability of the ingestion
and log forwarding components within Cortex
Data Lake . This widget
shows real-time availability as well as hourly availability over
the last 24 hours. The components can have the following states:
 |
Storage | Shows the total amount of storage that you
have purchased for your Cortex
Data Lake tenant and how much you
have used.Cortex
Data Lake
retrieves this information in real-time, so it might differ from
the information shown in the , which
updates at a different interval. |