Strata Logging Service
New Features in Strata Logging Service
Table of Contents
Expand All
|
Collapse All
New Features in Strata Logging Service
Strata Logging Service
Here are the new features in
Strata Logging Service
.Welcome to
Strata Logging Service
! Strata Logging Service
allows you to
centralize the collection and storage of logs generated by apps on the cloud services
portal and your on-premise, public, and private cloud firewalls, and the GlobalProtect
cloud service. The cloud-based logging infrastructure is available in multiple regions. Strata Logging Service
seamlessly integrates with your existing Panorama. Once
configured, you can view all firewall logs from Panorama.These are all the new features introduced in
Strata Logging Service
. Cortex Data Lake is Now Strata Logging Service
April, 2024 Strata Logging Service is the new name for the cloud-based
logging infrastructure that was previously called Cortex Data
Lake. |
View Only Administrator User Role Support for Strata Logging Service
Strata Logging Service
April, 2024 In addition to these user roles, Strata Logging Service now supports View Only
Administrator role that provides read-only access to all
available system-wide functions in Strata Logging Service . |
New Region Support: Saudi Arabia
March, 2024 You can now host Strata Logging Service in Saudi Arabia
region. Refer to the region support
information before you set a host region when you activate Strata Logging Service . |
You can host . You
must also allow specific FQDNs or IP address range and TCP ports
for each region to send logs to and forward logs from
Strata Logging Service
in multiple regions. To comply with data
privacy regulations that require you to keep data within a specific region, you can
select it as a host region when you activate Strata Logging Service
Strata Logging Service
. In addition, depending on the platform you are using,
you must allow traffic from different sources to
connect to Strata Logging Service
successfully. Strata Logging Service
ensures data redundancy by storing your data in two different zones in the region
you choose. Therefore, in case of an outage, Strata Logging Service
will
failover to the secondary zone in an attempt to prevent interruption of service. If you want to use a third-party app to ingest your
Strata Logging Service
log data, ensure that the third-party app is supported in the same region as your
Strata Logging Service
instance. Otherwise, the third-party app will be
unable to access your data. Third-party apps are currently supported in only the
following regions:- United States - Americas
- United Kingdom
- Netherlands - Europe
- Japan
New Log Field Names
January, 2024 |
To simplify your logging experience, some log field names have changed. These
changes will affect how field names appear and how they are forwarded. To ensure a
smooth transition for your log forwarding profiles, we will continue to support the
old names for the near future. Fields will be forwarded with both the new names and
old names, so you can choose whether to leverage the new names or continue with your
current configurations.
Therefore, no action is required to maintain log
forwarding functionality.
References to logs that were forwarded
before these changes must use the old names.
Query Usability and Performance Enhancements in Explore
January, 2024 The enhancements in Explore include:
|
You can view and interact with logs stored in
Strata Logging Service
with Explore in Strata Logging Service
app and Log
Viewer in Strata Cloud Manager. A query field and time range preferences help you narrow
down the specific logs that are of interest to you. You can view the log details and
also export all log types to a compressed CSV file in GZ format. Log Viewer provides an
audit trail for system, configuration, and network events. Jump from a dashboard in Strata Cloud Manager to your logs
to get details in Log Viewer and investigate findings. Forward Past Logs With Log Replay
January, 2024 |
You can now forward past-dated logs (up to the past 3 days from the current date)
from
Strata Logging Service
to your preferred syslog, HTTPS, or email servers
with log replay profiles. You can use this
option to retrieve old logs in case of connection failures or outages at the
destination server. To create the log replay profile, you clone the parameters from
your preferred existing log forwarding profile and provide the date range for which
you want to forward the logs.New Region Support: Korea, Israel, Indonesia, and United States Government
(High)
November, 2023 You can now host Strata Logging Service in Korea, Israel,
Indonesia, and United States Government (FedRAMP high) regions.
Refer to the region support
information before you set a host region when you activate Strata Logging Service . |
You can host . You
must also allow specific FQDNs or IP address range and TCP ports
for each region to send logs to and forward logs from
Strata Logging Service
in multiple regions. To comply with data
privacy regulations that require you to keep data within a specific region, you can
select it as a host region when you activate Strata Logging Service
Strata Logging Service
. In addition, depending on the platform you are using,
you must allow traffic from different sources to
connect to Strata Logging Service
successfully. Strata Logging Service
ensures data redundancy by storing your data in two different zones in the region
you choose. Therefore, in case of an outage, Strata Logging Service
will
failover to the secondary zone in an attempt to prevent interruption of service. If you want to use a third-party app to ingest your
Strata Logging Service
log data, ensure that the third-party app is supported in the same region as your
Strata Logging Service
instance. Otherwise, the third-party app will be
unable to access your data. Third-party apps are currently supported in only the
following regions:- United States - Americas
- United Kingdom
- Netherlands - Europe
- Japan
Remote Browser Isolation Logging
November, 2023 You can view Remote Browser Isolation logs in Explore and Log Viewer. See the Schema Reference
for more information about the log fields. |
Browser and web-based attacks are continuously evolving, resulting in security
challenges for many enterprises. Web browsers, being a major entry point for malware
to penetrate networks, pose a significant security risk to enterprises, prompting
the increasing need to protect networks and devices from zero day attacks. Highly
regulated industries, such as government and financial institutions, also require
browser traffic isolation as a mandatory compliance requirement.
While most enterprises want to block 100% of attacks by using network security and
endpoint security methods, such a goal might not be realistic. Most attacks start
with the compromise of an endpoint that connects to malicious or compromised sites
or by opening malicious content from those sites. An attacker only needs one miss to
take over an endpoint and compromise the network. When this happens, the
consequences of that compromise and the impact to your organization can be
damaging.
Remote Browser Isolation (RBI) creates a no-code
execution isolation environment for a user's local browser, so that no website code
and files are executed on their local browser. Unlike other isolation solutions, RBI
uses next-generation isolation technologies to deliver near-native experiences for
users accessing websites without compromising on security.
RBI is a service that isolates and transfers all browsing activity away from the
user's managed devices and corporate networks to an outside entity such as Prisma
Access, which secures and isolates potentially malicious code and content within
their platform. Natively integrated with Prisma Access, RBI allows you to apply
isolation profiles easily to existing security policies. Isolation profiles can
restrict many user controls such as copy and paste actions, keyboard inputs, and
sharing options like file uploading, downloading, and printing files to keep
sensitive data and information secure. All traffic in isolation undergoes analysis
and threat prevention provided by Cloud-Delivered Security Services (CDSS) such as
Advanced Threat Prevention, Advanced WildFire, Advanced URL Filtering, DNS Security,
and SaaS Security.
Query Usability Enhancements
September 15, 2023 |
You can now use enhanced filtering and viewing capabilities to
search and view relevant logs easily. The enhancements include:
- Search in the query builder shows autosuggestions most relevant to the search string.
- Search in the query builder shows autosuggestions most relevant to the search string.
- The query builder suggests all the supported values for the field to build the query.
- Search field names using substrings (for example, search with the string ‘user’ returns suggestions such as source_user, destination_user).
- Search for a field based on the display name in the log table and not just the actual field name in the log record. You can create a query using both field names.
- Press Shift + Enter to start a new line in the query builder, and press Enter to submit a query.
All Previous New Features
Feature | Description |
---|---|
Dynamic Sizing for Cloud NGFW for
AWS August 2023 | To simplify storage allocation for your Cloud NGFW for AWS
resources, Strata Logging Service now automatically
scales your total allocated storage according to your Cloud NGFW
usage. As traffic throughput increases on the Cloud NGFW
resources, so does your available storage so that you don’t need
to worry about making manual adjustments for Strata Logging Service to save your log data. |
HTTPS Log Forwarding to
Exabeam August 2023 | Strata Logging Service now supports forwarding logs to Exabeam
using HTTPS, so if you use Exabeam as your SIEM, you
can now seamlessly ingest firewall data from Strata Logging Service for a more complete picture of
your network activity. |
Log Forwarding Java 11
Upgrade August 2023 | For more up-to-date and secure authentication, Log Forwarding now
uses Java 11. Please review the updated list of trusted
certificates to ensure your log receiver has the
correct certificates installed. |
Poland Regional Support July
2023 | To comply with data privacy regulations that require you to keep
data within Poland, you can now select it as a host region when you
activate Strata Logging Service . |
Cloud NGFW for Strata Logging Service Inventory Page
UpdateJuly 2023 | Strata Logging Service now displays key metrics for
your Cloud NGFWs to help you better monitor
ingestion rate, storage usage, and connection status for your
deployment. |
New Log Field for Cloud NGFW
Resources July 2023 | Strata Logging Service has a new log field
(log_source_group_id) that identifies the Cloud NGFW resource to
which your Cloud NGFWs belong. With this field, you can perform
Explore/Log Viewer queries to zero in on logs generated by a
specific Cloud NGFW resource. |
Audit Logs for Cisco Meraki Integration with Prisma
Access May 2023 | To monitor the operation of your Prisma Access integration with
Meraki SD-WAN , you can now view and query
Audit logs stored in Strata Logging Service using Explore in the
Strata Logging Service app or Log Viewer in other
apps. These logs provide context for every Meraki configuration
change executed through the Prisma Access integration, including
such information as date and time of the change, the admin who
performed it, and any errors or warnings encountered. |
China Regional Support April
2023 | To comply with data privacy regulations that require you to keep
data within China, you can now select it as a host region when you
activate Strata Logging Service . |
France Regional
Support February 2023 | To comply with data privacy regulations that require you to keep
data within France, you can now select it as a host region when you
activate Strata Logging Service . |
Strata Logging Service Alerts in
AIOps for NGFW December
2022 | You can now view alerts about your Strata Logging Service instance within AIOps for NGFW .
These alerts enable you to stay aware of the latest service
availability, log storage, and connection issues affecting your Strata Logging Service instance, providing you with the
context and recommendations necessary to take the appropriate
actions against them. |
Spain Regional
Support November 2022 | To comply with data privacy regulations that require you to keep
data within Spain, you can now select it as a host region when
you activate .Strata Logging Service |
Italy Regional
Support November 2022 | To comply with data privacy regulations that require you to keep
data within Italy, you can now select it as a host region when
you activate .Strata Logging Service |
Multiple Panorama
Support November 2022 | You can now add up to 20 Panorama
appliances to a single Strata Logging Service instance. This
simplifies licensing and monitoring by consolidating all of your
data in one Strata Logging Service instance. That way, Palo Alto Networks
security applications that analyze Strata Logging Service data, such as
Cortex XDR, IoT Security, and SaaS Security Inline, can provide you
with more centralized results. |
Switzerland Regional
Support November 2022 | To comply with data privacy regulations that require you to keep
data within Switzerland regional boundaries, you can now select
Switzerland as a host region when you activate .Strata Logging Service |
Log Forwarding API Access for
MSSPs September 2022 | To help you manage log forwarding profiles
at scale, Log Forwarding APIs are
now available for managed security service providers. |
HTTPS Log Forwarding to Google
Chronicle August 2022 | Strata Logging Service now supports forwarding logs to Google
Chronicle using HTTPS, so if you use Chronicle as
your SIEM, you can now seamlessly ingest firewall data from
Strata Logging Service for a more complete
picture of your network activity. |
Field Name Updates for GlobalProtect
CEF Logs August 2022 | For an output that is more consistent with other log types, we’ve
updated the following field names for GlobalProtect logs sent from
(CEF):
|
DNS Security Logging June
2022 | You can now send DNS Security logs to
Strata Logging Service to facilitate triage, prioritization, and
response to security incidents involving DNS. This enables you
to view DNS Security logs in Explore to assess the details of a
particular log and perform queries for further
investigation.Strata Logging Service ,
you must have a DNS Security subscription on your firewalls, and you
must configure log retention
for DNS Security logs.The Strata Logging Service Estimator does not yet
support DNS Security logs, so you must calculate log
storage manually. The average size of a DNS
Security log is approximately 833 bytes. |
Subnet Search in Explore May
2022 | In Explore, You can now
use the = or !=
operators to match IPv4 and IPv6 addresses and subnets that use
CIDR notation. This allows you to speed up your investigations
by quickly narrowing them down to logs from a section of your
network.For example, this search identifies all logs with the
specified IPv4 address range in the source address field: src_ip.value =
"192.168.30.51/24" Similarly, this search identifies all logs that do not
have the specified IPv4 address range in the destination address
field: dst_ip.value !=
“172.10.10.10/24” |
HTTPS Forwarding to Microsoft
Sentinel March 2022 | Strata Logging Service now supports forwarding logs through
HTTPS to Microsoft Sentinel. |
Forwarding for GlobalProtect Troubleshooting
Logs March 2022 | To provide a more complete picture of your GlobalProtect
application behavior to external logging solutions, you can now
forward GlobalProtect Troubleshooting
logs from Strata Logging Service . |
License Information
Widget February 2022 | On the Dashboard, you can
now
|
Additional Hardware Models for Strata Logging Service EstimatorJanuary
2022 | To help you more accurately estimate the
amount of storage you will need, the Strata Logging Service
now supports the following hardware models:
|
Deployment
Monitoring December 2021 | The Strata Logging Service app now features a
dashboard that enables you to view whether your devices are still
sending logs to Strata Logging Service as well as view finer details about
log transmission, such as storage, latency, ingestion, and log
forwarding status. |
Client Authentication Using
Certificates December 2021 | You can now use certificates to
authenticate the log forwarding endpoint that is sending logs to
your Syslog and HTTPS servers. This enables you to comply with any
company or regulatory policy that may require client
authentication. |
Independent Log Forwarding
Profiles November 2021 | Log forwarding profiles that send logs to different destinations
now work independently from each other, so if one destination
disconnects and stops ingesting logs, the other destinations
will remain connected and will continue sending logs to these
destinations. If you are a managed security service provider overseeing the
syslog streams for multiple customers, this feature will ensure
that a problem with one stream will not affect the others. Also, if you manage multiple syslog sinks for different purposes,
such as SOC investigation, network troubleshooting, and audit
and compliance this feature helps you maintain consistent
service in the event that one sink goes down. |
Easy Activation September
2021 | Strata Logging Service now features a simplified activation
flow to help you get up and running with the product
quickly and easily. After you purchase a Strata Logging Service
license, you now receive an email with a link that takes you to
a step-by-step process for activating your product. |
India Regional Support August
2021 | To comply with data privacy regulations that require you to keep
data within India regional boundaries, you can now select India
as a host region when you activate .Strata Logging Service |
Saved and Shared Filters August 2021 | You can now save log queries and
share them with other users. Save log queries to avoid
re-entering long, complex, or frequently used queries each time
you want to see a particular set of logs. Share queries to
quickly present the logs to a team member, support technician,
or anyone whom you want to see them. |
Saved Log Viewer Profiles August 2021 | In the log viewer, you can now create profiles that save
preferences so that you can quickly change to a set
of preferences for a particular use case or user. These preferences include the Cloud Identity Engine (CIE) tenant,
the time zone in which logs appear, and the columns you’ve
chosen to display as well as their order. |
Query Builder Enhancements July 2021 | The character limit for queries has increased to 4096, and
queries now wrap to the next line when the field is filled. This
enables you to form longer queries and view their contents at a
glance. |
Time Zone Selection July 2021 | You can now choose to view logs in different time zones. This
helps you correlate logs generated by different products that
may use a different time zone from the timezone of your
browser. |
Millisecond-Level Queries July 2021 | You can now create queries with the
time_generated_high_res field
equal_to a time in milliseconds. This
enables you to correlate logs with events from other systems at
a millisecond level. |
Default User Preferences July 2021 | You can now restore preferences, such as column order and time
zone, to the preferences set when you first started the app.
This enables you to quickly undo any changes you’ve made if you
are no longer satisfied with your preferences. |
Log Viewer Admin Role July
2021 | Strata Logging Service now has a new role that only
grants permission to view the Explore tab
and export log data. If one of your users only needs to view
logs, this enables you to maintain a good security posture by
only granting them the permissions they need. |
Germany Regional Support July
2021 | To comply with data privacy regulations that require you to keep
data within German regional boundaries, you can now select
Germany as a host region when you activate .Strata Logging Service |
Filter Query Parentheses Support June 2021 | The log viewer filter now supports parentheses to determine the
order in which it evaluates terms in queries so you can
more precisely identify the logs you’re looking for. |
Firewall Data Retention Toggle June 2021 | For better control over your log data, you can now disable log retention for
each of your firewalls from the
Inventory tab in the Strata Logging Service
app. To do this, set Store Log Data
to Off for the firewalls whose data you
do not want to retain. |
Device Certificate for Strata Logging Service June
2021 | ( PAN-OS 10.1 or later ) To reduce the number of
certificates you need to install and manage to connect to Palo
Alto Networks cloud services, you can now authenticate to Strata Logging Service using a device certificate.
This enables you to authenticate to Strata Logging Service using the same certificate that you would use to connect to
Cortex XDR, IoT Security, and Enterprise Data Loss
Prevention.Devices using a device certificate follow a new process to
onboard to Strata Logging Service . Make sure to follow the onboarding
process appropriate for your PAN-OS version and deployment
style. |
Self-Signed Certificate
Support April 2021 | You can now get started forwarding logs from Strata Logging Service
more quickly, easily, and cost-effectively by using a
self-signed certificate to authenticate your syslog or HTTPS
receiver. After installing the certificate on your receiver, you
can upload the private CA or self-signed certificate as part of
your syslog or HTTPS forwarding
profiles. |
Log Forwarding Certificate Validation
Enhancement March 2021 | To ensure your log data arrives safely to its intended
destination, Strata Logging Service now more rigorously inspects the validity of
server certificates. |
Log Forwarding Connection
Check March 2021 | To help you verify that you can connect to the syslog server to
which you want to forward logs, Strata Logging Service Log Forwarding
now features a Test Connection button in
Syslog and HTTPS profile configuration. When you click this
button, you will see that the connection either succeeded or
failed and why. |
HTTPS Log Forwarding March
2021 | For compatibility with services that receive events through
HTTPS, such as Splunk HTTP Event Collector (HEC), Strata Logging Service now supports forwarding logs through
HTTPS. |
Common Event Format (CEF) Support March 2021 | Enabling you to forward logs to Microfocus ArcSight Enterprise
Security Manager, Strata Logging Service now supports CEF as an option
when you select the log format for a syslog forwarding
profile. |
No Data Retention March 2021 | For better control over your log data, Strata Logging Service now does
not retain logs at all if you set log storage
Quota or Max Retention
Days to 0 in Storage Configuration Quota is greater than 0 and
Max Retention Days is not set to
0. |
Related Log Events February 2021 | Certain network logs—Traffic, Threat, URL, File—now show you the
other events logged during the same session. Without leaving the context of the
log you’re interested in, you can see the sequence of
related events for the session. Related logs are displayed
chronologically, top to bottom—the log with the earliest
timestamp is listed first. Select a related log to investigate the details for that
event. |
Log Format Updates February 2021 To take advantage of these features, you must edit and
resubmit your log forwarding profiles. | New Log Fields —To support the
transport of richer data about your network traffic, Strata Logging Service now processes new log fields from
PAN-OS: device group (DG) hierarchy and secure web gateway (SWG)
fields. The DG hierarchy field helps you identify which firewall
Device Group generated a
log, and SWG fields provide more detailed user Authentication
information. |
New Email Log Format —For better consistency across log
outputs, the log fields in email log forwarding now more closely
resemble other supported formats, such as LEEF and the format
used in Explore . This does not affect email forwarding
profiles that were migrated from an older version of Log
Forwarding . | |
Log Field Modification —For better consistency with other
log fields, the ProfileToken field
now has the first letter capitalized. If you reference this
field in automation scripts, ensure that it reads
ProfileToken . | |
Log Forwarding Filter Updates February 2021 To take advantage of these features, you must edit and
resubmit your log forwarding profiles. | Editable Migrated Filters —You now have the flexibility to
modify the queries in log forwarding filters that you may have
retained from an earlier version of the Log Forwarding app.Migrated filters will not tell you if a query that you
entered is valid. To validate a query, create a new filter
and test it there. When you determine the query works, then
paste it into the migrated filter. |
Filter Deletion Confirmation —To prevent you from
accidentally deleting log forwarding filters, filter deletion is
now a two-step process. | |
In-App Device Connection
Management January 2021 | For smoother device onboarding, you can now view a list of your available
Panorama and firewall devices and generate onboarding
keys for them within the app. |
Redesigned UI January
2021 | To provide a more consistent experience across Palo Alto Networks
platforms, Strata Logging Service now features a new user interface
that you may recognize from products such as Prisma Access. |
Explore Integration January
2021 | Instead of switching to a different app,
you can now search, filter, and export
logs directly within the Strata Logging Service app. Select
Explore in the app’s new sidebar to get
started. |
Australia Regional
Support December 2020 | To comply with data privacy regulations
that require you to keep data within Australian regional boundaries,
you can now select Australia as a host region when you activate .Strata Logging Service |
Log Forwarding
Integration November 2020 | You can now forward logs from within
the Strata Logging Service app, enabling you to conveniently manage
onboarding, storage, and log transmission in a single application.
In moving to the Strata Logging Service app, the log forwarding interface
now has a new, simplified design that makes it easier to begin
configuring Syslog and email profiles to forward
your Strata Logging Service log data. |
Log Filter Query
Support November 2020 | When creating your log forwarding
profiles in Strata Logging Service , you can now use the same
query language from
Explore to define precise log filters based on time,
device serial number, IP address, and more. |
LEEF Format Support for IBM
QRadar November 2020 | You can now forward logs in Log Extended
Event Format (LEEF) for use with IBM QRadar SIEM. |
Combined Log Types November
2020 | To simplify the list of available log types for log forwarding,
the tunnel log type now includes
GTP logs, and
Threat logs now include
WildFire logs.Because log forwarding profiles can only include one filter per
log type, if you had a log forwarding profile with a log filter
for both of the formerly separate log types, you will now see a
new log forwarding profile. This profile contains the log filter
that could not be duplicated in the original profile. For example, a log forwarding profile with filters for both
tunnel and
GTP logs now appears as two
profiles, each with a tunnel
filter. One of the profiles will continue filtering
tunnel logs and the other will
filter GTP logs, which are now
included in tunnel logs. The new profile will be called
< or, in the case of
original name > -
GTPThreat and
WildFire ,
< .original name > -
WildFire |
Non-Editable Log Forwarding
Filters November 2020 | Some log filters created in the previous Log Forwarding app can
no longer be edited. If you would like to change such filters,
you must delete them and create new ones. Because some fields in the migrated filters are no longer
available, you may not be able to recreate an identical
filter if you delete it. |
Scheduled Reports for Strata Logging Service November 2020 | ( PAN-OS 10.0.2 or later and Cloud Services plugin 1.8.0 or
later ) From Panorama, you can now generate scheduled
reports on Strata Logging Service data. |
Japan Regional
Support September 2020 | To comply with data privacy regulations
that require you to keep data within Japanese regional boundaries,
you can now select Japan as a host region when you activate .Strata Logging Service |
Canada Regional Support July
2020 | To comply with data privacy regulations
that require you to keep data within Canadian regional boundaries,
you can now select Canada as a host region when you activate .Strata Logging Service To choose Canada as your host region, select Canada at
activation. The Americas region represents the United
States only. |
Proxy Support July
2020 | ( PAN-OS 10.0 or later ) You can now configure the
firewall to forward logs to Strata Logging Service through a proxy
server. This enables you to send log data to Strata Logging Service
from a network without a default gateway. |
UK and Singapore Regional
Support July 2020 | For compliance with regulations that require you to keep data
within regional boundaries, you can now select the UK or
Singapore as a host region when you activate .Strata Logging Service |
Quota Manager
Enhancements June 2020 | The quota manager now features a detailed breakdown of firewall
log types and a simpler method of allocating remaining storage
to help you more easily manage your . Instead of a single Detailed log type, the quota manager now
displays the firewall log types
individually. The Infrastructure & Audit log type now
appears as System and Config logs. To allocate all remaining storage to one or more log types, you
can now leave the quota percentage of log types blank and the
quota manager will automatically assign them the unallocated
space. |
New Quota Manager UI April
2020 | To help you more easily allocate log storage
and visualize the data you're storing in Strata Logging Service , the
Strata Logging Service app now features a completely redesigned quota
manager. The quota manager now visually displays your total storage
capacity as a bar, with color-coded segments representing
different log sources so you can instantly identify how much
storage a service uses and adjust if necessary. |
New Minimum PAN-OS Version for Strata Logging Service Without PanoramaMarch
2020 | To authenticate using the new G2 certificate chain, firewalls
that you want to onboard to must now run PAN-OS 9.0.6 or
later. |
Strata Logging Service Without
PanoramaJuly 2019 | Until PAN-OS 9.0.3, Panorama was required to onboard firewalls to
Strata Logging Service , and to view logs stored in
Strata Logging Service . Now, firewalls running PAN-OS
9.0.3 and later can securely connect and log to Strata Logging Service , without Panorama. The new app,
Explore, allows you to see and interact with the log data stored
in Strata Logging Service . |
New App-ID for Palo Alto Networks Shared
Services May 2019 | For better application visibility and control, you now have a new
App-ID for paloalto-shared-services, in addition to the App-ID
for the palo-alto-logging-service. The paloalto-shared-services
App-ID identifies traffic for any shared services that are used
by Palo Alto Networks including Directory Sync Service, Logging
Service, and Magnifier; any paloalto-shared-services traffic
that was earlier identified as ssl, web-browsing will now be
identified as paloalto-shared-services. If you have a Palo Alto Networks next-generation firewall between
the Panorama appliance and the internet, you must add a security policy rule on the firewall
to allow the paloalto-logging-service and
paloalto-shared-services App-IDs from the Panorama appliance to
the internet. These applications allow SSL-secured communication
to the Strata Logging Service that the Panorama appliance uses to
query logs, and enable communication to the shared services and
the Strata Logging Service for performing certificate status and
revocation checks. |
Connection Status Reporting
Improvements September 2018 | To help with visibility on the status and connectivity to the Strata Logging Service , the Cloud Services plugin 1.2
provides details on the connection status between Panorama and
the Strata Logging Service . On Panorama Cloud Services Status Status Strata Logging Service instance is deployed, and
confirm that the Panorama appliance is connected to the Logging
Service. If any of these checks fail, the Status is reported as
an error. |
New App-ID for Palo Alto Networks Shared
Services September 2018 | For better application visbility and control, you now have a new
App-ID for paloalto-shared-services, in addition to the App-ID
for the palo-alto-logging-service. The paloalto-shared-services
App-ID identifies traffic for any shared services that are used
by Palo Alto Networks including Directory Sync Service, Logging
Service, and Magnifier; any paloalto-shared-services traffic
that was earlier identified as ssl, web-browsing will now be
identified as paloalto-shared-services. If you have a Palo Alto Networks next-generation firewall between
the Panorama appliance and the internet, you must add a security policy rule on the firewall
to allow the paloalto-logging-service and
paloalto-shared-services App-IDs from the Panorama appliance to
the internet. These applications allow SSL-secured communication
to the Strata Logging Service that the Panorama appliance uses to
query logs, and enable communication to the shared services and
the Strata Logging Service for performing certificate status and
revocation checks. |
Expand Log Storage Capacity for Traps
Logs April 2018 | You can now activate Auth code from
the cloud services portal to upgrade the Traps Included Storage
of 100GB to a Strata Logging Service Strata Logging Service license with larger
storage capacity. |
Log Quota Management on the hub March
2018 | Starting March 19, 2018, you must use the cloud services portal
to manage the log quota for logs stored on the Strata Logging Service .Log in to the cloud services portal using your Customer Support
Portal credentials, and then refer to the Logging Service
Getting Started Guide for instructions on activating licenses
and deploying this service. |