Inventory

Manage the devices connected to Cortex Data Lake from the Inventory tab.
From the
Inventory
page, you can view a list of Panorama, firewalls, and Prisma Access tenants onboarded to your Cortex Data Lake instance.
The list does not show the mapping of a Panorama to its managed firewalls.

Panorama

Generate OTP
to create the one-time password used to onboard Panorama-managed firewalls to your Cortex Data Lake instance.
Panorama uses this OTP to install the logging service certificate. For Panorama 10.1 or later, go to the Customer Support Portal to get the OTP for installing the device certificate.
Name
The name given to the Panorama when it was registered in the Customer Support Portal. If it was not named, then the name appears as
Panorama
.
Model
The model of the Panorama
Serial Number
The unique serial number of the Panorama
PAN-OS Version
The version of PAN-OS that the Panorama is running
Last Contact Time
The last time that the Panorama communicated with Cortex Data Lake, either to query logs or fetch reports
Certificate Status
Whether the Panorama has the certificate necessary to connect to Cortex Data Lake. Hover over the certificate status to see which certificate the Panorama is using to connect to Cortex Data Lake: logging service certificate or device certificate.
  • Needs Certificate
    —The certificate is not installed. This device is not connected to Cortex Data Lake.
  • Activated
    —This device has the certificate necessary to connect to Cortex Data Lake
  • Expired
    —The certificate has expired. The device is unable to connect to Cortex Data Lake until you renew the certificate.
  • Expiring in 7 Days
    —The certificate will expire in 7 days. Renew the certificate as soon as possible to remain connected to Cortex Data Lake
You can only have one Panorama (or high availability pair) associated with your instance at a time.

Firewalls

Check
only show firewalls that are storing logs
to hide the firewalls that send data to Cortex Data Lake only for ingestion and further streaming to other Palo Alto Networks applications.
Generate PSK
to create the pre-shared key used to onboard a firewall running PAN-OS 10.0 or earlier to your Cortex Data Lake instance.
Above the firewalls table, you can see the number of firewalls with each connection status.
Select the chart icon ( ) on any table row to view a chart of the incoming log rate and connectivity history for the firewall:
Name
The name given to the firewall when it was registered in the Customer Support Portal. If it was not named, then the name appears as
Firewall
.
Model
The model of the firewall
Serial Number
The unique serial number of the firewall
PAN-OS Version
The version of PAN-OS that the firewall is running
Managed By Panorama
Whether a firewall is managed by Panorama or is unmanaged
Connection Status
Whether the firewall is connected to Cortex Data Lake. This can have four different values:
  • Connected
    —The firewall has an active channel through which it is sending session logs to Cortex Data Lake.
  • Partially Connected
    —The firewall does not have an active channel through which it is sending session logs to Cortex Data Lake. However, it is sending Enhanced Application logs on a second channel.
  • Disconnected
    —The firewall does not have an active channel through which to send sessions logs to Cortex Data Lake, and it is not sending Enhanced Application Logs.
  • Need Certificate
    —The firewall does not have the certificate to connect to Cortex Data Lake
Ingestion Rate
The rate, in logs per second, at which the firewall is sending logs to Cortex Data Lake
Storage Used
The amount of your Cortex Data Lake storage capacity that a firewall is using at this point in time
Apps Using Log Data
All apps that consume data from the firewall
Store Log Data
Choose whether Cortex Data Lake stores firewall data or only ingests it.
  • On
    —Cortex Data Lake will store the log data.
  • Off
    —Cortex Data will only ingest the log data.
If this switch is toggled
On
and greyed out, this means that the IoT Security package to which you’re subscribed requires that you store log data.
You can set log retention policy for your entire Cortex Data Lake instance from
Storage
Configuration
.
Last Contact Time
The last time that the device communicated with Cortex Data Lake, either to send logs or to report telemetry
Certificate Status
Whether the firewall has the certificate necessary to connect to Cortex Data Lake. Hover over the certificate status to see which certificate the Panorama is using to connect to Cortex Data Lake: logging service certificate or device certificate
  • Needs Certificate
    —The certificate is not installed. This device is not connected to Cortex Data Lake.
  • Activated
    —This device has the certificate necessary to connect to Cortex Data Lake
  • Expired
    —The certificate has expired. The device is unable to connect to Cortex Data Lake until you renew the certificate.
  • Expiring in 7 Days
    —The certificate will expire in 7 days. Renew the certificate as soon as possible to remain connected to Cortex Data Lake

Recommended For You